diff --git a/Application-Code/backend/Dockerfile b/Application-Code/backend/Dockerfile index b05d6bee8..2f1753f9c 100644 --- a/Application-Code/backend/Dockerfile +++ b/Application-Code/backend/Dockerfile @@ -1,6 +1,12 @@ -FROM node:14 -WORKDIR /usr/src/app +FROM node:18-alpine + +WORKDIR /app + COPY package*.json ./ + RUN npm install + COPY . . -CMD ["node", "index.js"] \ No newline at end of file + +CMD ["node", "index.js"] + diff --git a/Application-Code/frontend/Dockerfile b/Application-Code/frontend/Dockerfile index b004e9665..8971296ec 100644 --- a/Application-Code/frontend/Dockerfile +++ b/Application-Code/frontend/Dockerfile @@ -1,6 +1,19 @@ FROM node:14 -WORKDIR /usr/src/app + +WORKDIR /app + COPY package*.json ./ -RUN npm install + +RUN npm install --only=production + +# Install 'serve' globally (for serving static files) +RUN npm install -g serve + COPY . . -CMD [ "npm", "start" ] + +RUN npm run build + +EXPOSE 3000 + +CMD ["serve", "-s", "build", "-l", "3000"] + diff --git a/Jenkins-Pipeline-Code/Jenkinsfile-Backend b/Jenkins-Pipeline-Code/Jenkinsfile-Backend deleted file mode 100644 index b0826fb70..000000000 --- a/Jenkins-Pipeline-Code/Jenkinsfile-Backend +++ /dev/null @@ -1,113 +0,0 @@ -pipeline { - agent any - tools { - jdk 'jdk' - nodejs 'nodejs' - } - environment { - SCANNER_HOME=tool 'sonar-scanner' - AWS_ACCOUNT_ID = credentials('ACCOUNT_ID') - AWS_ECR_REPO_NAME = credentials('ECR_REPO2') - AWS_DEFAULT_REGION = 'us-east-1' - REPOSITORY_URI = "${AWS_ACCOUNT_ID}.dkr.ecr.${AWS_DEFAULT_REGION}.amazonaws.com/" - } - stages { - stage('Cleaning Workspace') { - steps { - cleanWs() - } - } - stage('Checkout from Git') { - steps { - git credentialsId: 'GITHUB', url: 'https://github.com/AmanPathak-DevOps/End-to-End-Kubernetes-Three-Tier-DevSecOps-Project.git' - } - } - stage('Sonarqube Analysis') { - steps { - dir('Application-Code/backend') { - withSonarQubeEnv('sonar-server') { - sh ''' $SCANNER_HOME/bin/sonar-scanner \ - -Dsonar.projectName=three-tier-backend \ - -Dsonar.projectKey=three-tier-backend ''' - } - } - } - } - stage('Quality Check') { - steps { - script { - waitForQualityGate abortPipeline: false, credentialsId: 'sonar-token' - } - } - } - stage('OWASP Dependency-Check Scan') { - steps { - dir('Application-Code/backend') { - dependencyCheck additionalArguments: '--scan ./ --disableYarnAudit --disableNodeAudit', odcInstallation: 'DP-Check' - dependencyCheckPublisher pattern: '**/dependency-check-report.xml' - } - } - } - stage('Trivy File Scan') { - steps { - dir('Application-Code/backend') { - sh 'trivy fs . > trivyfs.txt' - } - } - } - stage("Docker Image Build") { - steps { - script { - dir('Application-Code/backend') { - sh 'docker system prune -f' - sh 'docker container prune -f' - sh 'docker build -t ${AWS_ECR_REPO_NAME} .' - } - } - } - } - stage("ECR Image Pushing") { - steps { - script { - sh 'aws ecr get-login-password --region ${AWS_DEFAULT_REGION} | docker login --username AWS --password-stdin ${REPOSITORY_URI}' - sh 'docker tag ${AWS_ECR_REPO_NAME} ${REPOSITORY_URI}${AWS_ECR_REPO_NAME}:${BUILD_NUMBER}' - sh 'docker push ${REPOSITORY_URI}${AWS_ECR_REPO_NAME}:${BUILD_NUMBER}' - } - } - } - stage("TRIVY Image Scan") { - steps { - sh 'trivy image ${REPOSITORY_URI}${AWS_ECR_REPO_NAME}:${BUILD_NUMBER} > trivyimage.txt' - } - } - stage('Checkout Code') { - steps { - git credentialsId: 'GITHUB', url: 'https://github.com/AmanPathak-DevOps/End-to-End-Kubernetes-Three-Tier-DevSecOps-Project.git' - } - } - stage('Update Deployment file') { - environment { - GIT_REPO_NAME = "End-to-End-Kubernetes-Three-Tier-DevSecOps-Project" - GIT_USER_NAME = "AmanPathak-DevOps" - } - steps { - dir('Kubernetes-Manifests-file/Backend') { - withCredentials([string(credentialsId: 'github', variable: 'GITHUB_TOKEN')]) { - sh ''' - git config user.email "aman07pathak@gmail.com" - git config user.name "AmanPathak-DevOps" - BUILD_NUMBER=${BUILD_NUMBER} - echo $BUILD_NUMBER - imageTag=$(grep -oP '(?<=backend:)[^ ]+' deployment.yaml) - echo $imageTag - sed -i "s/${AWS_ECR_REPO_NAME}:${imageTag}/${AWS_ECR_REPO_NAME}:${BUILD_NUMBER}/" deployment.yaml - git add deployment.yaml - git commit -m "Update deployment Image to version \${BUILD_NUMBER}" - git push https://${GITHUB_TOKEN}@github.com/${GIT_USER_NAME}/${GIT_REPO_NAME} HEAD:master - ''' - } - } - } - } - } -} \ No newline at end of file diff --git a/Jenkins-Pipeline-Code/Jenkinsfile-Frontend b/Jenkins-Pipeline-Code/Jenkinsfile-Frontend deleted file mode 100644 index 9be1a50c0..000000000 --- a/Jenkins-Pipeline-Code/Jenkinsfile-Frontend +++ /dev/null @@ -1,113 +0,0 @@ -pipeline { - agent any - tools { - jdk 'jdk' - nodejs 'nodejs' - } - environment { - SCANNER_HOME=tool 'sonar-scanner' - AWS_ACCOUNT_ID = credentials('ACCOUNT_ID') - AWS_ECR_REPO_NAME = credentials('ECR_REPO1') - AWS_DEFAULT_REGION = 'us-east-1' - REPOSITORY_URI = "${AWS_ACCOUNT_ID}.dkr.ecr.${AWS_DEFAULT_REGION}.amazonaws.com/" - } - stages { - stage('Cleaning Workspace') { - steps { - cleanWs() - } - } - stage('Checkout from Git') { - steps { - git credentialsId: 'GITHUB', url: 'https://github.com/AmanPathak-DevOps/End-to-End-Kubernetes-Three-Tier-DevSecOps-Project.git' - } - } - stage('Sonarqube Analysis') { - steps { - dir('Application-Code/frontend') { - withSonarQubeEnv('sonar-server') { - sh ''' $SCANNER_HOME/bin/sonar-scanner \ - -Dsonar.projectName=three-tier-frontend \ - -Dsonar.projectKey=three-tier-frontend ''' - } - } - } - } - stage('Quality Check') { - steps { - script { - waitForQualityGate abortPipeline: false, credentialsId: 'sonar-token' - } - } - } - stage('OWASP Dependency-Check Scan') { - steps { - dir('Application-Code/frontend') { - dependencyCheck additionalArguments: '--scan ./ --disableYarnAudit --disableNodeAudit', odcInstallation: 'DP-Check' - dependencyCheckPublisher pattern: '**/dependency-check-report.xml' - } - } - } - stage('Trivy File Scan') { - steps { - dir('Application-Code/frontend') { - sh 'trivy fs . > trivyfs.txt' - } - } - } - stage("Docker Image Build") { - steps { - script { - dir('Application-Code/frontend') { - sh 'docker system prune -f' - sh 'docker container prune -f' - sh 'docker build -t ${AWS_ECR_REPO_NAME} .' - } - } - } - } - stage("ECR Image Pushing") { - steps { - script { - sh 'aws ecr get-login-password --region ${AWS_DEFAULT_REGION} | docker login --username AWS --password-stdin ${REPOSITORY_URI}' - sh 'docker tag ${AWS_ECR_REPO_NAME} ${REPOSITORY_URI}${AWS_ECR_REPO_NAME}:${BUILD_NUMBER}' - sh 'docker push ${REPOSITORY_URI}${AWS_ECR_REPO_NAME}:${BUILD_NUMBER}' - } - } - } - stage("TRIVY Image Scan") { - steps { - sh 'trivy image ${REPOSITORY_URI}${AWS_ECR_REPO_NAME}:${BUILD_NUMBER} > trivyimage.txt' - } - } - stage('Checkout Code') { - steps { - git credentialsId: 'GITHUB', url: 'https://github.com/AmanPathak-DevOps/End-to-End-Kubernetes-Three-Tier-DevSecOps-Project.git' - } - } - stage('Update Deployment file') { - environment { - GIT_REPO_NAME = "End-to-End-Kubernetes-Three-Tier-DevSecOps-Project" - GIT_USER_NAME = "AmanPathak-DevOps" - } - steps { - dir('Kubernetes-Manifests-file/Frontend') { - withCredentials([string(credentialsId: 'github', variable: 'GITHUB_TOKEN')]) { - sh ''' - git config user.email "aman07pathak@gmail.com" - git config user.name "AmanPathak-DevOps" - BUILD_NUMBER=${BUILD_NUMBER} - echo $BUILD_NUMBER - imageTag=$(grep -oP '(?<=frontend:)[^ ]+' deployment.yaml) - echo $imageTag - sed -i "s/${AWS_ECR_REPO_NAME}:${imageTag}/${AWS_ECR_REPO_NAME}:${BUILD_NUMBER}/" deployment.yaml - git add deployment.yaml - git commit -m "Update deployment Image to version \${BUILD_NUMBER}" - git push https://${GITHUB_TOKEN}@github.com/${GIT_USER_NAME}/${GIT_REPO_NAME} HEAD:master - ''' - } - } - } - } - } -} \ No newline at end of file diff --git a/Jenkins-Server-TF/.terraform.lock.hcl b/Jenkins-Server-TF/.terraform.lock.hcl deleted file mode 100644 index 299c5907e..000000000 --- a/Jenkins-Server-TF/.terraform.lock.hcl +++ /dev/null @@ -1,25 +0,0 @@ -# This file is maintained automatically by "terraform init". -# Manual edits may be lost in future updates. - -provider "registry.terraform.io/hashicorp/aws" { - version = "5.31.0" - constraints = ">= 2.7.0" - hashes = [ - "h1:WwgMbMOhZblxZTdjHeJf9XB2/hcSHHmpuywLxuTWYw0=", - "zh:0cdb9c2083bf0902442384f7309367791e4640581652dda456f2d6d7abf0de8d", - "zh:2fe4884cb9642f48a5889f8dff8f5f511418a18537a9dfa77ada3bcdad391e4e", - "zh:36d8bdd72fe61d816d0049c179f495bc6f1e54d8d7b07c45b62e5e1696882a89", - "zh:539dd156e3ec608818eb21191697b230117437a58587cbd02ce533202a4dd520", - "zh:6a53f4b57ac4eb3479fc0d8b6e301ca3a27efae4c55d9f8bd24071b12a03361c", - "zh:6faeb8ff6792ca7af1c025255755ad764667a300291cc10cea0c615479488c87", - "zh:7d9423149b323f6d0df5b90c4d9029e5455c670aea2a7eb6fef4684ba7eb2e0b", - "zh:8235badd8a5d0993421cacf5ead48fac73d3b5a25c8a68599706a404b1f70730", - "zh:860b4f60842b2879c5128b7e386c8b49adeda9287fed12c5cd74861bb659bbcd", - "zh:9b12af85486a96aedd8d7984b0ff811a4b42e3d88dad1a3fb4c0b580d04fa425", - "zh:b021fceaf9382c8fe3c6eb608c24d01dce3d11ba7e65bb443d51ca9b90e9b237", - "zh:b38b0bfc1c69e714e80cf1c9ea06e687ee86aa9f45694be28eb07adcebbe0489", - "zh:c972d155f6c01af9690a72adfb99cfc24ef5ef311ca92ce46b9b13c5c153f572", - "zh:e0dd29920ec84fdb6026acff44dcc1fb1a24a0caa093fa04cdbc713d384c651d", - "zh:e3127ebd2cb0374cd1808f911e6bffe2f4ac4d84317061381242353f3a7bc27d", - ] -} diff --git a/Jenkins-Server-TF/backend.tf b/Jenkins-Server-TF/backend.tf deleted file mode 100644 index 9d46f4e7c..000000000 --- a/Jenkins-Server-TF/backend.tf +++ /dev/null @@ -1,16 +0,0 @@ -terraform { - backend "s3" { - bucket = "my-ews-baket1" - region = "us-east-1" - key = "End-to-End-Kubernetes-Three-Tier-DevSecOps-Project/Jenkins-Server-TF/terraform.tfstate" - dynamodb_table = "Lock-Files" - encrypt = true - } - required_version = ">=0.13.0" - required_providers { - aws = { - version = ">= 2.7.0" - source = "hashicorp/aws" - } - } -} \ No newline at end of file diff --git a/Jenkins-Server-TF/ec2.tf b/Jenkins-Server-TF/ec2.tf deleted file mode 100644 index 9bff6b449..000000000 --- a/Jenkins-Server-TF/ec2.tf +++ /dev/null @@ -1,16 +0,0 @@ -resource "aws_instance" "ec2" { - ami = data.aws_ami.ami.image_id - instance_type = "t2.2xlarge" - key_name = var.key-name - subnet_id = aws_subnet.public-subnet.id - vpc_security_group_ids = [aws_security_group.security-group.id] - iam_instance_profile = aws_iam_instance_profile.instance-profile.name - root_block_device { - volume_size = 30 - } - user_data = templatefile("./tools-install.sh", {}) - - tags = { - Name = var.instance-name - } -} \ No newline at end of file diff --git a/Jenkins-Server-TF/gather.tf b/Jenkins-Server-TF/gather.tf deleted file mode 100644 index 946b8b63b..000000000 --- a/Jenkins-Server-TF/gather.tf +++ /dev/null @@ -1,10 +0,0 @@ -data "aws_ami" "ami" { - most_recent = true - - filter { - name = "name" - values = ["ubuntu/images/hvm-ssd/ubuntu-jammy-22.04-amd64-server-*"] - } - - owners = ["099720109477"] -} \ No newline at end of file diff --git a/Jenkins-Server-TF/iam-instance-profile.tf b/Jenkins-Server-TF/iam-instance-profile.tf deleted file mode 100644 index a56217eba..000000000 --- a/Jenkins-Server-TF/iam-instance-profile.tf +++ /dev/null @@ -1,4 +0,0 @@ -resource "aws_iam_instance_profile" "instance-profile" { - name = "Jenkins-instance-profile" - role = aws_iam_role.iam-role.name -} \ No newline at end of file diff --git a/Jenkins-Server-TF/iam-policy.tf b/Jenkins-Server-TF/iam-policy.tf deleted file mode 100644 index 66d06f9e3..000000000 --- a/Jenkins-Server-TF/iam-policy.tf +++ /dev/null @@ -1,5 +0,0 @@ -resource "aws_iam_role_policy_attachment" "iam-policy" { - role = aws_iam_role.iam-role.name - # Just for testing purpose, don't try to give administrator access - policy_arn = "arn:aws:iam::aws:policy/AdministratorAccess" -} \ No newline at end of file diff --git a/Jenkins-Server-TF/iam-role.tf b/Jenkins-Server-TF/iam-role.tf deleted file mode 100644 index cd7699db3..000000000 --- a/Jenkins-Server-TF/iam-role.tf +++ /dev/null @@ -1,17 +0,0 @@ -resource "aws_iam_role" "iam-role" { - name = var.iam-role - assume_role_policy = < /dev/null -echo deb [signed-by=/usr/share/keyrings/jenkins-keyring.asc] \ - https://pkg.jenkins.io/debian binary/ | sudo tee \ - /etc/apt/sources.list.d/jenkins.list > /dev/null -sudo apt-get update -y -sudo apt-get install jenkins -y - -# Installing Docker -#!/bin/bash -sudo apt update -sudo apt install docker.io -y -sudo usermod -aG docker jenkins -sudo usermod -aG docker ubuntu -sudo systemctl restart docker -sudo chmod 777 /var/run/docker.sock - -# If you don't want to install Jenkins, you can create a container of Jenkins -# docker run -d -p 8080:8080 -p 50000:50000 --name jenkins-container jenkins/jenkins:lts - -# Run Docker Container of Sonarqube -#!/bin/bash -docker run -d --name sonar -p 9000:9000 sonarqube:lts-community - - -# Installing AWS CLI -#!/bin/bash -curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip" -sudo apt install unzip -y -unzip awscliv2.zip -sudo ./aws/install - -# Installing Kubectl -#!/bin/bash -sudo apt update -sudo apt install curl -y -sudo curl -LO "https://dl.k8s.io/release/v1.28.4/bin/linux/amd64/kubectl" -sudo chmod +x kubectl -sudo mv kubectl /usr/local/bin/ -kubectl version --client - - -# Installing eksctl -#! /bin/bash -curl --silent --location "https://github.com/weaveworks/eksctl/releases/latest/download/eksctl_$(uname -s)_amd64.tar.gz" | tar xz -C /tmp -sudo mv /tmp/eksctl /usr/local/bin -eksctl version - -# Installing Terraform -#!/bin/bash -wget -O- https://apt.releases.hashicorp.com/gpg | sudo gpg --dearmor -o /usr/share/keyrings/hashicorp-archive-keyring.gpg -echo "deb [signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] https://apt.releases.hashicorp.com $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/hashicorp.list -sudo apt update -sudo apt install terraform -y - -# Installing Trivy -#!/bin/bash -sudo apt-get install wget apt-transport-https gnupg lsb-release -y -wget -qO - https://aquasecurity.github.io/trivy-repo/deb/public.key | sudo apt-key add - -echo deb https://aquasecurity.github.io/trivy-repo/deb $(lsb_release -sc) main | sudo tee -a /etc/apt/sources.list.d/trivy.list -sudo apt update -sudo apt install trivy -y - - -# Intalling Helm -#! /bin/bash -sudo snap install helm --classic \ No newline at end of file diff --git a/Jenkins-Server-TF/variables.tf b/Jenkins-Server-TF/variables.tf deleted file mode 100644 index 339515178..000000000 --- a/Jenkins-Server-TF/variables.tf +++ /dev/null @@ -1,8 +0,0 @@ -variable "vpc-name" {} -variable "igw-name" {} -variable "rt-name" {} -variable "subnet-name" {} -variable "sg-name" {} -variable "instance-name" {} -variable "key-name" {} -variable "iam-role" {} \ No newline at end of file diff --git a/Jenkins-Server-TF/variables.tfvars b/Jenkins-Server-TF/variables.tfvars deleted file mode 100644 index 310601aa9..000000000 --- a/Jenkins-Server-TF/variables.tfvars +++ /dev/null @@ -1,8 +0,0 @@ -vpc-name = "Jenkins-vpc" -igw-name = "Jenkins-igw" -subnet-name = "Jenkins-subnet" -rt-name = "Jenkins-route-table" -sg-name = "Jenkins-sg" -instance-name = "Jenkins-server" -key-name = "Aman-Pathak" -iam-role = "Jenkins-iam-role" \ No newline at end of file diff --git a/Jenkins-Server-TF/vpc.tf b/Jenkins-Server-TF/vpc.tf deleted file mode 100644 index 938a71e3f..000000000 --- a/Jenkins-Server-TF/vpc.tf +++ /dev/null @@ -1,73 +0,0 @@ -resource "aws_vpc" "vpc" { - cidr_block = "10.0.0.0/16" - - tags = { - Name = var.vpc-name - } -} - -resource "aws_internet_gateway" "igw" { - vpc_id = aws_vpc.vpc.id - - tags = { - Name = var.igw-name - } -} - -resource "aws_subnet" "public-subnet" { - vpc_id = aws_vpc.vpc.id - cidr_block = "10.0.1.0/24" - availability_zone = "us-east-1a" - map_public_ip_on_launch = true - - tags = { - Name = var.subnet-name - } -} - -resource "aws_route_table" "rt" { - vpc_id = aws_vpc.vpc.id - route { - cidr_block = "0.0.0.0/0" - gateway_id = aws_internet_gateway.igw.id - } - - tags = { - Name = var.rt-name - } -} - -resource "aws_route_table_association" "rt-association" { - route_table_id = aws_route_table.rt.id - subnet_id = aws_subnet.public-subnet.id -} - -resource "aws_security_group" "security-group" { - vpc_id = aws_vpc.vpc.id - description = "Allowing Jenkins, Sonarqube, SSH Access" - - ingress = [ - for port in [22, 8080, 9000, 9090, 80] : { - description = "TLS from VPC" - from_port = port - to_port = port - protocol = "tcp" - ipv6_cidr_blocks = ["::/0"] - self = false - prefix_list_ids = [] - security_groups = [] - cidr_blocks = ["0.0.0.0/0"] - } - ] - - egress { - from_port = 0 - to_port = 0 - protocol = "-1" - cidr_blocks = ["0.0.0.0/0"] - } - - tags = { - Name = var.sg-name - } -} \ No newline at end of file diff --git a/Kubernetes-Manifests-file/Backend/deployment.yaml b/Kubernetes-Manifests-file/Backend/deployment.yaml deleted file mode 100644 index 39658275f..000000000 --- a/Kubernetes-Manifests-file/Backend/deployment.yaml +++ /dev/null @@ -1,57 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: api - namespace: three-tier - labels: - role: api - env: demo -spec: - replicas: 2 - strategy: - type: RollingUpdate - rollingUpdate: - maxSurge: 1 - maxUnavailable: 25% - selector: - matchLabels: - role: api - template: - metadata: - labels: - role: api - spec: - imagePullSecrets: - - name: ecr-registry-secret - containers: - - name: api - image: 407622020962.dkr.ecr.us-east-1.amazonaws.com/backend:latest - imagePullPolicy: Always - env: - - name: MONGO_CONN_STR - value: mongodb://mongodb-svc:27017/todo?directConnection=true - - name: MONGO_USERNAME - valueFrom: - secretKeyRef: - name: mongo-sec - key: username - - name: MONGO_PASSWORD - valueFrom: - secretKeyRef: - name: mongo-sec - key: password - ports: - - containerPort: 3500 - livenessProbe: - httpGet: - path: /ok - port: 3500 - initialDelaySeconds: 2 - periodSeconds: 5 - readinessProbe: - httpGet: - path: /ok - port: 3500 - initialDelaySeconds: 5 - periodSeconds: 5 - successThreshold: 1 \ No newline at end of file diff --git a/Kubernetes-Manifests-file/Database/deployment.yaml b/Kubernetes-Manifests-file/Database/deployment.yaml deleted file mode 100644 index 379e56cf8..000000000 --- a/Kubernetes-Manifests-file/Database/deployment.yaml +++ /dev/null @@ -1,46 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - namespace: three-tier - name: mongodb -spec: - replicas: 1 - selector: - matchLabels: - app: mongodb - template: - metadata: - labels: - app: mongodb - spec: - containers: - - name: mon - image: mongo:4.4.6 - command: - - "numactl" - - "--interleave=all" - - "mongod" - - "--wiredTigerCacheSizeGB" - - "0.1" - - "--bind_ip" - - "0.0.0.0" - ports: - - containerPort: 27017 - env: - - name: MONGO_INITDB_ROOT_USERNAME - valueFrom: - secretKeyRef: - name: mongo-sec - key: username - - name: MONGO_INITDB_ROOT_PASSWORD - valueFrom: - secretKeyRef: - name: mongo-sec - key: password - volumeMounts: - - name: mongo-volume - mountPath: /data/db - volumes: - - name: mongo-volume - persistentVolumeClaim: - claimName: mongo-volume-claim \ No newline at end of file diff --git a/Kubernetes-Manifests-file/Database/pv.yaml b/Kubernetes-Manifests-file/Database/pv.yaml deleted file mode 100644 index c37325cd1..000000000 --- a/Kubernetes-Manifests-file/Database/pv.yaml +++ /dev/null @@ -1,13 +0,0 @@ -apiVersion: v1 -kind: PersistentVolume -metadata: - name: mongo-pv - namespace: three-tier -spec: - capacity: - storage: 1Gi - volumeMode: Filesystem - accessModes: - - ReadWriteOnce - hostPath: - path: /data/db \ No newline at end of file diff --git a/Kubernetes-Manifests-file/Database/secrets.yaml b/Kubernetes-Manifests-file/Database/secrets.yaml deleted file mode 100644 index 11264032d..000000000 --- a/Kubernetes-Manifests-file/Database/secrets.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: v1 -kind: Secret -metadata: - namespace: three-tier - name: mongo-sec -type: Opaque -data: - password: cGFzc3dvcmQxMjM= #Three-Tier-Project - username: YWRtaW4= #admin \ No newline at end of file diff --git a/Kubernetes-Manifests-file/Database/service.yaml b/Kubernetes-Manifests-file/Database/service.yaml deleted file mode 100644 index 1fdba64bb..000000000 --- a/Kubernetes-Manifests-file/Database/service.yaml +++ /dev/null @@ -1,13 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - namespace: three-tier - name: mongodb-svc -spec: - selector: - app: mongodb - ports: - - name: mongodb-svc - protocol: TCP - port: 27017 - targetPort: 27017 \ No newline at end of file diff --git a/Kubernetes-Manifests-file/Frontend/service.yaml b/Kubernetes-Manifests-file/Frontend/service.yaml deleted file mode 100644 index de2f6df78..000000000 --- a/Kubernetes-Manifests-file/Frontend/service.yaml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: frontend - namespace: three-tier -spec: - ports: - - port: 3000 - protocol: TCP - type: ClusterIP - selector: - role: frontend \ No newline at end of file diff --git a/Kubernetes-Manifests-file/ingress.yaml b/Kubernetes-Manifests-file/ingress.yaml deleted file mode 100644 index 69686261c..000000000 --- a/Kubernetes-Manifests-file/ingress.yaml +++ /dev/null @@ -1,30 +0,0 @@ -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: mainlb - namespace: three-tier - annotations: - alb.ingress.kubernetes.io/scheme: internet-facing - alb.ingress.kubernetes.io/target-type: ip - alb.ingress.kubernetes.io/listen-ports: '[{"HTTP": 80}]' -spec: - ingressClassName: alb - rules: - - host: backend.amanpathakdevops.study - http: - paths: - - path: /api - pathType: Prefix - backend: - service: - name: api - port: - number: 3500 - - path: / - pathType: Prefix - backend: - service: - name: frontend - port: - number: 3000 - \ No newline at end of file diff --git a/k8s-manifests/backend/deployment.yml b/k8s-manifests/backend/deployment.yml new file mode 100644 index 000000000..b91de58cb --- /dev/null +++ b/k8s-manifests/backend/deployment.yml @@ -0,0 +1,69 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: backend-dep + namespace: three-tier + labels: + app: backend + +spec: + replicas: 2 + selector: + matchLabels: + app: backend + + template: + metadata: + labels: + app: backend + + spec: + containers: + - name: three-tier-app + image: abhimaske/backend-image:latest + imagePullPolicy: Always + + env: + - name: MONGO_USERNAME + valueFrom: + secretKeyRef: + name: mongo-secrets + key: username + - name: MONGO_PASSWORD + valueFrom: + secretKeyRef: + name: mongo-secrets + key: password + + ports: + - containerPort: 3500 + + resources: + requests: + cpu: "250m" + memory: "256Mi" + limits: + cpu: "500m" + memory: "512Mi" + + startupProbe: + httpGet: + path: /ok + port: 3500 + failureThreshold: 30 + periodSeconds: 10 + + livenessProbe: + httpGet: + path: /ok + port: 3500 + initialDelaySeconds: 25 + periodSeconds: 20 + + readinessProbe: + httpGet: + path: /ok + port: 3500 + initialDelaySeconds: 20 + periodSeconds: 10 + diff --git a/Kubernetes-Manifests-file/Backend/service.yaml b/k8s-manifests/backend/service.yml similarity index 79% rename from Kubernetes-Manifests-file/Backend/service.yaml rename to k8s-manifests/backend/service.yml index 7fa7bc71e..e4d1a5895 100644 --- a/Kubernetes-Manifests-file/Backend/service.yaml +++ b/k8s-manifests/backend/service.yml @@ -1,7 +1,7 @@ apiVersion: v1 kind: Service metadata: - name: api + name: backend-svc namespace: three-tier spec: ports: @@ -9,4 +9,4 @@ spec: protocol: TCP type: ClusterIP selector: - role: api \ No newline at end of file + app: backend diff --git a/k8s-manifests/cluster.yml b/k8s-manifests/cluster.yml new file mode 100644 index 000000000..9ba832167 --- /dev/null +++ b/k8s-manifests/cluster.yml @@ -0,0 +1,15 @@ +kind: Cluster +apiVersion: kind.x-k8s.io/v1alpha4 + +nodes: +- role: control-plane + image: kindest/node:v1.32.2 + +- role: worker + image: kindest/node:v1.32.2 + +- role: worker + image: kindest/node:v1.32.2 + +- role: worker + image: kindest/node:v1.32.2 diff --git a/k8s-manifests/database/deployment.yml b/k8s-manifests/database/deployment.yml new file mode 100644 index 000000000..3acfa9a96 --- /dev/null +++ b/k8s-manifests/database/deployment.yml @@ -0,0 +1,52 @@ +apiVersion: apps/v1 +kind: Deployment + +metadata: + name: mongo-dep + namespace: three-tier + labels: + app: mongodb + +spec: + replicas: 2 + selector: + matchLabels: + app: mongodb + + template: + metadata: + name: mongo-pod + namespace: three-tier + labels: + app: mongodb + + + spec: + containers: + - name: mongo + image: mongo:4.4.6 + ports: + - containerPort: 27017 + env: + - name: MONGO_INITDB_ROOT_USERNAME + valueFrom: + secretKeyRef: + name: mongo-secrets + key: username + + - name: MONGO_INITDB_ROOT_PASSWORD + valueFrom: + secretKeyRef: + name: mongo-secrets + key: password + + volumeMounts: + - name: mongo-data + mountPath: /data/db + + volumes: + - name: mongo-data + persistentVolumeClaim: + claimName: mongo-pvc + + diff --git a/k8s-manifests/database/namespace.yml b/k8s-manifests/database/namespace.yml new file mode 100644 index 000000000..3beadcb26 --- /dev/null +++ b/k8s-manifests/database/namespace.yml @@ -0,0 +1,6 @@ +apiVersion: v1 +kind: Namespace + +metadata: + name: three-tier + diff --git a/k8s-manifests/database/pv.yml b/k8s-manifests/database/pv.yml new file mode 100644 index 000000000..8c8548c85 --- /dev/null +++ b/k8s-manifests/database/pv.yml @@ -0,0 +1,19 @@ +apiVersion: v1 +kind: PersistentVolume + +metadata: + name: mongo-pv + namespace: three-tier + +spec: + storageClassName: standard + + capacity: + storage: 5Gi + + accessModes: + - ReadWriteOnce + + hostPath: + path: /mnt/data + diff --git a/Kubernetes-Manifests-file/Database/pvc.yaml b/k8s-manifests/database/pvc.yml similarity index 60% rename from Kubernetes-Manifests-file/Database/pvc.yaml rename to k8s-manifests/database/pvc.yml index 13eb7d2b3..b7597d4ae 100644 --- a/Kubernetes-Manifests-file/Database/pvc.yaml +++ b/k8s-manifests/database/pvc.yml @@ -1,12 +1,17 @@ apiVersion: v1 kind: PersistentVolumeClaim + metadata: - name: mongo-volume-claim + name: mongo-pvc namespace: three-tier + spec: - accessModes: + accessModes: - ReadWriteOnce - storageClassName: "" + storageClassName: standard resources: requests: - storage: 1Gi \ No newline at end of file + storage: 2Gi + + + diff --git a/k8s-manifests/database/secrets.yml b/k8s-manifests/database/secrets.yml new file mode 100644 index 000000000..08a7e8552 --- /dev/null +++ b/k8s-manifests/database/secrets.yml @@ -0,0 +1,14 @@ +apiVersion: v1 +kind: Secret + +metadata: + name: mongo-secrets + namespace: three-tier + +type: opaque +data: + password: YWJoaTEyMw== # abhi123 + username: YWJoaW1hc2tl # abhimaske + + + diff --git a/k8s-manifests/database/service.yml b/k8s-manifests/database/service.yml new file mode 100644 index 000000000..d7629085d --- /dev/null +++ b/k8s-manifests/database/service.yml @@ -0,0 +1,16 @@ +apiVersion: v1 +kind: Service + +metadata: + name: mongo-svc + namespace: three-tier + +spec: + selector: + app: mongodb + ports: + - name: mongo-pvc + protocol: TCP + port: 27017 + targetPort: 27017 + diff --git a/Kubernetes-Manifests-file/Frontend/deployment.yaml b/k8s-manifests/frontend/deployment.yml similarity index 58% rename from Kubernetes-Manifests-file/Frontend/deployment.yaml rename to k8s-manifests/frontend/deployment.yml index 5927afe73..69c8e99f5 100644 --- a/Kubernetes-Manifests-file/Frontend/deployment.yaml +++ b/k8s-manifests/frontend/deployment.yml @@ -5,9 +5,9 @@ metadata: namespace: three-tier labels: role: frontend - env: demo + spec: - replicas: 1 + replicas: 2 strategy: type: RollingUpdate rollingUpdate: @@ -21,14 +21,9 @@ spec: labels: role: frontend spec: - imagePullSecrets: - - name: ecr-registry-secret containers: - name: frontend - image: 407622020962.dkr.ecr.us-east-1.amazonaws.com/frontend:latest + image: abhimaske/frontend-image:latest imagePullPolicy: Always - env: - - name: REACT_APP_BACKEND_URL - value: "http://backend.amanpathakdevops.study/api/tasks" ports: - - containerPort: 3000 \ No newline at end of file + - containerPort: 3000 diff --git a/k8s-manifests/frontend/service.yml b/k8s-manifests/frontend/service.yml new file mode 100644 index 000000000..c20b8c722 --- /dev/null +++ b/k8s-manifests/frontend/service.yml @@ -0,0 +1,17 @@ +apiVersion: v1 +kind: Service + +metadata: + name: frontend-svc + namespace: three-tier + +spec: + ports: + - port: 3000 + protocol: TCP + type: ClusterIP + selector: + role: frontend + + + diff --git a/k8s-manifests/hpa.yml b/k8s-manifests/hpa.yml new file mode 100644 index 000000000..6eef6b89b --- /dev/null +++ b/k8s-manifests/hpa.yml @@ -0,0 +1,23 @@ +apiVersion: autoscaling/v2 +kind: HorizontalPodAutoscaler + +metadata: + name: three-tier-hpa + namespace: three-tier + +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: backend-dep + + minReplicas: 1 + maxReplicas: 5 + + metrics: + - type: Resource + resource: + name: cpu + target: + type: Utilization + averageUtilization: 50 diff --git a/k8s-manifests/ingress.yml b/k8s-manifests/ingress.yml new file mode 100644 index 000000000..5d2f9087a --- /dev/null +++ b/k8s-manifests/ingress.yml @@ -0,0 +1,26 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: three-tier-ingress + namespace: three-tier + annotations: + nginx.ingress.kubernetes.io/rewrite-target: / +spec: + rules: + - host: "13.126.110.2.nip.io" + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: backend-svc + port: + number: 3500 + - path: / + pathType: Prefix + backend: + service: + name: frontend-svc + port: + number: 3000