DevOps from scratch: Creating the Base Infrastructure on AWS to Deploying Application to Kubernetes cluster.
This guide will help you set up the base infrastructure on AWS using CloudFormation, deploy a Jenkins server, SonarQube, Argo CD, Prometheus, and Grafana. You will also learn how to deploy an application to a Kubernetes cluster.
- AWS Account
- EC2 KeyPair - Create a new key pair in the EC2 Console and save the
.pem
file securely. - API Key from 'themoviedb.org'
- Connect to the newly created EC2 instance using "Session Manager" or by running "ssh -i "<KEY_PAIR_NAME.pem>" ec2-user@<EC2_PUBLIC_IP_ADDRESS>" from the command line (Start the command line from the folder which has the key pair or CD into it).
- Once logged in to the serial console of the EC2, execute "sudo cat /var/lib/jenkins/secrets/initialAdminPassword" and notedown the CREDENTIALS.
- Open a browser and connect to Jenkins with this URL: "http://<EC2_PUBLIC_IP_ADDRESS>:8080". Provide the CREDENTIALS from #STEP 2.2 and configure the first admin user for Jenkins.
- Open one more browser window for Sonarqube and visit this URL: "http://<EC2_PUBLIC_IP_ADDRESS>:9000". Provide the CREDENTIALS (USER:'admin' + PASS:'admin') and then update the default password on the next page.
- Once Logged in, Navigate to Administration >> Security >> Users >> Tokens >> Update Tokens >> Generate Token and keep it saved somewhere.
- Open the Jenkins Server, Navigate to Manage Jenkins >> Plugins >> Install 'SonarQube Scanner for Jenkins'
- Navigate to Manage Jenkins >> System >> SonarQube servers >> Name=sonar-server; Server URL=; Server authentication token >> Add > Jenkins > Domain=Global credentials > Kind=Secret text > Secret="TOKEN FROM STEP 2.5" > ID=sonar-token > Add.
- Navigate to Dashboard >> New Item >> Create your first pipeline and name it "CI". Use the "Jenkinsfile" or its contents for Pipeline Script.(Change the variable values accordingly before creating the pipeline) >> Build Now
- Log into the serial console of the EC2
- execute 'cd ../../'
- execute 'sudo bash netflix-clone/scripts/CheckServices.sh' >> See if all the requirements are met or not.
- execute 'cd netflix-clone/'
- Configure AWS CLI with your AWS access key and secret key
- execute 'aws eks update-kubeconfig --region ap-south-1 --name NetflixClone-cluster'
- kubectl create namespace argocd
- kubectl config set-context --current --namespace=argocd
- helm repo add argo https://argoproj.github.io/argo-helm
- helm install argocd argo/argo-cd
- kubectl edit svc argocd-server >>>>> Change type to LoadBalancer from ClusterIP
- kubectl get all >>>>> Access the LoadBalancer URL for ARGO CD Server
- kubectl get secret argocd-initial-admin-secret -o jsonpath="{.data.password}" | base64 -d >>>> Use the decoded password with 'admin' as username to log into the argocd console
- kubectl create -f ArgoNetflixManifest.yaml
Console >> Settings >> Repositories >> Connect Repo >> Git Repo Details
Console >> Applications >> New App >> Application Name + Project Name + SYNC POLICY=Automatic + Repository URL + Path(To ManifestFile) + DESTINATION -- Cluster URL=SelectAvailable + Namespace=default
- kubectl create namespace monitoring
- kubectl config set-context --current --namespace=monitoring
- helm repo add prometheus-community https://prometheus-community.github.io/helm-charts
- helm repo update
- helm install stable prometheus-community/kube-prometheus-stack
- kubectl get pods -l "release=stable"
- kubectl edit svc stable-kube-prometheus-sta-prometheus >>>> Change type to LoadBalancer from ClusterIP
- kubectl get svc
- helm repo add grafana https://grafana.github.io/helm-charts
- helm repo update
- helm install grafana grafana/grafana
- kubectl expose service grafana --type=NodePort --target-port=3000 --name=grafana-ext
- kubectl edit svc stable-grafana
- kubectl get secret grafana -o jsonpath="{.data.admin-password}" | base64 --decode ; echo
- If grafana is not accepting the password in the console, do this:
kubectl exec --stdin --tty <stable-grafana-POD-NAME> -- /bin/bash
grafana-cli admin reset-admin-password <NEW-PASSWORD>
- Login to your grafana console
- Navigate to Connections >> Add connections >> Search for 'Prometheus' >> Add New Data Sources
- Provide Name, Server URL(LoadBalancer of Prometheus Server URL) and Click on 'save & test'
- Navigate to Home >> Dashboards >> New Dashboard >> Import Dashboard and provide the ID of the the desired dashboard from https://grafana.com/grafana/dashboards/
- PORT-FORWARDING:
kubectl -n <NAMESPACE_NAME> port-forward service/<SERVICE_NAME> 8080:80
- CHANGE-CURRENT-NAMESPACE:
kubectl config set-context --current --namespace=<NAMESPACE_NAME>
- GET-ALL-LBs:
kubectl get all --all-namespaces | grep LoadBalancer
- EKSCTL-TO-CREATE-CLUSTER:
eksctl create cluster --name <CLUSTER-NAME> --version <VERSION> --fargate --with-oidc --region <REGION> --vpc-private-subnets <SUBNET-1>,<SUBNET-2> --tags <KEY>=<VALUE> --dry-run > EksctlClusterCreate.yml
eksctl create cluster -f EksctlClusterCreate.yml
eksctl delete cluster --region=<REGION> --name=<CLUSTER-NAME>