From d5c45445304ec50165606a2c2f3215c38d1dff88 Mon Sep 17 00:00:00 2001 From: ankitsubhamjyoti2005 Date: Mon, 19 Aug 2024 13:43:10 +0530 Subject: [PATCH 1/6] deleted: terraform/autoscaling.tf deleted: terraform/cluster.tf deleted: terraform/ecr.tf modified: terraform/main.tf new file: terraform/outputs.tf modified: terraform/provider.tf deleted: terraform/secrets-manager.tf deleted: terraform/service.tf new file: terraform/variables.tf --- terraform/autoscaling.tf | 0 terraform/cluster.tf | 0 terraform/ecr.tf | 0 terraform/main.tf | 40 ++++++++++++++++++++++++++++++++++++ terraform/outputs.tf | 3 +++ terraform/provider.tf | 3 +++ terraform/secrets-manager.tf | 0 terraform/service.tf | 0 terraform/variables.tf | 4 ++++ 9 files changed, 50 insertions(+) delete mode 100644 terraform/autoscaling.tf delete mode 100644 terraform/cluster.tf delete mode 100644 terraform/ecr.tf create mode 100644 terraform/outputs.tf delete mode 100644 terraform/secrets-manager.tf delete mode 100644 terraform/service.tf create mode 100644 terraform/variables.tf diff --git a/terraform/autoscaling.tf b/terraform/autoscaling.tf deleted file mode 100644 index e69de29..0000000 diff --git a/terraform/cluster.tf b/terraform/cluster.tf deleted file mode 100644 index e69de29..0000000 diff --git a/terraform/ecr.tf b/terraform/ecr.tf deleted file mode 100644 index e69de29..0000000 diff --git a/terraform/main.tf b/terraform/main.tf index e69de29..9eab65a 100644 --- a/terraform/main.tf +++ b/terraform/main.tf @@ -0,0 +1,40 @@ +resource "aws_security_group" "web_sg" { + name = "allow_web_traffic" + description = "Allow inbound web traffic" + + ingress { + from_port = 3000 + to_port = 3000 + protocol = "tcp" + cidr_blocks = ["0.0.0.0/0"] + } + + egress { + from_port = 0 + to_port = 0 + protocol = "-1" + cidr_blocks = ["0.0.0.0/0"] + } +} + +resource "aws_instance" "app" { + ami = "ami-0c55b159cbfafe1f0" + instance_type = "t2.micro" + key_name = var.key_name + + security_groups = [aws_security_group.web_sg.name] + + user_data = <<-EOF + #!/bin/bash + sudo apt update -y + sudo apt install docker.io -y + sudo systemctl start docker + sudo systemctl enable docker + + docker run -d -p 3000:3000 your-docker-image:latest # Replace with your Docker image + EOF + + tags = { + Name = "nx-app-instance" + } +} diff --git a/terraform/outputs.tf b/terraform/outputs.tf new file mode 100644 index 0000000..c478acc --- /dev/null +++ b/terraform/outputs.tf @@ -0,0 +1,3 @@ +output "instance_public_ip" { + value = aws_instance.app.public_ip +} diff --git a/terraform/provider.tf b/terraform/provider.tf index e69de29..c28c97a 100644 --- a/terraform/provider.tf +++ b/terraform/provider.tf @@ -0,0 +1,3 @@ +provider "aws" { + region = "us-west-2" +} diff --git a/terraform/secrets-manager.tf b/terraform/secrets-manager.tf deleted file mode 100644 index e69de29..0000000 diff --git a/terraform/service.tf b/terraform/service.tf deleted file mode 100644 index e69de29..0000000 diff --git a/terraform/variables.tf b/terraform/variables.tf new file mode 100644 index 0000000..e99c42f --- /dev/null +++ b/terraform/variables.tf @@ -0,0 +1,4 @@ +variable "key_name" { + description = "Name of the SSH key pair" + type = string +} From ede6e125edca34700971587266ef390911f280f6 Mon Sep 17 00:00:00 2001 From: ankitsubhamjyoti2005 Date: Mon, 19 Aug 2024 14:06:42 +0530 Subject: [PATCH 2/6] new file: terraform/ecs-cluster.tf new file: terraform/ecs-service.tf new file: terraform/iam-roles.tf new file: terraform/load-balancer.tf deleted: terraform/main.tf new file: terraform/network.tf deleted: terraform/outputs.tf deleted: terraform/variables.tf --- terraform/ecs-cluster.tf | 25 ++++++++++++++++++++++++ terraform/ecs-service.tf | 19 ++++++++++++++++++ terraform/iam-roles.tf | 20 +++++++++++++++++++ terraform/load-balancer.tf | 25 ++++++++++++++++++++++++ terraform/main.tf | 40 -------------------------------------- terraform/network.tf | 25 ++++++++++++++++++++++++ terraform/outputs.tf | 3 --- terraform/variables.tf | 4 ---- 8 files changed, 114 insertions(+), 47 deletions(-) create mode 100644 terraform/ecs-cluster.tf create mode 100644 terraform/ecs-service.tf create mode 100644 terraform/iam-roles.tf create mode 100644 terraform/load-balancer.tf delete mode 100644 terraform/main.tf create mode 100644 terraform/network.tf delete mode 100644 terraform/outputs.tf delete mode 100644 terraform/variables.tf diff --git a/terraform/ecs-cluster.tf b/terraform/ecs-cluster.tf new file mode 100644 index 0000000..fa20f8f --- /dev/null +++ b/terraform/ecs-cluster.tf @@ -0,0 +1,25 @@ +resource "aws_ecs_task_definition" "nx_task" { + family = "nx-task" + network_mode = "awsvpc" + requires_compatibilities = ["FARGATE"] + cpu = "4096" # 4 vCPUs + memory = "8192" # 8 GB RAM + + execution_role_arn = aws_iam_role.ecs_task_execution_role.arn + task_role_arn = aws_iam_role.ecs_task_execution_role.arn + + container_definitions = jsonencode([ + { + name = "nx-app-container" + image = "your-docker-image:latest" # Replace with your Docker image + portMappings = [ + { + containerPort = 3000 + hostPort = 3000 + protocol = "tcp" + } + ] + essential = true + } + ]) +} diff --git a/terraform/ecs-service.tf b/terraform/ecs-service.tf new file mode 100644 index 0000000..8b37f50 --- /dev/null +++ b/terraform/ecs-service.tf @@ -0,0 +1,19 @@ +resource "aws_ecs_service" "nx_service" { + name = "nx-app-service" + cluster = aws_ecs_cluster.main.id + task_definition = aws_ecs_task_definition.nx_task.arn + desired_count = 1 + launch_type = "FARGATE" + + network_configuration { + subnets = aws_subnet.main[*].id + security_groups = [aws_security_group.web_sg.id] + assign_public_ip = true + } + + load_balancer { + target_group_arn = aws_lb_target_group.main.arn + container_name = "nx-app-container" + container_port = 3000 + } +} diff --git a/terraform/iam-roles.tf b/terraform/iam-roles.tf new file mode 100644 index 0000000..3bfafbb --- /dev/null +++ b/terraform/iam-roles.tf @@ -0,0 +1,20 @@ +resource "aws_iam_role" "ecs_task_execution_role" { + name = "ecsTaskExecutionRole" + + assume_role_policy = jsonencode({ + Version = "2012-10-17", + Statement = [ + { + Action = "sts:AssumeRole", + Effect = "Allow", + Principal = { + Service = "ecs-tasks.amazonaws.com" + } + } + ] + }) + + managed_policy_arns = [ + "arn:aws:iam::aws:policy/service-role/AmazonECSTaskExecutionRolePolicy" + ] +} diff --git a/terraform/load-balancer.tf b/terraform/load-balancer.tf new file mode 100644 index 0000000..48723a7 --- /dev/null +++ b/terraform/load-balancer.tf @@ -0,0 +1,25 @@ +resource "aws_lb" "main" { + name = "nx-app-lb" + internal = false + load_balancer_type = "application" + security_groups = [aws_security_group.web_sg.id] + subnets = aws_subnet.main[*].id +} + +resource "aws_lb_target_group" "main" { + name = "nx-app-tg" + port = 3000 + protocol = "HTTP" + vpc_id = aws_vpc.main.id +} + +resource "aws_lb_listener" "main" { + load_balancer_arn = aws_lb.main.arn + port = 80 + protocol = "HTTP" + + default_action { + type = "forward" + target_group_arn = aws_lb_target_group.main.arn + } +} diff --git a/terraform/main.tf b/terraform/main.tf deleted file mode 100644 index 9eab65a..0000000 --- a/terraform/main.tf +++ /dev/null @@ -1,40 +0,0 @@ -resource "aws_security_group" "web_sg" { - name = "allow_web_traffic" - description = "Allow inbound web traffic" - - ingress { - from_port = 3000 - to_port = 3000 - protocol = "tcp" - cidr_blocks = ["0.0.0.0/0"] - } - - egress { - from_port = 0 - to_port = 0 - protocol = "-1" - cidr_blocks = ["0.0.0.0/0"] - } -} - -resource "aws_instance" "app" { - ami = "ami-0c55b159cbfafe1f0" - instance_type = "t2.micro" - key_name = var.key_name - - security_groups = [aws_security_group.web_sg.name] - - user_data = <<-EOF - #!/bin/bash - sudo apt update -y - sudo apt install docker.io -y - sudo systemctl start docker - sudo systemctl enable docker - - docker run -d -p 3000:3000 your-docker-image:latest # Replace with your Docker image - EOF - - tags = { - Name = "nx-app-instance" - } -} diff --git a/terraform/network.tf b/terraform/network.tf new file mode 100644 index 0000000..d3c451a --- /dev/null +++ b/terraform/network.tf @@ -0,0 +1,25 @@ +resource "aws_vpc" "main" { + cidr_block = "10.0.0.0/16" +} + +resource "aws_subnet" "main" { + count = 2 + vpc_id = aws_vpc.main.id + cidr_block = cidrsubnet(aws_vpc.main.cidr_block, 4, count.index) +} + +resource "aws_security_group" "web_sg" { + vpc_id = aws_vpc.main.id + ingress { + from_port = 3000 + to_port = 3000 + protocol = "tcp" + cidr_blocks = ["0.0.0.0/0"] + } + egress { + from_port = 0 + to_port = 0 + protocol = "-1" + cidr_blocks = ["0.0.0.0/0"] + } +} diff --git a/terraform/outputs.tf b/terraform/outputs.tf deleted file mode 100644 index c478acc..0000000 --- a/terraform/outputs.tf +++ /dev/null @@ -1,3 +0,0 @@ -output "instance_public_ip" { - value = aws_instance.app.public_ip -} diff --git a/terraform/variables.tf b/terraform/variables.tf deleted file mode 100644 index e99c42f..0000000 --- a/terraform/variables.tf +++ /dev/null @@ -1,4 +0,0 @@ -variable "key_name" { - description = "Name of the SSH key pair" - type = string -} From 4885b40efb6c8b6565e8dc6a1234f3b8904ebbb4 Mon Sep 17 00:00:00 2001 From: ankitsubhamjyoti2005 Date: Mon, 19 Aug 2024 14:07:53 +0530 Subject: [PATCH 3/6] modified: terraform/load-balancer.tf --- terraform/load-balancer.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/terraform/load-balancer.tf b/terraform/load-balancer.tf index 48723a7..d4d968f 100644 --- a/terraform/load-balancer.tf +++ b/terraform/load-balancer.tf @@ -15,7 +15,7 @@ resource "aws_lb_target_group" "main" { resource "aws_lb_listener" "main" { load_balancer_arn = aws_lb.main.arn - port = 80 + port = 3000 protocol = "HTTP" default_action { From 6836858a61905711da1554c3d95b97e2552bc4e2 Mon Sep 17 00:00:00 2001 From: ankitsubhamjyoti2005 Date: Mon, 19 Aug 2024 14:10:09 +0530 Subject: [PATCH 4/6] modified: terraform/ecs-cluster.tf --- terraform/ecs-cluster.tf | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/terraform/ecs-cluster.tf b/terraform/ecs-cluster.tf index fa20f8f..0aeae36 100644 --- a/terraform/ecs-cluster.tf +++ b/terraform/ecs-cluster.tf @@ -2,8 +2,8 @@ resource "aws_ecs_task_definition" "nx_task" { family = "nx-task" network_mode = "awsvpc" requires_compatibilities = ["FARGATE"] - cpu = "4096" # 4 vCPUs - memory = "8192" # 8 GB RAM + cpu = "4096" + memory = "8192" execution_role_arn = aws_iam_role.ecs_task_execution_role.arn task_role_arn = aws_iam_role.ecs_task_execution_role.arn @@ -11,7 +11,7 @@ resource "aws_ecs_task_definition" "nx_task" { container_definitions = jsonencode([ { name = "nx-app-container" - image = "your-docker-image:latest" # Replace with your Docker image + image = "your-docker-image:latest" portMappings = [ { containerPort = 3000 From df688cb2683bc1f50a27f7a7ddd22e0031513367 Mon Sep 17 00:00:00 2001 From: ankitsubhamjyoti2005 Date: Mon, 19 Aug 2024 14:18:16 +0530 Subject: [PATCH 5/6] new file: terraform/Dockerfile --- terraform/Dockerfile | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) create mode 100644 terraform/Dockerfile diff --git a/terraform/Dockerfile b/terraform/Dockerfile new file mode 100644 index 0000000..7612479 --- /dev/null +++ b/terraform/Dockerfile @@ -0,0 +1,25 @@ +FROM node:18-alpine AS build + +WORKDIR /app + +COPY package*.json ./ + +RUN npm install + +COPY . . + +RUN npx nx build pt-notification-service --configuration=production + +FROM node:18-alpine + +WORKDIR /app + +COPY --from=build /app/dist/apps/pt-notification-service ./pt-notification-service + +# Install production dependencies +COPY package*.json ./ +RUN npm install --only=production + +# Expose the port +EXPOSE 3000 +CMD ["node", "pt-notification-service/main.js"] \ No newline at end of file From 7969cf814a7063b7e061cb4122b09df3f35a8df7 Mon Sep 17 00:00:00 2001 From: ankitsubhamjyoti2005 Date: Mon, 19 Aug 2024 15:50:18 +0530 Subject: [PATCH 6/6] new file: Jenkins(ci-cd)/Jenkinsfile new file: Jenkins(ci-cd)/requirments --- Jenkins(ci-cd)/Jenkinsfile | 77 ++++++++++++++++++++++++++++++++++++++ Jenkins(ci-cd)/requirments | 11 ++++++ 2 files changed, 88 insertions(+) create mode 100644 Jenkins(ci-cd)/Jenkinsfile create mode 100644 Jenkins(ci-cd)/requirments diff --git a/Jenkins(ci-cd)/Jenkinsfile b/Jenkins(ci-cd)/Jenkinsfile new file mode 100644 index 0000000..e569bf5 --- /dev/null +++ b/Jenkins(ci-cd)/Jenkinsfile @@ -0,0 +1,77 @@ +pipeline { + agent any + + environment { + REPO_URL = "https://github.com/ankitsubhamjyoti2005/DevOps-Assessment" + IMAGE_NAME = "your-ecr-repo-url/nx-app:latest" + AWS_REGION = "us-west-2" + DOCKER_CREDENTIALS_ID = "docker-hub-credentials" + TERRAFORM_CREDENTIALS_ID = "aws-credentials" + } + + stages { + stage('Checkout Code') { + steps { + git branch: 'main', url: "${env.REPO_URL}" + } + } + + stage('Build Docker Image') { + steps { + script { + docker.build("${env.IMAGE_NAME}") + } + } + } + + stage('Push Docker Image to ECR') { + steps { + withCredentials([usernamePassword(credentialsId: "${env.DOCKER_CREDENTIALS_ID}", passwordVariable: 'DOCKER_PASSWORD', usernameVariable: 'DOCKER_USERNAME')]) { + sh """ + echo $DOCKER_PASSWORD | docker login -u $DOCKER_USERNAME --password-stdin + docker push ${env.IMAGE_NAME} + """ + } + } + } + + stage('Terraform Init') { + steps { + withCredentials([usernamePassword(credentialsId: "${env.TERRAFORM_CREDENTIALS_ID}", passwordVariable: 'AWS_SECRET_ACCESS_KEY', usernameVariable: 'AWS_ACCESS_KEY_ID')]) { + dir('terraform') { + sh 'terraform init' + } + } + } + } + + stage('Terraform Apply') { + steps { + withCredentials([usernamePassword(credentialsId: "${env.TERRAFORM_CREDENTIALS_ID}", passwordVariable: 'AWS_SECRET_ACCESS_KEY', usernameVariable: 'AWS_ACCESS_KEY_ID')]) { + dir('terraform') { + sh 'terraform apply -auto-approve -var="docker_image=${env.IMAGE_NAME}"' + } + } + } + } + + stage('Deploy to AWS Fargate') { + steps { + script { + echo "Deploying the application using ECS Fargate..." + dir('terraform') { + withCredentials([usernamePassword(credentialsId: "${env.TERRAFORM_CREDENTIALS_ID}", passwordVariable: 'AWS_SECRET_ACCESS_KEY', usernameVariable: 'AWS_ACCESS_KEY_ID')]) { + sh 'terraform apply -auto-approve' + } + } + } + } + } + } + + post { + always { + cleanWs() + } + } +} diff --git a/Jenkins(ci-cd)/requirments b/Jenkins(ci-cd)/requirments new file mode 100644 index 0000000..2a04e5f --- /dev/null +++ b/Jenkins(ci-cd)/requirments @@ -0,0 +1,11 @@ +Jenkins Server: You need a running Jenkins instance + + +Jenkins Plugins: + -Docker Pipeline Plugin + -Terraform Plugin + -Git Plugin + +Jenkins Credentials: + -Docker Registry credentials (e.g., Docker Hub or AWS ECR). + -AWS credentials (Access Key ID and Secret Access Key) for Terraform. \ No newline at end of file