Skip to content

Andreichenko/cdp_project

Repository files navigation

CDP Project (Continuous Delivery Pipeline)

Java Version Terraform Ansible Docker CI/CD Pipeline

This repository contains a full Continuous Delivery Pipeline demonstrating how to deploy a secure, Java-based Payment Web Application using Terraform for AWS infrastructure setup, Ansible for server configurations, and Jenkins for automated pipelines.


📐 1. Classic Infrastructure & Deployment (Tomcat & Docker)

Below is the workflow showing the classic deployment pipeline targeting dedicated EC2 VMs (Tomcat and Docker hosts):

graph TD
    Developer["💻 Developer"] -->|1. Git Push| GitHub["🐙 GitHub Repository"]
    GitHub -->|2. Webhook Trigger| Jenkins["🏗️ Jenkins CI/CD"]
    
    subgraph Build_Stage ["🛠️ Compilation & Packaging"]
        Jenkins -->|3. Compile & Test| Maven["📦 Maven (mvn package)"]
        Maven -->|4. Generate artifact| War["📄 webapp.war"]
    end

    subgraph AWS_Classic_Infra ["🌐 AWS Classic Infrastructure"]
        VPC["🌐 Common VPC"]
        VPC -->|Provision| JenkinsVM["🖥️ Jenkins Master VM"]
        VPC -->|Provision| TomcatVM["🖥️ Tomcat Server VM"]
        VPC -->|Provision| DockerVM["🖥️ Docker Host VM"]
    end

    subgraph Classic_Deploy ["🚀 Classic Deployment Paths"]
        JenkinsVM -->|Option A: SCP Copy| TomcatVM
        JenkinsVM -->|Option B: Docker Build & Push| Registry["🐳 Docker Hub Registry"]
        Registry -->|Pull & Run Container| DockerVM
    end
Loading

☸️ 2. Kubernetes Infrastructure & Deployment (AWS EKS & Helm)

Below is the infrastructure topology and delivery workflow of the containerized application targeting the AWS EKS Cluster using Helm:

graph TD
    Developer["💻 Developer"] -->|1. Git Push| GitHub["🐙 GitHub Repository"]
    GitHub -->|2. Webhook Trigger| Jenkins["🏗️ Jenkins CI/CD"]
    
    subgraph K8s_Build_Stage ["🛠️ Containerization Pipeline"]
        Jenkins -->|3. Build & Test| Maven["📦 Maven (mvn package)"]
        Maven -->|4. Docker Build| Docker["🐳 Docker Engine"]
        Docker -->|5. Push Image| Registry["🐳 Docker Hub Registry"]
    end

    subgraph AWS_EKS_Infra ["🌐 AWS EKS Infrastructure"]
        subgraph VPC_K8s ["🌐 Common VPC (10.0.0.0/16)"]
            subgraph Public_Subnet ["🔓 Public Subnet"]
                ALB["⚖️ ELB (LoadBalancer Service)"]
            end
            subgraph Private_Subnets ["🔒 Private Subnets"]
                EKS_Control["☸️ EKS Control Plane"]
                subgraph ASG ["📦 Auto Scaling Group"]
                    Node1["🖥️ Worker Node 1"]
                    Node2["🖥️ Worker Node 2"]
                    Node3["🖥️ Worker Node 3"]
                end
            end
        end
    end

    subgraph K8s_Deploy ["🚀 Helm Deployment to EKS"]
        Jenkins -->|"6. helm upgrade --install"| EKS_Control
        EKS_Control -->|"7. Deploy Pods"| ASG
        Registry -->|"8. Pull Image"| ASG
        
        subgraph Pods ["📦 App Pods (Replicas: 2)"]
            Pod1["tomcat:9.0-jre8-alpine (Payment Tool)"]
            Pod2["tomcat:9.0-jre8-alpine (Payment Tool)"]
        end
        
        ASG -->|Run| Pod1 & Pod2
        ALB -->|"9. Route: NodePort 31200"| Pod1 & Pod2
    end
Loading

Repository Structure

  • server/: Core Java library containing business logic (Payment Processing, transfers, transaction logs, and unit tests).
  • webapp/: Java Servlet & JSP Web Application frontend containing user dashboards.
  • terraform/: Infrastructure as Code configs for provisioning VPC, subnets, route tables, security groups, and 3 EC2 nodes (Jenkins, Tomcat, Docker) in AWS.
  • terraform/ansible/: Playbooks for bootstrapping Tomcat, Docker CE, and Jenkins Masters on EC2 instances.
  • packer/: OS hardening and pre-built base images configurations.

Prerequisites & Installation

1. Setup SSH Key

The Terraform script expects an SSH public key to associate with the created instances. You can define its location using the public_key_path variable:

terraform apply -var="public_key_path=~/.ssh/id_rsa.pub"

2. Configure Ansible Vault Password

The Ansible variables in terraform/ansible/vars/variables.yml are encrypted using Ansible Vault. To decrypt them during deployment, you need to create a .vault_pass file inside the terraform/ansible/ folder:

  1. Copy the example file:
    cp terraform/ansible/.vault_pass.example terraform/ansible/.vault_pass
  2. Open terraform/ansible/.vault_pass and replace the placeholder text with your actual Vault password.

CI/CD Pipelines

  1. GitHub Actions (CI):
    • Triggers on pull requests and pushes to master.
    • Automatically builds and tests the Java application (Java 8).
    • Automatically initializes and validates the Terraform syntax.
  2. Jenkinsfile (CD):
    • Declarative pipeline in Jenkinsfile with parallel deployment stages.
    • Compiles Java application into .war package.
    • Performs three deployment strategies: classic deployment to Tomcat server, containerized deployment to Docker host, and Kubernetes deployment to EKS cluster via Helm.

About

The Java client/server application consists of a client program that consumes services provided by a server program. The client requests services from the server by calling functions in the server application.

Resources

Stars

Watchers

Forks

Packages

 
 
 

Contributors