diff --git a/Jenkins-Pipeline-Code/Jenkinsfile-Backend b/Jenkins-Pipeline-Code/Jenkinsfile-Backend deleted file mode 100644 index b0826fb70..000000000 --- a/Jenkins-Pipeline-Code/Jenkinsfile-Backend +++ /dev/null @@ -1,113 +0,0 @@ -pipeline { - agent any - tools { - jdk 'jdk' - nodejs 'nodejs' - } - environment { - SCANNER_HOME=tool 'sonar-scanner' - AWS_ACCOUNT_ID = credentials('ACCOUNT_ID') - AWS_ECR_REPO_NAME = credentials('ECR_REPO2') - AWS_DEFAULT_REGION = 'us-east-1' - REPOSITORY_URI = "${AWS_ACCOUNT_ID}.dkr.ecr.${AWS_DEFAULT_REGION}.amazonaws.com/" - } - stages { - stage('Cleaning Workspace') { - steps { - cleanWs() - } - } - stage('Checkout from Git') { - steps { - git credentialsId: 'GITHUB', url: 'https://github.com/AmanPathak-DevOps/End-to-End-Kubernetes-Three-Tier-DevSecOps-Project.git' - } - } - stage('Sonarqube Analysis') { - steps { - dir('Application-Code/backend') { - withSonarQubeEnv('sonar-server') { - sh ''' $SCANNER_HOME/bin/sonar-scanner \ - -Dsonar.projectName=three-tier-backend \ - -Dsonar.projectKey=three-tier-backend ''' - } - } - } - } - stage('Quality Check') { - steps { - script { - waitForQualityGate abortPipeline: false, credentialsId: 'sonar-token' - } - } - } - stage('OWASP Dependency-Check Scan') { - steps { - dir('Application-Code/backend') { - dependencyCheck additionalArguments: '--scan ./ --disableYarnAudit --disableNodeAudit', odcInstallation: 'DP-Check' - dependencyCheckPublisher pattern: '**/dependency-check-report.xml' - } - } - } - stage('Trivy File Scan') { - steps { - dir('Application-Code/backend') { - sh 'trivy fs . > trivyfs.txt' - } - } - } - stage("Docker Image Build") { - steps { - script { - dir('Application-Code/backend') { - sh 'docker system prune -f' - sh 'docker container prune -f' - sh 'docker build -t ${AWS_ECR_REPO_NAME} .' - } - } - } - } - stage("ECR Image Pushing") { - steps { - script { - sh 'aws ecr get-login-password --region ${AWS_DEFAULT_REGION} | docker login --username AWS --password-stdin ${REPOSITORY_URI}' - sh 'docker tag ${AWS_ECR_REPO_NAME} ${REPOSITORY_URI}${AWS_ECR_REPO_NAME}:${BUILD_NUMBER}' - sh 'docker push ${REPOSITORY_URI}${AWS_ECR_REPO_NAME}:${BUILD_NUMBER}' - } - } - } - stage("TRIVY Image Scan") { - steps { - sh 'trivy image ${REPOSITORY_URI}${AWS_ECR_REPO_NAME}:${BUILD_NUMBER} > trivyimage.txt' - } - } - stage('Checkout Code') { - steps { - git credentialsId: 'GITHUB', url: 'https://github.com/AmanPathak-DevOps/End-to-End-Kubernetes-Three-Tier-DevSecOps-Project.git' - } - } - stage('Update Deployment file') { - environment { - GIT_REPO_NAME = "End-to-End-Kubernetes-Three-Tier-DevSecOps-Project" - GIT_USER_NAME = "AmanPathak-DevOps" - } - steps { - dir('Kubernetes-Manifests-file/Backend') { - withCredentials([string(credentialsId: 'github', variable: 'GITHUB_TOKEN')]) { - sh ''' - git config user.email "aman07pathak@gmail.com" - git config user.name "AmanPathak-DevOps" - BUILD_NUMBER=${BUILD_NUMBER} - echo $BUILD_NUMBER - imageTag=$(grep -oP '(?<=backend:)[^ ]+' deployment.yaml) - echo $imageTag - sed -i "s/${AWS_ECR_REPO_NAME}:${imageTag}/${AWS_ECR_REPO_NAME}:${BUILD_NUMBER}/" deployment.yaml - git add deployment.yaml - git commit -m "Update deployment Image to version \${BUILD_NUMBER}" - git push https://${GITHUB_TOKEN}@github.com/${GIT_USER_NAME}/${GIT_REPO_NAME} HEAD:master - ''' - } - } - } - } - } -} \ No newline at end of file diff --git a/Jenkins-Pipeline-Code/Jenkinsfile-Frontend b/Jenkins-Pipeline-Code/Jenkinsfile-Frontend deleted file mode 100644 index 9be1a50c0..000000000 --- a/Jenkins-Pipeline-Code/Jenkinsfile-Frontend +++ /dev/null @@ -1,113 +0,0 @@ -pipeline { - agent any - tools { - jdk 'jdk' - nodejs 'nodejs' - } - environment { - SCANNER_HOME=tool 'sonar-scanner' - AWS_ACCOUNT_ID = credentials('ACCOUNT_ID') - AWS_ECR_REPO_NAME = credentials('ECR_REPO1') - AWS_DEFAULT_REGION = 'us-east-1' - REPOSITORY_URI = "${AWS_ACCOUNT_ID}.dkr.ecr.${AWS_DEFAULT_REGION}.amazonaws.com/" - } - stages { - stage('Cleaning Workspace') { - steps { - cleanWs() - } - } - stage('Checkout from Git') { - steps { - git credentialsId: 'GITHUB', url: 'https://github.com/AmanPathak-DevOps/End-to-End-Kubernetes-Three-Tier-DevSecOps-Project.git' - } - } - stage('Sonarqube Analysis') { - steps { - dir('Application-Code/frontend') { - withSonarQubeEnv('sonar-server') { - sh ''' $SCANNER_HOME/bin/sonar-scanner \ - -Dsonar.projectName=three-tier-frontend \ - -Dsonar.projectKey=three-tier-frontend ''' - } - } - } - } - stage('Quality Check') { - steps { - script { - waitForQualityGate abortPipeline: false, credentialsId: 'sonar-token' - } - } - } - stage('OWASP Dependency-Check Scan') { - steps { - dir('Application-Code/frontend') { - dependencyCheck additionalArguments: '--scan ./ --disableYarnAudit --disableNodeAudit', odcInstallation: 'DP-Check' - dependencyCheckPublisher pattern: '**/dependency-check-report.xml' - } - } - } - stage('Trivy File Scan') { - steps { - dir('Application-Code/frontend') { - sh 'trivy fs . > trivyfs.txt' - } - } - } - stage("Docker Image Build") { - steps { - script { - dir('Application-Code/frontend') { - sh 'docker system prune -f' - sh 'docker container prune -f' - sh 'docker build -t ${AWS_ECR_REPO_NAME} .' - } - } - } - } - stage("ECR Image Pushing") { - steps { - script { - sh 'aws ecr get-login-password --region ${AWS_DEFAULT_REGION} | docker login --username AWS --password-stdin ${REPOSITORY_URI}' - sh 'docker tag ${AWS_ECR_REPO_NAME} ${REPOSITORY_URI}${AWS_ECR_REPO_NAME}:${BUILD_NUMBER}' - sh 'docker push ${REPOSITORY_URI}${AWS_ECR_REPO_NAME}:${BUILD_NUMBER}' - } - } - } - stage("TRIVY Image Scan") { - steps { - sh 'trivy image ${REPOSITORY_URI}${AWS_ECR_REPO_NAME}:${BUILD_NUMBER} > trivyimage.txt' - } - } - stage('Checkout Code') { - steps { - git credentialsId: 'GITHUB', url: 'https://github.com/AmanPathak-DevOps/End-to-End-Kubernetes-Three-Tier-DevSecOps-Project.git' - } - } - stage('Update Deployment file') { - environment { - GIT_REPO_NAME = "End-to-End-Kubernetes-Three-Tier-DevSecOps-Project" - GIT_USER_NAME = "AmanPathak-DevOps" - } - steps { - dir('Kubernetes-Manifests-file/Frontend') { - withCredentials([string(credentialsId: 'github', variable: 'GITHUB_TOKEN')]) { - sh ''' - git config user.email "aman07pathak@gmail.com" - git config user.name "AmanPathak-DevOps" - BUILD_NUMBER=${BUILD_NUMBER} - echo $BUILD_NUMBER - imageTag=$(grep -oP '(?<=frontend:)[^ ]+' deployment.yaml) - echo $imageTag - sed -i "s/${AWS_ECR_REPO_NAME}:${imageTag}/${AWS_ECR_REPO_NAME}:${BUILD_NUMBER}/" deployment.yaml - git add deployment.yaml - git commit -m "Update deployment Image to version \${BUILD_NUMBER}" - git push https://${GITHUB_TOKEN}@github.com/${GIT_USER_NAME}/${GIT_REPO_NAME} HEAD:master - ''' - } - } - } - } - } -} \ No newline at end of file diff --git a/Jenkins-Server-TF/.terraform.lock.hcl b/Jenkins-Server-TF/.terraform.lock.hcl deleted file mode 100644 index 299c5907e..000000000 --- a/Jenkins-Server-TF/.terraform.lock.hcl +++ /dev/null @@ -1,25 +0,0 @@ -# This file is maintained automatically by "terraform init". -# Manual edits may be lost in future updates. - -provider "registry.terraform.io/hashicorp/aws" { - version = "5.31.0" - constraints = ">= 2.7.0" - hashes = [ - "h1:WwgMbMOhZblxZTdjHeJf9XB2/hcSHHmpuywLxuTWYw0=", - "zh:0cdb9c2083bf0902442384f7309367791e4640581652dda456f2d6d7abf0de8d", - "zh:2fe4884cb9642f48a5889f8dff8f5f511418a18537a9dfa77ada3bcdad391e4e", - "zh:36d8bdd72fe61d816d0049c179f495bc6f1e54d8d7b07c45b62e5e1696882a89", - "zh:539dd156e3ec608818eb21191697b230117437a58587cbd02ce533202a4dd520", - "zh:6a53f4b57ac4eb3479fc0d8b6e301ca3a27efae4c55d9f8bd24071b12a03361c", - "zh:6faeb8ff6792ca7af1c025255755ad764667a300291cc10cea0c615479488c87", - "zh:7d9423149b323f6d0df5b90c4d9029e5455c670aea2a7eb6fef4684ba7eb2e0b", - "zh:8235badd8a5d0993421cacf5ead48fac73d3b5a25c8a68599706a404b1f70730", - "zh:860b4f60842b2879c5128b7e386c8b49adeda9287fed12c5cd74861bb659bbcd", - "zh:9b12af85486a96aedd8d7984b0ff811a4b42e3d88dad1a3fb4c0b580d04fa425", - "zh:b021fceaf9382c8fe3c6eb608c24d01dce3d11ba7e65bb443d51ca9b90e9b237", - "zh:b38b0bfc1c69e714e80cf1c9ea06e687ee86aa9f45694be28eb07adcebbe0489", - "zh:c972d155f6c01af9690a72adfb99cfc24ef5ef311ca92ce46b9b13c5c153f572", - "zh:e0dd29920ec84fdb6026acff44dcc1fb1a24a0caa093fa04cdbc713d384c651d", - "zh:e3127ebd2cb0374cd1808f911e6bffe2f4ac4d84317061381242353f3a7bc27d", - ] -} diff --git a/Jenkins-Server-TF/backend.tf b/Jenkins-Server-TF/backend.tf deleted file mode 100644 index 9d46f4e7c..000000000 --- a/Jenkins-Server-TF/backend.tf +++ /dev/null @@ -1,16 +0,0 @@ -terraform { - backend "s3" { - bucket = "my-ews-baket1" - region = "us-east-1" - key = "End-to-End-Kubernetes-Three-Tier-DevSecOps-Project/Jenkins-Server-TF/terraform.tfstate" - dynamodb_table = "Lock-Files" - encrypt = true - } - required_version = ">=0.13.0" - required_providers { - aws = { - version = ">= 2.7.0" - source = "hashicorp/aws" - } - } -} \ No newline at end of file diff --git a/Jenkins-Server-TF/ec2.tf b/Jenkins-Server-TF/ec2.tf deleted file mode 100644 index 9bff6b449..000000000 --- a/Jenkins-Server-TF/ec2.tf +++ /dev/null @@ -1,16 +0,0 @@ -resource "aws_instance" "ec2" { - ami = data.aws_ami.ami.image_id - instance_type = "t2.2xlarge" - key_name = var.key-name - subnet_id = aws_subnet.public-subnet.id - vpc_security_group_ids = [aws_security_group.security-group.id] - iam_instance_profile = aws_iam_instance_profile.instance-profile.name - root_block_device { - volume_size = 30 - } - user_data = templatefile("./tools-install.sh", {}) - - tags = { - Name = var.instance-name - } -} \ No newline at end of file diff --git a/Jenkins-Server-TF/gather.tf b/Jenkins-Server-TF/gather.tf deleted file mode 100644 index 946b8b63b..000000000 --- a/Jenkins-Server-TF/gather.tf +++ /dev/null @@ -1,10 +0,0 @@ -data "aws_ami" "ami" { - most_recent = true - - filter { - name = "name" - values = ["ubuntu/images/hvm-ssd/ubuntu-jammy-22.04-amd64-server-*"] - } - - owners = ["099720109477"] -} \ No newline at end of file diff --git a/Jenkins-Server-TF/iam-instance-profile.tf b/Jenkins-Server-TF/iam-instance-profile.tf deleted file mode 100644 index a56217eba..000000000 --- a/Jenkins-Server-TF/iam-instance-profile.tf +++ /dev/null @@ -1,4 +0,0 @@ -resource "aws_iam_instance_profile" "instance-profile" { - name = "Jenkins-instance-profile" - role = aws_iam_role.iam-role.name -} \ No newline at end of file diff --git a/Jenkins-Server-TF/iam-policy.tf b/Jenkins-Server-TF/iam-policy.tf deleted file mode 100644 index 66d06f9e3..000000000 --- a/Jenkins-Server-TF/iam-policy.tf +++ /dev/null @@ -1,5 +0,0 @@ -resource "aws_iam_role_policy_attachment" "iam-policy" { - role = aws_iam_role.iam-role.name - # Just for testing purpose, don't try to give administrator access - policy_arn = "arn:aws:iam::aws:policy/AdministratorAccess" -} \ No newline at end of file diff --git a/Jenkins-Server-TF/iam-role.tf b/Jenkins-Server-TF/iam-role.tf deleted file mode 100644 index cd7699db3..000000000 --- a/Jenkins-Server-TF/iam-role.tf +++ /dev/null @@ -1,17 +0,0 @@ -resource "aws_iam_role" "iam-role" { - name = var.iam-role - assume_role_policy = < /dev/null -echo deb [signed-by=/usr/share/keyrings/jenkins-keyring.asc] \ - https://pkg.jenkins.io/debian binary/ | sudo tee \ - /etc/apt/sources.list.d/jenkins.list > /dev/null -sudo apt-get update -y -sudo apt-get install jenkins -y - -# Installing Docker -#!/bin/bash -sudo apt update -sudo apt install docker.io -y -sudo usermod -aG docker jenkins -sudo usermod -aG docker ubuntu -sudo systemctl restart docker -sudo chmod 777 /var/run/docker.sock - -# If you don't want to install Jenkins, you can create a container of Jenkins -# docker run -d -p 8080:8080 -p 50000:50000 --name jenkins-container jenkins/jenkins:lts - -# Run Docker Container of Sonarqube -#!/bin/bash -docker run -d --name sonar -p 9000:9000 sonarqube:lts-community - - -# Installing AWS CLI -#!/bin/bash -curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip" -sudo apt install unzip -y -unzip awscliv2.zip -sudo ./aws/install - -# Installing Kubectl -#!/bin/bash -sudo apt update -sudo apt install curl -y -sudo curl -LO "https://dl.k8s.io/release/v1.28.4/bin/linux/amd64/kubectl" -sudo chmod +x kubectl -sudo mv kubectl /usr/local/bin/ -kubectl version --client - - -# Installing eksctl -#! /bin/bash -curl --silent --location "https://github.com/weaveworks/eksctl/releases/latest/download/eksctl_$(uname -s)_amd64.tar.gz" | tar xz -C /tmp -sudo mv /tmp/eksctl /usr/local/bin -eksctl version - -# Installing Terraform -#!/bin/bash -wget -O- https://apt.releases.hashicorp.com/gpg | sudo gpg --dearmor -o /usr/share/keyrings/hashicorp-archive-keyring.gpg -echo "deb [signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] https://apt.releases.hashicorp.com $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/hashicorp.list -sudo apt update -sudo apt install terraform -y - -# Installing Trivy -#!/bin/bash -sudo apt-get install wget apt-transport-https gnupg lsb-release -y -wget -qO - https://aquasecurity.github.io/trivy-repo/deb/public.key | sudo apt-key add - -echo deb https://aquasecurity.github.io/trivy-repo/deb $(lsb_release -sc) main | sudo tee -a /etc/apt/sources.list.d/trivy.list -sudo apt update -sudo apt install trivy -y - - -# Intalling Helm -#! /bin/bash -sudo snap install helm --classic \ No newline at end of file diff --git a/Jenkins-Server-TF/variables.tf b/Jenkins-Server-TF/variables.tf deleted file mode 100644 index 339515178..000000000 --- a/Jenkins-Server-TF/variables.tf +++ /dev/null @@ -1,8 +0,0 @@ -variable "vpc-name" {} -variable "igw-name" {} -variable "rt-name" {} -variable "subnet-name" {} -variable "sg-name" {} -variable "instance-name" {} -variable "key-name" {} -variable "iam-role" {} \ No newline at end of file diff --git a/Jenkins-Server-TF/variables.tfvars b/Jenkins-Server-TF/variables.tfvars deleted file mode 100644 index 310601aa9..000000000 --- a/Jenkins-Server-TF/variables.tfvars +++ /dev/null @@ -1,8 +0,0 @@ -vpc-name = "Jenkins-vpc" -igw-name = "Jenkins-igw" -subnet-name = "Jenkins-subnet" -rt-name = "Jenkins-route-table" -sg-name = "Jenkins-sg" -instance-name = "Jenkins-server" -key-name = "Aman-Pathak" -iam-role = "Jenkins-iam-role" \ No newline at end of file diff --git a/Jenkins-Server-TF/vpc.tf b/Jenkins-Server-TF/vpc.tf deleted file mode 100644 index 938a71e3f..000000000 --- a/Jenkins-Server-TF/vpc.tf +++ /dev/null @@ -1,73 +0,0 @@ -resource "aws_vpc" "vpc" { - cidr_block = "10.0.0.0/16" - - tags = { - Name = var.vpc-name - } -} - -resource "aws_internet_gateway" "igw" { - vpc_id = aws_vpc.vpc.id - - tags = { - Name = var.igw-name - } -} - -resource "aws_subnet" "public-subnet" { - vpc_id = aws_vpc.vpc.id - cidr_block = "10.0.1.0/24" - availability_zone = "us-east-1a" - map_public_ip_on_launch = true - - tags = { - Name = var.subnet-name - } -} - -resource "aws_route_table" "rt" { - vpc_id = aws_vpc.vpc.id - route { - cidr_block = "0.0.0.0/0" - gateway_id = aws_internet_gateway.igw.id - } - - tags = { - Name = var.rt-name - } -} - -resource "aws_route_table_association" "rt-association" { - route_table_id = aws_route_table.rt.id - subnet_id = aws_subnet.public-subnet.id -} - -resource "aws_security_group" "security-group" { - vpc_id = aws_vpc.vpc.id - description = "Allowing Jenkins, Sonarqube, SSH Access" - - ingress = [ - for port in [22, 8080, 9000, 9090, 80] : { - description = "TLS from VPC" - from_port = port - to_port = port - protocol = "tcp" - ipv6_cidr_blocks = ["::/0"] - self = false - prefix_list_ids = [] - security_groups = [] - cidr_blocks = ["0.0.0.0/0"] - } - ] - - egress { - from_port = 0 - to_port = 0 - protocol = "-1" - cidr_blocks = ["0.0.0.0/0"] - } - - tags = { - Name = var.sg-name - } -} \ No newline at end of file diff --git a/Kubernetes-Manifests-file/Backend/deployment.yaml b/Kubernetes-Manifests-file/Backend/deployment.yaml deleted file mode 100644 index 39658275f..000000000 --- a/Kubernetes-Manifests-file/Backend/deployment.yaml +++ /dev/null @@ -1,57 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: api - namespace: three-tier - labels: - role: api - env: demo -spec: - replicas: 2 - strategy: - type: RollingUpdate - rollingUpdate: - maxSurge: 1 - maxUnavailable: 25% - selector: - matchLabels: - role: api - template: - metadata: - labels: - role: api - spec: - imagePullSecrets: - - name: ecr-registry-secret - containers: - - name: api - image: 407622020962.dkr.ecr.us-east-1.amazonaws.com/backend:latest - imagePullPolicy: Always - env: - - name: MONGO_CONN_STR - value: mongodb://mongodb-svc:27017/todo?directConnection=true - - name: MONGO_USERNAME - valueFrom: - secretKeyRef: - name: mongo-sec - key: username - - name: MONGO_PASSWORD - valueFrom: - secretKeyRef: - name: mongo-sec - key: password - ports: - - containerPort: 3500 - livenessProbe: - httpGet: - path: /ok - port: 3500 - initialDelaySeconds: 2 - periodSeconds: 5 - readinessProbe: - httpGet: - path: /ok - port: 3500 - initialDelaySeconds: 5 - periodSeconds: 5 - successThreshold: 1 \ No newline at end of file diff --git a/Kubernetes-Manifests-file/Backend/service.yaml b/Kubernetes-Manifests-file/Backend/service.yaml deleted file mode 100644 index 7fa7bc71e..000000000 --- a/Kubernetes-Manifests-file/Backend/service.yaml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: api - namespace: three-tier -spec: - ports: - - port: 3500 - protocol: TCP - type: ClusterIP - selector: - role: api \ No newline at end of file diff --git a/Kubernetes-Manifests-file/Database/deployment.yaml b/Kubernetes-Manifests-file/Database/deployment.yaml deleted file mode 100644 index 379e56cf8..000000000 --- a/Kubernetes-Manifests-file/Database/deployment.yaml +++ /dev/null @@ -1,46 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - namespace: three-tier - name: mongodb -spec: - replicas: 1 - selector: - matchLabels: - app: mongodb - template: - metadata: - labels: - app: mongodb - spec: - containers: - - name: mon - image: mongo:4.4.6 - command: - - "numactl" - - "--interleave=all" - - "mongod" - - "--wiredTigerCacheSizeGB" - - "0.1" - - "--bind_ip" - - "0.0.0.0" - ports: - - containerPort: 27017 - env: - - name: MONGO_INITDB_ROOT_USERNAME - valueFrom: - secretKeyRef: - name: mongo-sec - key: username - - name: MONGO_INITDB_ROOT_PASSWORD - valueFrom: - secretKeyRef: - name: mongo-sec - key: password - volumeMounts: - - name: mongo-volume - mountPath: /data/db - volumes: - - name: mongo-volume - persistentVolumeClaim: - claimName: mongo-volume-claim \ No newline at end of file diff --git a/Kubernetes-Manifests-file/Database/pv.yaml b/Kubernetes-Manifests-file/Database/pv.yaml deleted file mode 100644 index c37325cd1..000000000 --- a/Kubernetes-Manifests-file/Database/pv.yaml +++ /dev/null @@ -1,13 +0,0 @@ -apiVersion: v1 -kind: PersistentVolume -metadata: - name: mongo-pv - namespace: three-tier -spec: - capacity: - storage: 1Gi - volumeMode: Filesystem - accessModes: - - ReadWriteOnce - hostPath: - path: /data/db \ No newline at end of file diff --git a/Kubernetes-Manifests-file/Database/pvc.yaml b/Kubernetes-Manifests-file/Database/pvc.yaml deleted file mode 100644 index 13eb7d2b3..000000000 --- a/Kubernetes-Manifests-file/Database/pvc.yaml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: mongo-volume-claim - namespace: three-tier -spec: - accessModes: - - ReadWriteOnce - storageClassName: "" - resources: - requests: - storage: 1Gi \ No newline at end of file diff --git a/Kubernetes-Manifests-file/Database/secrets.yaml b/Kubernetes-Manifests-file/Database/secrets.yaml deleted file mode 100644 index 11264032d..000000000 --- a/Kubernetes-Manifests-file/Database/secrets.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: v1 -kind: Secret -metadata: - namespace: three-tier - name: mongo-sec -type: Opaque -data: - password: cGFzc3dvcmQxMjM= #Three-Tier-Project - username: YWRtaW4= #admin \ No newline at end of file diff --git a/Kubernetes-Manifests-file/Database/service.yaml b/Kubernetes-Manifests-file/Database/service.yaml deleted file mode 100644 index 1fdba64bb..000000000 --- a/Kubernetes-Manifests-file/Database/service.yaml +++ /dev/null @@ -1,13 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - namespace: three-tier - name: mongodb-svc -spec: - selector: - app: mongodb - ports: - - name: mongodb-svc - protocol: TCP - port: 27017 - targetPort: 27017 \ No newline at end of file diff --git a/Kubernetes-Manifests-file/Frontend/deployment.yaml b/Kubernetes-Manifests-file/Frontend/deployment.yaml deleted file mode 100644 index 5927afe73..000000000 --- a/Kubernetes-Manifests-file/Frontend/deployment.yaml +++ /dev/null @@ -1,34 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: frontend - namespace: three-tier - labels: - role: frontend - env: demo -spec: - replicas: 1 - strategy: - type: RollingUpdate - rollingUpdate: - maxSurge: 1 - maxUnavailable: 25% - selector: - matchLabels: - role: frontend - template: - metadata: - labels: - role: frontend - spec: - imagePullSecrets: - - name: ecr-registry-secret - containers: - - name: frontend - image: 407622020962.dkr.ecr.us-east-1.amazonaws.com/frontend:latest - imagePullPolicy: Always - env: - - name: REACT_APP_BACKEND_URL - value: "http://backend.amanpathakdevops.study/api/tasks" - ports: - - containerPort: 3000 \ No newline at end of file diff --git a/Kubernetes-Manifests-file/Frontend/service.yaml b/Kubernetes-Manifests-file/Frontend/service.yaml deleted file mode 100644 index de2f6df78..000000000 --- a/Kubernetes-Manifests-file/Frontend/service.yaml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: frontend - namespace: three-tier -spec: - ports: - - port: 3000 - protocol: TCP - type: ClusterIP - selector: - role: frontend \ No newline at end of file diff --git a/Kubernetes-Manifests-file/ingress.yaml b/Kubernetes-Manifests-file/ingress.yaml deleted file mode 100644 index 69686261c..000000000 --- a/Kubernetes-Manifests-file/ingress.yaml +++ /dev/null @@ -1,30 +0,0 @@ -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: mainlb - namespace: three-tier - annotations: - alb.ingress.kubernetes.io/scheme: internet-facing - alb.ingress.kubernetes.io/target-type: ip - alb.ingress.kubernetes.io/listen-ports: '[{"HTTP": 80}]' -spec: - ingressClassName: alb - rules: - - host: backend.amanpathakdevops.study - http: - paths: - - path: /api - pathType: Prefix - backend: - service: - name: api - port: - number: 3500 - - path: / - pathType: Prefix - backend: - service: - name: frontend - port: - number: 3000 - \ No newline at end of file diff --git a/README.md b/README.md deleted file mode 100644 index f46896f2e..000000000 --- a/README.md +++ /dev/null @@ -1,151 +0,0 @@ -# #TWSThreeTierAppChallenge - -## Overview -This repository hosts the `#TWSThreeTierAppChallenge` for the TWS community. -The challenge involves deploying a Three-Tier Web Application using ReactJS, NodeJS, and MongoDB, with deployment on AWS EKS. Participants are encouraged to deploy the application, add creative enhancements, and submit a Pull Request (PR). Merged PRs will earn exciting prizes! - -**Get The Challenge here** - -[![YouTube Video](https://img.youtube.com/vi/tvWQRTbMS1g/maxresdefault.jpg)](https://youtu.be/tvWQRTbMS1g?si=eki-boMemxr4PU7-) - -## Prerequisites -- Basic knowledge of Docker, and AWS services. -- An AWS account with necessary permissions. - -## Challenge Steps -- [Application Code](#application-code) -- [Jenkins Pipeline Code](#jenkins-pipeline-code) -- [Jenkins Server Terraform](#jenkins-server-terraform) -- [Kubernetes Manifests Files](#kubernetes-manifests-files) -- [Project Details](#project-details) - -## Application Code -The `Application-Code` directory contains the source code for the Three-Tier Web Application. Dive into this directory to explore the frontend and backend implementations. - -## Jenkins Pipeline Code -In the `Jenkins-Pipeline-Code` directory, you'll find Jenkins pipeline scripts. These scripts automate the CI/CD process, ensuring smooth integration and deployment of your application. - -## Jenkins Server Terraform -Explore the `Jenkins-Server-TF` directory to find Terraform scripts for setting up the Jenkins Server on AWS. These scripts simplify the infrastructure provisioning process. - -## Kubernetes Manifests Files -The `Kubernetes-Manifests-Files` directory holds Kubernetes manifests for deploying your application on AWS EKS. Understand and customize these files to suit your project needs. - -## Project Details -🛠️ **Tools Explored:** -- Terraform & AWS CLI for AWS infrastructure -- Jenkins, Sonarqube, Terraform, Kubectl, and more for CI/CD setup -- Helm, Prometheus, and Grafana for Monitoring -- ArgoCD for GitOps practices - -🚢 **High-Level Overview:** -- IAM User setup & Terraform magic on AWS -- Jenkins deployment with AWS integration -- EKS Cluster creation & Load Balancer configuration -- Private ECR repositories for secure image management -- Helm charts for efficient monitoring setup -- GitOps with ArgoCD - the cherry on top! - -📈 **The journey covered everything from setting up tools to deploying a Three-Tier app, ensuring data persistence, and implementing CI/CD pipelines.** - -## Getting Started -To get started with this project, refer to our [comprehensive guide](https://amanpathakdevops.medium.com/advanced-end-to-end-devsecops-kubernetes-three-tier-project-using-aws-eks-argocd-prometheus-fbbfdb956d1a) that walks you through IAM user setup, infrastructure provisioning, CI/CD pipeline configuration, EKS cluster creation, and more. - -### Step 1: IAM Configuration -- Create a user `eks-admin` with `AdministratorAccess`. -- Generate Security Credentials: Access Key and Secret Access Key. - -### Step 2: EC2 Setup -- Launch an Ubuntu instance in your favourite region (eg. region `us-west-2`). -- SSH into the instance from your local machine. - -### Step 3: Install AWS CLI v2 -``` shell -curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip" -sudo apt install unzip -unzip awscliv2.zip -sudo ./aws/install -i /usr/local/aws-cli -b /usr/local/bin --update -aws configure -``` - -### Step 4: Install Docker -``` shell -sudo apt-get update -sudo apt install docker.io -docker ps -sudo chown $USER /var/run/docker.sock -``` - -### Step 5: Install kubectl -``` shell -curl -o kubectl https://amazon-eks.s3.us-west-2.amazonaws.com/1.19.6/2021-01-05/bin/linux/amd64/kubectl -chmod +x ./kubectl -sudo mv ./kubectl /usr/local/bin -kubectl version --short --client -``` - -### Step 6: Install eksctl -``` shell -curl --silent --location "https://github.com/weaveworks/eksctl/releases/latest/download/eksctl_$(uname -s)_amd64.tar.gz" | tar xz -C /tmp -sudo mv /tmp/eksctl /usr/local/bin -eksctl version -``` - -### Step 7: Setup EKS Cluster -``` shell -eksctl create cluster --name three-tier-cluster --region us-west-2 --node-type t2.medium --nodes-min 2 --nodes-max 2 -aws eks update-kubeconfig --region us-west-2 --name three-tier-cluster -kubectl get nodes -``` - -### Step 8: Run Manifests -``` shell -kubectl create namespace workshop -kubectl apply -f . -kubectl delete -f . -``` - -### Step 9: Install AWS Load Balancer -``` shell -curl -O https://raw.githubusercontent.com/kubernetes-sigs/aws-load-balancer-controller/v2.5.4/docs/install/iam_policy.json -aws iam create-policy --policy-name AWSLoadBalancerControllerIAMPolicy --policy-document file://iam_policy.json -eksctl utils associate-iam-oidc-provider --region=us-west-2 --cluster=three-tier-cluster --approve -eksctl create iamserviceaccount --cluster=three-tier-cluster --namespace=kube-system --name=aws-load-balancer-controller --role-name AmazonEKSLoadBalancerControllerRole --attach-policy-arn=arn:aws:iam::626072240565:policy/AWSLoadBalancerControllerIAMPolicy --approve --region=us-west-2 -``` - -### Step 10: Deploy AWS Load Balancer Controller -``` shell -sudo snap install helm --classic -helm repo add eks https://aws.github.io/eks-charts -helm repo update eks -helm install aws-load-balancer-controller eks/aws-load-balancer-controller -n kube-system --set clusterName=my-cluster --set serviceAccount.create=false --set serviceAccount.name=aws-load-balancer-controller -kubectl get deployment -n kube-system aws-load-balancer-controller -kubectl apply -f full_stack_lb.yaml -``` - -### Cleanup -- To delete the EKS cluster: -``` shell -eksctl delete cluster --name three-tier-cluster --region us-west-2 -``` -- To clean up rest of the stuff and not incure any cost -``` -Stop or Terminate the EC2 instance created in step 2. -Delete the Load Balancer created in step 9 and 10. -Go to EC2 console, access security group section and delete security groups created in previous steps -``` - -## Contribution Guidelines -- Fork the repository and create your feature branch. -- Deploy the application, adding your creative enhancements. -- Ensure your code adheres to the project's style and contribution guidelines. -- Submit a Pull Request with a detailed description of your changes. - -## Rewards -- Successful PR merges will be eligible for exciting prizes! - -## Support -For any queries or issues, please open an issue in the repository. - ---- -Happy Learning! 🚀👨‍💻👩‍💻 diff --git a/assets/Three-Tier.gif b/assets/Three-Tier.gif deleted file mode 100644 index d763c7884..000000000 Binary files a/assets/Three-Tier.gif and /dev/null differ