This repository contains instruction for setting up K8s cluster and setting up CI & CD pipeline on top of it.
This is my personal project where I am trying to setup Jenkins Pipeline for web application on top of Kubernetes Cluster.
- Cloud - AWS, AWSCLI, AWS IAM Authentication
- Kubernetes Cluster - kubectl, eksctl, istio
- Orchestration/CI-CD - Jenkins
- Pipeline - Jenkins Shared Library
- Web Application - Voting App (5 tier application)
- Tracing - Zipkin
- Observability - Kiali
| App Name | App Repo | App Branch | Helm Chart | Chart Branch | Comment |
|---|---|---|---|---|---|
| voting-app-vote | voting-app-vote | master | chart | voting-app | web application responsible recording vote |
| voting-app-result | voting-app-result | master | Chart | voting-app | web application responsible showing results |
| voting-app-worker | voting-app-worker | master | chart | voting-app | worker application, read data from redis cache and writes to database |
| voting-app-redis | voting-app-redis | master | chart | voting-app | contains Jenkinsfile responsible for calling helm charts for redis |
| voting-app-db | voting-app-db | master | chart | voting-app | contains Jenkinsfile responsible for calling helm charts for database |
Setup 1 pre1.sh
Steps:
- System update
- Kubectl installation
- Aws iam authentication installation
- Istio installation
- Aws cli setup
- Configure aws profile
chmod 777 pre1.sh
./pre1.sh
Setup 2 - pre2.sh
Steps:
- Creation of EKS cluster
- Helm installation
- Instio setup
- Ingress-nginx setup
- Jenkins setup
- Kiali ingress setup
- Zipkin ingress setup
- Secrets - kube-secret and aws-secret
- Setup Gateway and Virtual service
chmod 777 pre2.sh
./pre2.sh
Please amend docker credentials in pre2.sh
- Browse Jenkins using ingress url nginx-ingress
- Get the password jenkins-password
- Configure global shared library Repo - jenkins-shared-library Screenshot
- Make sure kube-secret, aws-secret and docker-config-secret are created
- Create Pipeline - db
- Create Pipeline - redis
- Create Pipeline - Vote
- Create Pipeline - Result
- Create Pipeline - Worker
- Configuring 1st pipeline image
- Viewing Jenkins pipelines image
- Configuring Global Shared Library image
- Viewing installed applications image
- Observe your Istio service mesh using Kiali image
- Viewing tracing using Zipkin image
kubectl create secret docker-registry docker-config-secret --docker-server=https://index.docker.io/v1/ --docker-username=your-username --docker-password=your-password [email protected] --namespace tooling
kubectl create secret generic kube-secret --from-file=config=kube-secret --namespace tooling
kubectl create secret generic aws-secret --from-file=config=.aws/config --from-file=credentials=.aws/credentials --namespace tooling
echo $(kubectl get svc ingress-nginx-ingress-controller -n ingress -o jsonpath='{ .status.loadBalancer.ingress[0].hostname }')
echo $(kubectl get svc istio-ingressgateway -n istio-system -o jsonpath='{ .status.loadBalancer.ingress[0].hostname }')
printf $(kubectl get secret --namespace tooling my-jenkins -o jsonpath="{.data.jenkins-admin-password}" | base64 --decode);echo
- Unable to schedule jenkins slave
Make sure k8s secrets are in place for both docker and kube config