diff --git a/Dockerfile b/Dockerfile index 079acabe..e62bb4f2 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,37 +1,12 @@ -#---------------------------------- -# Stage 1 -#---------------------------------- - -# Import docker image with maven installed -FROM maven:3.8.3-openjdk-17 as builder - -# Add maintainer, so that new user will understand who had written this Dockerfile -MAINTAINER Madhup Pandey - -# Add labels to the image to filter out if we have multiple application running -LABEL app=bankapp - -# Set working directory -WORKDIR /src - -# Copy source code from local to container -COPY . /src - -# Build application and skip test cases +#---------------------------------stage1----------------------------------------- +FROM maven:3.9.6-eclipse-temurin-17-alpine AS builder +WORKDIR /app +COPY . . RUN mvn clean install -DskipTests=true - -#-------------------------------------- -# Stage 2 -#-------------------------------------- - -# Import small size java image -FROM openjdk:17-alpine as deployer - -# Copy build from stage 1 (builder) -COPY --from=builder /src/target/*.jar /src/target/bankapp.jar - -# Expose application port -EXPOSE 8080 - -# Start the application -ENTRYPOINT ["java", "-jar", "/src/target/bankapp.jar"] + +#---------------------------------stage2----------------------------------------- +FROM openjdk:17-slim +WORKDIR /app +COPY --from=builder /app/target/*.jar /app/target/bank.jar +EXPOSE 8081 +CMD ["java","-jar","/app/target/bank.jar"] diff --git a/docker-compose.yml b/docker-compose.yml index 34642a09..4fb348a4 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -4,43 +4,34 @@ services: image: mysql:latest container_name: mysql environment: - - MYSQL_ROOT_PASSWORD=Test@123 - - MYSQL_DATABASE=BankDB + MYSQL_ROOT_PASSWORD: Test@123 + MYSQL_DATABASE: bankappdb + ports: + - "3306:3306" volumes: - bankapp-volume:/var/lib/mysql networks: - bankapp - healthcheck: - test: ["CMD", "mysqladmin", "ping", "-h", "localhost"] - interval: 10s - timeout: 5s - retries: 3 - start_period: 30s + mainapp: - image: ${DUSER}/${IMAGE} - container_name: Bankapp + image: bankapp:latest + container_name: "Bankapp" environment: - - SPRING_DATASOURCE_USERNAME=root - - SPRING_DATASOURCE_URL=jdbc:mysql://mysql:3306/BankDB?useSSL=false&allowPublicKeyRetrieval=true&serverTimezone=UTC - - SPRING_DATASOURCE_PASSWORD=Test@123 + SPRING_DATASOURCE_USERNAME: root + SPRING_DATASOURCE_URL: jdbc:mysql://mysql:3306/bankappdb?useSSL=false&allowPublicKeyRetrieval=true&serverTimezone=UTC + SPRING_DATASOURCE_PASSWORD: Test@123 ports: - "8080:8080" depends_on: - mysql: - condition: service_healthy + - mysql networks: - bankapp restart: always - healthcheck: - test: ["CMD-SHELL", "curl -f http://localhost:8080/actuator/health || exit 1"] - interval: 10s - timeout: 5s - retries: 5 - start_period: 30s + networks: bankapp: volumes: - bankapp-volume: \ No newline at end of file + bankapp-volume: diff --git a/kube/Namespace.yml b/kube/Namespace.yml new file mode 100644 index 00000000..7c039a5d --- /dev/null +++ b/kube/Namespace.yml @@ -0,0 +1,4 @@ +kind: Namespace +apiVersion: v1 +metadata: + name: bank diff --git a/kube/bank-deployement.yml b/kube/bank-deployement.yml new file mode 100644 index 00000000..dfc5228d --- /dev/null +++ b/kube/bank-deployement.yml @@ -0,0 +1,38 @@ +kind: Deployment +apiVersion: apps/v1 +metadata: + name: bank-deployment + namespace: bank + labels: + app: app +spec: + replicas: 3 + selector: + matchLabels: + app: app + template: + metadata: + labels: + app: app + spec: + containers: + - name: bank-cont + image: swayamnakshane/mybank:latest + ports: + - containerPort: 8081 + env: + - name: SPRING_DATASOURCE_USERNAME + valueFrom: + configMapKeyRef: + name: bank-configmap + key: SPRING_DATASOURCE_USERNAME + - name: SPRING_DATASOURCE_URL + valueFrom: + configMapKeyRef: + name: bank-configmap + key: SPRING_DATASOURCE_URL + - name: SPRING_DATASOURCE_PASSWORD + valueFrom: + secretKeyRef: + name: bank-secret + key: SPRING_DATASOURCE_PASSWORD diff --git a/kube/bank-service.yml b/kube/bank-service.yml new file mode 100644 index 00000000..c5412982 --- /dev/null +++ b/kube/bank-service.yml @@ -0,0 +1,16 @@ +kind: Service +apiVersion: v1 +metadata: + name: bank-svc + namespace: bank + labels: + app: app +spec: + type: NodePort + selector: + app: app + ports: + - protocol: TCP + targetPort: 8080 + port: 8081 + nodePort: 30080 diff --git a/kube/config.yml b/kube/config.yml new file mode 100644 index 00000000..6bb30c37 --- /dev/null +++ b/kube/config.yml @@ -0,0 +1,10 @@ +kind: Cluster +apiVersion: kind.x-k8s.io/v1alpha4 +nodes: +- role: control-plane + image: kindest/node:v1.31.2 +- role: worker + image: kindest/node:v1.31.2 +- role: worker + image: kindest/node:v1.31.2 + diff --git a/kube/configmap.yml b/kube/configmap.yml new file mode 100644 index 00000000..c6e76bc5 --- /dev/null +++ b/kube/configmap.yml @@ -0,0 +1,9 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: bank-configmap + namespace: bank +data: + MYSQL_DATABASE: bankappdb + SPRING_DATASOURCE_USERNAME: root + SPRING_DATASOURCE_URL: jdbc:mysql://mysql:3306/bankappdb?useSSL=false&allowPublicKeyRetrieval=true&serverTimezone=UTC diff --git a/kube/mysql-deployment.yml b/kube/mysql-deployment.yml new file mode 100644 index 00000000..2e9c067f --- /dev/null +++ b/kube/mysql-deployment.yml @@ -0,0 +1,50 @@ +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: mysql-deployment + namespace: bank + labels: + app: bankapp +spec: + serviceName: mysql + replicas: 2 + selector: + matchLabels: + app: bankapp + template: + metadata: + labels: + app: bankapp + spec: + containers: + - name: mysql + image: mysql:latest + ports: + - containerPort: 3306 + env: + - name: MYSQL_ROOT_PASSWORD + valueFrom: + secretKeyRef: + name: bank-secret + key: MYSQL_ROOT_PASSWORD + - name: MYSQL_DATABASE + valueFrom: + configMapKeyRef: + name: bank-configmap + key: MYSQL_DATABASE + volumeMounts: + - name: mysql + mountPath: /var/lib/mysql + + volumeClaimTemplates: + - metadata: + name: mysql + labels: + app: bankapp + spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 5Gi + diff --git a/kube/mysql-service.yml b/kube/mysql-service.yml new file mode 100644 index 00000000..24186fc0 --- /dev/null +++ b/kube/mysql-service.yml @@ -0,0 +1,17 @@ +apiVersion: v1 +kind: Service +metadata: + name: mysql + namespace: bank + labels: + app: bankapp + +spec: + clusterIP: None + selector: + app: bankapp + ports: + - protocol: TCP + port: 3306 + targetPort: 3306 + diff --git a/kube/persistentvolume.yml b/kube/persistentvolume.yml new file mode 100644 index 00000000..03ea4745 --- /dev/null +++ b/kube/persistentvolume.yml @@ -0,0 +1,16 @@ +apiVersion: v1 +kind: PersistentVolume +metadata: + name: mysql-pv + namespace: bank + labels: + app: bankapp +spec: + storageClassName: standard + capacity: + storage: 5Gi + accessModes: + - ReadWriteOnce + hostPath: + path: "/mnt/data/mysql" + diff --git a/kubernetes/persistent-volume-claim.yaml b/kube/persistentvolumeclaim.yml similarity index 72% rename from kubernetes/persistent-volume-claim.yaml rename to kube/persistentvolumeclaim.yml index ff23dbd1..63b73cab 100644 --- a/kubernetes/persistent-volume-claim.yaml +++ b/kube/persistentvolumeclaim.yml @@ -2,11 +2,14 @@ apiVersion: v1 kind: PersistentVolumeClaim metadata: name: mysql-pvc - namespace: bankapp-namespace + namespace: bank + labels: + app: bankapp spec: + storageClassName: standard accessModes: - ReadWriteOnce resources: requests: - storage: 10Gi - storageClassName: standard + storage: 5Gi + diff --git a/kube/secret.yml b/kube/secret.yml new file mode 100644 index 00000000..3d282e4e --- /dev/null +++ b/kube/secret.yml @@ -0,0 +1,9 @@ +apiVersion: v1 +kind: Secret +metadata: + name: bank-secret + namespace: bank +type: opaque +data: + MYSQL_ROOT_PASSWORD: VGVzdEAxMjM= + SPRING_DATASOURCE_PASSWORD: VGVzdEAxMjM= diff --git a/kubernetes/README.md b/kubernetes/README.md deleted file mode 100644 index 4db1d8b8..00000000 --- a/kubernetes/README.md +++ /dev/null @@ -1,245 +0,0 @@ -# End-to-End Setup for Deploying Applications with ArgoCD and EKS - -This README provides a complete step-by-step guide with all the commands required to set up ArgoCD on an AWS EKS cluster, deploy your applications, and configure GitOps. - ---- - -## **1. Create an EKS Cluster** - -### **Create the Cluster Without a Node Group** -```bash -eksctl create cluster --name=bankapp \ - --region=ap-south-1 \ - --version=1.31 \ - --without-nodegroup -``` - -### **Associate IAM OIDC Provider** -```bash -eksctl utils associate-iam-oidc-provider \ - --region ap-south-1 \ - --cluster bankapp \ - --approve -``` - -### **Create a Node Group** -```bash -eksctl create nodegroup --cluster=bankapp \ - --region=ap-south-1 \ - --name=bankapp \ - --node-type=t2.medium \ - --nodes=2 \ - --nodes-min=2 \ - --nodes-max=2 \ - --node-volume-size=29 \ - --ssh-access \ - --ssh-public-key=k8s-in-one-shot -``` - ---- - -## **2. Deploy ArgoCD** - -### **Create the ArgoCD Namespace** -```bash -kubectl create namespace argocd -``` - -### **Install ArgoCD Using Official Manifests** -```bash -kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml -``` - -### **Verify ArgoCD Pods** -```bash -watch kubectl get pods -n argocd -``` - -### **Install ArgoCD CLI** -```bash -curl --silent --location -o /usr/local/bin/argocd https://github.com/argoproj/argo-cd/releases/download/v2.4.7/argocd-linux-amd64 -chmod +x /usr/local/bin/argocd -argocd version -``` - -### **Change ArgoCD Server Service Type to NodePort** -```bash -kubectl patch svc argocd-server -n argocd -p '{"spec": {"type": "NodePort"}}' -``` - -### **Verify the NodePort Service** -```bash -kubectl get svc -n argocd -``` - -### **Expose the Port on Security Groups** -- In the AWS Console, update the security group for your EKS worker nodes to allow inbound traffic on the NodePort assigned to the `argocd-server` service. - -### **Access the ArgoCD Web UI** -- Open your browser and navigate to: - ``` - http://: - ``` - ---- - -## **3. Configure ArgoCD for EKS** - -### **Login to ArgoCD Using CLI** -```bash -argocd login : --username admin -``` - -### **Retrieve the Default Admin Password** -```bash -kubectl get secret argocd-initial-admin-secret -n argocd -o jsonpath="{.data.password}" | base64 -d -``` - -### **Check Available Clusters in ArgoCD** -```bash -argocd cluster list -``` - -### **Get the EKS Cluster Context** -```bash -kubectl config get-contexts -``` - -### **Add EKS Cluster to ArgoCD** -```bash -argocd cluster add --name bankapp-eks-cluster -``` -- Replace `` with your EKS cluster context name (e.g., `Madhup@bankapp.us-west-1.eksctl.io`). - ---- - -## **4. Deploy Applications Using ArgoCD** - -### **Prepare Kubernetes Manifests in a Git Repository** -- Organize your manifests (e.g., `namespace.yaml`, `deployment.yaml`, `service.yaml`) in a Git repository. - -### **Create an Application in ArgoCD** -```bash -argocd app create bankapp \ - --repo \ - --path \ - --dest-server https://kubernetes.default.svc \ - --dest-namespace bankapp-namespace -``` - -### **Sync the Application** -```bash -argocd app sync bankapp -``` - -### **Monitor Application Status** -```bash -argocd app list -``` - ---- - -## **5. Deploy NGINX Ingress Controller** - -### **Install NGINX Ingress Controller Using Helm** -```bash -helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx -helm repo update -helm install ingress-nginx ingress-nginx/ingress-nginx \ - --namespace ingress-nginx --create-namespace -``` - -### **Verify Installation** -Check if the NGINX Ingress Controller pods are running: -```bash -kubectl get pods -n ingress-nginx -``` - -### **Retrieve the Load Balancer IP** -Get the external IP assigned to the NGINX Ingress Controller: -```bash -kubectl get svc -n ingress-nginx -``` - -### **Update DNS** -Point your domain (`junoon.trainwithshubham.com`) to the external IP of the NGINX Load Balancer. - ---- - -## **6. Enable HTTPS for the Application** - -### **Install Cert-Manager** -```bash -kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.13.1/cert-manager.yaml -``` - -### **Create Let's Encrypt ClusterIssuer** -Save the following as `letsencrypt-clusterissuer.yaml`: -```yaml -apiVersion: cert-manager.io/v1 -kind: ClusterIssuer -metadata: - name: letsencrypt-prod -spec: - acme: - server: https://acme-v02.api.letsencrypt.org/directory - email: your-email@example.com - privateKeySecretRef: - name: letsencrypt-prod-key - solvers: - - http01: - ingress: - class: nginx -``` -Apply the ClusterIssuer: -```bash -kubectl apply -f letsencrypt-clusterissuer.yaml -``` - -### **Update Ingress with TLS Configuration** -- Modify your Ingress to include TLS and reference the `letsencrypt-prod` ClusterIssuer. -- Apply the updated Ingress: -```bash -kubectl apply -f -``` - -### **Verify Certificate Issuance** -```bash -kubectl get certificate -n bankapp-namespace -``` - ---- - -## **7. Verify Deployment** - -### **Check Deployed Resources** -```bash -kubectl get all -n bankapp-namespace -``` - -### **Access the Application** -- Open your browser and navigate to: - ``` - https://junoon.trainwithshubham.com - ``` - ---- - -## **8. Add Autoscaling** - -### **Install the Metrics Server** -```bash -kubectl apply -f https://github.com/kubernetes-sigs/metrics-server/releases/latest/download/components.yaml -``` - -### **Get the Top Nodes and Pods** -```bash - kubectl top nodes - kubectl top pods -n bankapp-namespace -``` -### **Apply HPA** -```bash - kubectl apply -f bankapp-hpa.yml -``` ---- - diff --git a/kubernetes/bankapp-deployment.yml b/kubernetes/bankapp-deployment.yml deleted file mode 100644 index 45a35b6f..00000000 --- a/kubernetes/bankapp-deployment.yml +++ /dev/null @@ -1,63 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app: bankapp-deploy - name: bankapp-deploy - namespace: bankapp-namespace -spec: - replicas: 2 # Keep replicas >= 2 for high availability - selector: - matchLabels: - app: bankapp-deploy - template: - metadata: - labels: - app: bankapp-deploy - spec: - containers: - - name: bankapp - image: trainwithshubham/bankapp-eks:v2 - ports: - - containerPort: 8080 - env: - - name: SPRING_DATASOURCE_URL - valueFrom: - configMapKeyRef: - name: bankapp-config - key: SPRING_DATASOURCE_URL - - name: SPRING_DATASOURCE_USERNAME - valueFrom: - configMapKeyRef: - name: bankapp-config - key: SPRING_DATASOURCE_USERNAME - - name: MYSQL_DATABASE - valueFrom: - configMapKeyRef: - name: bankapp-config - key: MYSQL_DATABASE - - name: SPRING_DATASOURCE_PASSWORD - valueFrom: - secretKeyRef: - name: mysql-secret - key: SPRING_DATASOURCE_PASSWORD - # readinessProbe: - # httpGet: - # path: /actuator/health # Update this based on your app's health endpoint - # port: 8080 - # initialDelaySeconds: 10 - # periodSeconds: 5 - # livenessProbe: - # httpGet: - # path: /actuator/health # Update this based on your app's health endpoint - # port: 8080 - # initialDelaySeconds: 30 - # periodSeconds: 10 - resources: - requests: - memory: "512Mi" - cpu: "250m" - limits: - memory: "1Gi" - cpu: "500m" - diff --git a/kubernetes/bankapp-hpa.yml b/kubernetes/bankapp-hpa.yml deleted file mode 100644 index 6c030161..00000000 --- a/kubernetes/bankapp-hpa.yml +++ /dev/null @@ -1,19 +0,0 @@ -apiVersion: autoscaling/v2 -kind: HorizontalPodAutoscaler -metadata: - name: bankapp-hpa - namespace: bankapp-namespace -spec: - scaleTargetRef: - apiVersion: apps/v1 - kind: Deployment - name: bankapp-deploy - minReplicas: 1 - maxReplicas: 5 - metrics: - - type: Resource - resource: - name: cpu - target: - type: Utilization - averageUtilization: 40 diff --git a/kubernetes/bankapp-ingress.yml b/kubernetes/bankapp-ingress.yml deleted file mode 100644 index e1b8f06e..00000000 --- a/kubernetes/bankapp-ingress.yml +++ /dev/null @@ -1,28 +0,0 @@ -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: bankapp-ingress - namespace: bankapp-namespace - annotations: - nginx.ingress.kubernetes.io/rewrite-target: / - nginx.ingress.kubernetes.io/proxy-body-size: "50m" - nginx.ingress.kubernetes.io/ssl-redirect: "true" # Force HTTPS - cert-manager.io/cluster-issuer: letsencrypt-prod # Use Let's Encrypt -spec: - ingressClassName: nginx - tls: - - hosts: - - megaproject.trainwithshubham.com - secretName: bankapp-tls-secret # Cert-Manager will manage this - rules: - - host: megaproject.trainwithshubham.com - http: - paths: - - path: / - pathType: Prefix - backend: - service: - name: bankapp-service - port: - number: 8080 - diff --git a/kubernetes/bankapp-namespace.yaml b/kubernetes/bankapp-namespace.yaml deleted file mode 100644 index 3a4a5170..00000000 --- a/kubernetes/bankapp-namespace.yaml +++ /dev/null @@ -1,6 +0,0 @@ -apiVersion: v1 -kind: Namespace -metadata: - name: bankapp-namespace - labels: - name: bankapp-namespace diff --git a/kubernetes/bankapp-service.yaml b/kubernetes/bankapp-service.yaml deleted file mode 100644 index c63175da..00000000 --- a/kubernetes/bankapp-service.yaml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: bankapp-service - namespace: bankapp-namespace - labels: - app: bankapp -spec: - selector: - app: bankapp-deploy - ports: - - protocol: TCP - port: 8080 - targetPort: 8080 - diff --git a/kubernetes/configmap.yaml b/kubernetes/configmap.yaml deleted file mode 100644 index f2acc025..00000000 --- a/kubernetes/configmap.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: bankapp-config - namespace: bankapp-namespace -data: - MYSQL_DATABASE: BankDB - SPRING_DATASOURCE_URL: jdbc:mysql://mysql-svc.bankapp-namespace.svc.cluster.local:3306/BankDB?useSSL=false&allowPublicKeyRetrieval=true&serverTimezone=UTC - SPRING_DATASOURCE_USERNAME: root diff --git a/kubernetes/letsencrypt-clusterissuer.yaml b/kubernetes/letsencrypt-clusterissuer.yaml deleted file mode 100644 index 959db1b9..00000000 --- a/kubernetes/letsencrypt-clusterissuer.yaml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: cert-manager.io/v1 -kind: ClusterIssuer -metadata: - name: letsencrypt-prod -spec: - acme: - server: https://acme-v02.api.letsencrypt.org/directory - email: trainwithshubham@gmail.com - privateKeySecretRef: - name: letsencrypt-prod-key - solvers: - - http01: - ingress: - class: nginx - diff --git a/kubernetes/mysql-deployment.yml b/kubernetes/mysql-deployment.yml deleted file mode 100644 index c9baa53a..00000000 --- a/kubernetes/mysql-deployment.yml +++ /dev/null @@ -1,42 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: mysql - namespace: bankapp-namespace - labels: - app: mysql -spec: - replicas: 1 - selector: - matchLabels: - app: mysql - template: - metadata: - labels: - app: mysql - spec: - containers: - - name: mysql - image: mysql:8.0 # Use a specific, stable version for production - ports: - - containerPort: 3306 - env: - - name: MYSQL_ROOT_PASSWORD - valueFrom: - secretKeyRef: - name: mysql-secret - key: MYSQL_ROOT_PASSWORD - - name: MYSQL_DATABASE - valueFrom: - configMapKeyRef: - name: bankapp-config - key: MYSQL_DATABASE - volumeMounts: - - name: mysql-pv-storage - mountPath: /var/lib/mysql - subPath: mysql-data # Optional: Ensure a subdirectory is used for better volume organization - volumes: - - name: mysql-pv-storage - persistentVolumeClaim: - claimName: mysql-pvc - diff --git a/kubernetes/mysql-service.yaml b/kubernetes/mysql-service.yaml deleted file mode 100644 index 607a8ef2..00000000 --- a/kubernetes/mysql-service.yaml +++ /dev/null @@ -1,14 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: mysql-svc - namespace: bankapp-namespace - labels: - app: mysql -spec: - selector: - app: mysql - ports: - - protocol: TCP - port: 3306 - targetPort: 3306 diff --git a/kubernetes/persistent-volume.yaml b/kubernetes/persistent-volume.yaml deleted file mode 100644 index efbda4d3..00000000 --- a/kubernetes/persistent-volume.yaml +++ /dev/null @@ -1,16 +0,0 @@ -apiVersion: v1 -kind: PersistentVolume -metadata: - name: mysql-pv - namespace: bankapp-namespace -spec: - capacity: - storage: 10Gi - volumeMode: Filesystem - accessModes: - - ReadWriteOnce - persistentVolumeReclaimPolicy: Retain # Keeps the PV after the PVC is deleted - storageClassName: standard # Make sure this matches your cluster's default storage class - hostPath: - path: /mnt/data/mysql - type: DirectoryOrCreate diff --git a/kubernetes/secrets.yaml b/kubernetes/secrets.yaml deleted file mode 100644 index c6596fdb..00000000 --- a/kubernetes/secrets.yaml +++ /dev/null @@ -1,10 +0,0 @@ -apiVersion: v1 -kind: Secret -metadata: - name: mysql-secret - namespace: bankapp-namespace -type: Opaque -data: - MYSQL_ROOT_PASSWORD: VGVzdEAxMjM= # Base64 for "Test@123" - SPRING_DATASOURCE_PASSWORD: VGVzdEAxMjM= # Base64 for "Test@123" -