Working with Microservices-8: Preparing the staging pipeline in Jenkins, and deploying the microservices app to the Kubernetes cluster using Rancher, Helm, Maven, Amazon ECR, and Amazon S3. Part-1
We will prepare the staging pipeline in Jenkins, and deploy the “Java-based Spring pet clinic web application” consisting of 10 microservices to the Kubernetes cluster with Helm. We will prepare script files to run in the Jenkins pipeline, and then we will do; packaging, tagging, pushing, and deploying with these script files. We will create Rancher API Key to access the “Rancher” from the Jenkins pipeline. We will prepare Jenkinsfile and Jenkins Staging pipeline. Finally, we will be able to deploy the microservices app on the Kubernetes cluster by running a single “helm install” command in the Jenkins CI/CD pipeline. In this article will be created a full CI/CD Jenkins pipeline for microservices-based applications using the Spring pet clinic application consisting of microservices. We will do it all step by step.
Topics we will cover:
This article will be published in two parts.
The first part will contain the following (in this article);
1. Connecting to the Jenkins interface
2. Creating a repo on AWS ECR using the Jenkins pipeline
3. Preparing a script to create AWS ECR repo tags for the staging docker images
4. Preparing a script to build the staging docker images
5. Preparing a script to push the staging docker images
6. Preparing a script to package the microservice app with Maven
The second part will contain the following (next article);
8. Preparing Jenkinsfile
9. Checking the domain name of values-template.yaml
10. Pushing created files to the remote repo (GitHub)
11. Preparing and running Jenkins Staging Pipeline
12. Observe the output of the Jenkins Staging Pipeline using Rancher and Browser
13. Terminating the microservices-app cluster that we created using Rancher
14. Manually copying the Rancher cluster’s “KubeConfig” file into Jenkins (If Jenkins Pipeline is unable to copy the “KubeConfig” file to Jenkins)
15. As a result
16. Next post
17. References
If you like the article, I will be happy if you click on the Medium Following button to encourage me to write more, and not miss future articles.
Your clap, follow, or subscribe, they help my articles to reach the broader audience. Thank you in advance for them.
In our previous article “Working with Microservices-7: Creating a cluster for microservices application by using Rancher”, we created a cluster by using Rancher for the staging pipeline. Now, we continue from where we left off.
1. Connecting to the Jenkins interface
Copy your Jenkins server's public IP, as shown in Figure 1.
In order to connect to Jenkins, enter into your browser: http://<your_server_public_ip>:8080, then enter your admin and password values, and click on the sign-in button, as shown in Figures 2–3.
Jenkins's home page appears on the screen, as shown in Figure 3.
2. Creating a repo on AWS ECR using the Jenkins pipeline
Create a “Jenkins Job” and name it as “create-ecr-docker-registry-for-petclinic-staging” to create Docker Registry for “Staging pipeline” manually on AWS ECR, as shown in Figure 4.
Go to the build step section, and select “Execute Shell” from the drop-down menu. Then, copy the following content, and paste the “Execute Shell” box, click on the “Save” button, as shown in Figure 5.
PATH=”$PATH:/usr/local/bin” : When we enter any command on the command line, the shell asks to the PATH. PATH checks the command whether entered in the bin and etc directories. If it finds, the command will run, if not, it will send an error message. Here we add the /usr/local/bin directory to the PATH variable, in order not to have problems with the commands that will run in the script below.
* “APP_REPO_NAME” and “AWS_REGION” : We set our repo name and region variables with them in order to use them in aws ecrcommands.
The OR Operator “||”: The OR operator will execute the command that follows only if the preceding command fails, i.e., returns an exit code of 0. Thus, the first command “aws ecr describe” will check whether the repo that we specified in the “APP_REPO_NAME” variable is in AWS ECR. If there is no repo with that name, it will run the second command “aws ecr create” to create a repo in AWS ECR. (1)(2)
With “aws ecr create-repository” command (3);
* repository-name ${APP_REPO_NAME} : It will create a repo with this name.
* image-scanning-configuration scanOnPush=false : Amazon ECR image scanning helps in identifying software vulnerabilities in your container images (4). We turn this feature off with false.
* image-tag-mutability MUTABLE : With the “MUTABLE” statement, it allows images in the repo to be overwritten.
* region ${AWS_REGION} : The AWS ECR repo will be created in this region.
PATH="$PATH:/usr/local/bin"
APP_REPO_NAME="cmakkaya/microservices-application-staging"
AWS_REGION="us-east-1"
aws ecr describe-repositories --region ${AWS_REGION} --repository-name ${APP_REPO_NAME} || \
aws ecr create-repository \
--repository-name ${APP_REPO_NAME} \
--image-scanning-configuration scanOnPush=false \
--image-tag-mutability MUTABLE \
--region ${AWS_REGION}
In the left navigation pane, click the “Build now” button on the page that opens, as shown in Figure 6.
The pipeline ran and was completed successfully (Green tick and in the Console Output page) as shown in Figure 7.
Open the Amazon ECR console at the link, in the navigation pane, choose Repositories. You should see the created repository here, as shown in Figure 8.
3. Preparing a script to create AWS ECR repo tags for the staging docker images
Prepare a script to create ECR tags for the staging docker images and name it as “prepare-tags-ecr-for-staging-docker-images.sh” and save it under “jenkins” folder, as shown in Figure 9. (2)
Note: For more detailed information about script files and Jenkinsfile’s stages, I will write my notes in the “Working with Microservices-22: Detailed Explanation of The Scripts We Use in Jenkins Files and Pipelines” article at the end of this series. Otherwise, if I try to explain them all in this article like “Creating a repo on AWS ECR”, the article will be too long.
4. Preparing a script to build the staging docker images
Prepare a script to build the staging docker images tagged for the ECR registry and name it as “build-staging-docker-images-for-ecr.sh” and save it under “jenkins” folder, as shown in Figure 10.
5. Preparing a script to push the staging docker images
Prepare a script to push the staging docker images to the ECR repo and name it as “push-staging-docker-images-to-ecr.sh” and save it under “jenkins” folder, as shown in Figure 11.
6. Preparing a script to package the microservice app with Maven
Prepare a script to package “the microservice app” with Maven (5) and save it as “package-with-maven-container.sh” and save it under “jenkins” folder, as shown in Figure 12. Use below commands for script.
docker run --rm -v $HOME/.m2:/root/.m2 -v $WORKSPACE:/app -w /app maven:3.6-openjdk-11 mvn clean packageTo explain briefly about this script;
“docker run” command will create a container from maven:3.6-openjdk-11 image. Maven and OpenJDK-11 are running in the container.
“ -- rm” : this flag will automatically remove the container when it’s done.
With the “-v” parameter, to this container will assign the volume: $HOME/.m2(in Jenkins):/root/.m2(in the container) and $WORKSPACE(in Jenkins):/app(in the container). We can write `pwd` instead of $WORKSPACE, they both work.
$HOME/.m2:/root/.m2The script works without this part. The purpose of this section is not to download dependencies every time the container runs. We are assigning a second volume to the container, In this way, we will prevent time loss and bandwidth exhaustion by taking dependencies from here.
“-w /app”: this flag we assign the /appfolder as the container’s working directory.
In this Script command, we will package our Java code with the “mvn clean package” command and turn it into a “.Jar” file.
For more detailed information about this script file, I will write my notes in the “Working with Microservices-22: Detailed Explanation of The Scripts We Use in Jenkins Files and Pipelines” article at the end of this series. Otherwise, if I try to explain them all, the article will be too long.
7. Creating a Rancher API Key
Create Rancher API Key to enable access to the “Rancher” server.
Select User Avatar > API & Keys from the User Settings menu in the upper-right, as shown in Figure 13.
Click Create APIKey, as shown in Figure 14.
Enter a description for the API key (Optional). By choosing “No scope”, we ensured that the APIkeys to be created are valid in all clusters, as shown in Figure 15.
The API key won’t be valid after expiration. Shorter expiration periods are more secure.
We do not close this window, it will remain open for us to copy the credentials. If we close this window, we will not see it again. Take note, the “Access Key (username)” and “Secret Key (password)”, as shown in Figure 16.
API Keys are composed of four components (6):
- Endpoint: This is the IP address and path that other applications use to send requests to the Rancher API.
- Access Key: The token’s username.
- Secret Key: The token’s password. For applications that prompt you for two different strings for API authentication, you usually enter the two keys together.
- Bearer Token: The token username and password are concatenated together. Use this string for applications that prompt you for one authentication string.
When we click the “Done” button, we can see our APIkey in the pop-up window, as shown in Figure 17.
Go to Manage Jenkins → Manage Credentials → Jenkins → Global credentials (unrestricted) → Add Credentials on the Jenkins server, as shown in Figure 18.
Enter the following values in the new window, then click on the “create” button, as shown in Figure 19.
credentials kind : Username with password
- username: Access Key
- password: Secret Key
- id: rancher-microservice-credentials
Our Bearer Token has been created for Jenkins to connect to Rancher, as shown in Figure 20.
8. As a result
We successfully prepared script files to run in the Jenkins pipeline. We created a repo on AWS ECR for staging pipeline docker images. We created Rancher API Key to access the “Rancher” from the Jenkins pipeline.
We have prepared and completed a sample staging CI/CD process that can be used in similar projects.
You can find the necessary files in my GitHub repo.
If you liked the article, I would be happy if you click on the Medium Following button to encourage me to write and not miss future articles.
Your clap, follow or subscribe, they help my articles to reach the broader audience. Thank you in advance for them.
For more info and questions, please contact me on Linkedin or Medium.
9. Next post
In the next post, We will prepare Jenkinsfile and Jenkins Staging pipeline. Finally, we will be able to deploy the microservices app on the Kubernetes cluster by running Jenkins staging CI/CD pipeline in Jenkins. We will observe the output of the Jenkins Staging Pipeline using Rancher and browser. Finally, we will terminate the microservices-app cluster that we created using Rancher.
I hope you enjoyed reading this article. Don’t forget to follow my Medium or LinkedIn account to be informed about new articles. I wish you growing success in the DevOps and the Cloud way.
Happy Clouding…
10. References
(1)https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ecr/describe-repositories.html
(3) https://docs.aws.amazon.com/cli/latest/reference/ecr/create-repository.html#description
(4) https://docs.aws.amazon.com/AmazonECR/latest/userguide/image-scanning.html
(5) https://maven.apache.org/guides/introduction/introduction-to-the-lifecycle.html
(6) https://rancher.com/docs/rancher/v2.x/en/user-settings/api-keys/#creating-an-api-key
