Introduction about the all tools

Taken again 2nd demo of the all teh tools flow

What is Git?

Git is a free, open-source version control system (VCS) that helps developers manage their code. It's the most widely used tool VCS(version control system) Git is fast for committing, branching, merging, and comparing past versions Git is very high Performance and Flexibility,Security

Install Git in you local machine

https://git-scm.com/downloads/win

Please download the ---64-bit Git for Windows Setup.

Once download the git .exe file , double click and install the git on your machine

once installed right click on your local machine you can found Open Git batch here option, means git is installed successfully in your machine

GitHub account creation:: for creating github account EmailId is Required

go to link --https://github.com/signup?ref_cta=Sign+up&ref_loc=header+logged+out&ref_page=%2F&source=header-home

Enter Email & password ,Username click continue ---Account will create successfully image

Github::Github is a one of the SCM(Source code management) tool and store the Project code.

Repository: storage area of your source code. Create a Repository on GitHub

click Repositories

Enter Repository Name::

Public:: Anyone on the internet can see this repository.

Private:: You choose who can see and commit to this repository.

Click Create Repository

Repository Created SUccessfully with Default branch main

GitHub is a web-based platform for version control and collaboration, allowing developers to store and manage their code in repositories.

Version Control: :: GitHub uses Git, a distributed version control system, to track changes in code. This allows multiple people to work on the same project without overwriting each other's contributions.

Repositories::: where you can store your project files and track the history of changes made to those files.Public and private repos can be created depending on accessibility needs.

Fork::Fork means to make a copy of the repository into my own github account A fork is a copy of a repository

Fork done

Clone Project and Push Changes to Github Repository::

Go to Code and copy url

Go to Local Folder and right click and Open Git Bash here and it will navigate to gitbash

navigate to gitbash

Copy Repository URL

Git Commands::

git clone

git clone https://github.com/parasa7358/spring-petclinic.git

cd

git checkout

git status

git add --all

git status

git commit -m "commit message"

git push origin

All Steps::

HP@DESKTOP-E518Q66 MINGW64 ~/Desktop/Ifocus/AWS $ git clone [email protected]:parasa7358/spring-petclinic.git Cloning into 'spring-petclinic'... The authenticity of host 'github.com (20.207.73.82)' can't be established. ED25519 key fingerprint is SHA256:+DiY3wvvV6TuJJhbpZisF/zLDA0zPMSvHdkr4UvCOqU. This key is not known by any other names. Are you sure you want to continue connecting (yes/no/[fingerprint])? yes Warning: Permanently added 'github.com' (ED25519) to the list of known hosts. remote: Enumerating objects: 10425, done. remote: Counting objects: 100% (2/2), done. remote: Compressing objects: 100% (2/2), done. remote: Total 10425 (delta 0), reused 0 (delta 0), pack-reused 10423 (from 2) Receiving objects: 100% (10425/10425), 7.67 MiB | 706.00 KiB/s, done. Resolving deltas: 100% (3935/3935), done.

HP@DESKTOP-E518Q66 MINGW64 ~/Desktop/Ifocus/AWS $ cd spring-petclinic/

HP@DESKTOP-E518Q66 MINGW64 ~/Desktop/Ifocus/AWS/spring-petclinic (main) $ git checkout feature/2025.02.24 branch 'feature/2025.02.24' set up to track 'origin/feature/2025.02.24'. Switched to a new branch 'feature/2025.02.24'

HP@DESKTOP-E518Q66 MINGW64 ~/Desktop/Ifocus/AWS/spring-petclinic (feature/2025.02.24) $ git status On branch feature/2025.02.24 Your branch is up to date with 'origin/feature/2025.02.24'.

Changes not staged for commit: (use "git add ..." to update what will be committed) (use "git restore ..." to discard changes in working directory) modified: pom.xml

no changes added to commit (use "git add" and/or "git commit -a")

HP@DESKTOP-E518Q66 MINGW64 ~/Desktop/Ifocus/AWS/spring-petclinic (feature/2025.02.24) $ git add --all

HP@DESKTOP-E518Q66 MINGW64 ~/Desktop/Ifocus/AWS/spring-petclinic (feature/2025.02.24) $ git commit -m "This is first commit for this project and updated pom.xml" [feature/2025.02.24 434fce4] This is first commit for this project and updated pom.xml 1 file changed, 1 insertion(+)

HP@DESKTOP-E518Q66 MINGW64 ~/Desktop/Ifocus/AWS/spring-petclinic (feature/2025.02.24) $ git push ssh: Could not resolve hostname github.com: Name or service not known fatal: Could not read from remote repository.

Please make sure you have the correct access rights and the repository exists.

HP@DESKTOP-E518Q66 MINGW64 ~/Desktop/Ifocus/AWS/spring-petclinic (feature/2025.02.24) $ git push origin Enumerating objects: 5, done. Counting objects: 100% (5/5), done. Delta compression using up to 4 threads Compressing objects: 100% (3/3), done. Writing objects: 100% (3/3), 338 bytes | 338.00 KiB/s, done. Total 3 (delta 2), reused 0 (delta 0), pack-reused 0 (from 0) remote: Resolving deltas: 100% (2/2), completed with 2 local objects. To github.com:parasa7358/spring-petclinic.git 6c05fc9..434fce4 feature/2025.02.24 -> feature/2025.02.24

HP@DESKTOP-E518Q66 MINGW64 ~/Desktop/Ifocus/AWS/spring-petclinic (feature/2025.02.24) $

Screenshot::

A GitHub branching strategy is crucial for maintaining an organized workflow in version control. There are different strategies depending on the size of the project, the number of team members, and the desired workflow. Here are some common branching strategies used in GitHub:

main or master branch:: This is default branch and whenever we created the empty Repository by defauly main or master branche is created automatically. main or master branch always stable and live code

feature branch:: It could be a new feature, an improvement of existing features, bug fixes, or any other changes. A feature branch is a type of branch in Git typically used to develop new features for the software.feature branch will created from main or master OR feature branch created from latest release branch always based on the release cycle

formate:: feature/YYYY.MM.DD feature/2025.03.17

release branch:: Based on the release we have created release branch accourdingly and starts the next release cycle. always release branch created from master only and master have stable and live code and post release we shold merged code changes to master branch only

release/2025.03.17

hotfix branch:: always created from main or master branch only for production fixes.once production fix done we should merged directly to main or master branch only.

always created this hotfix branch for production issues fixes

bugfix:: this branch is created from release branch to fix the LLE(lower level environemnt)/Pre-Prod/UAT/Non-Prod issues and once LLE issues fixed ,we should pushed their changes to release branch only.

cloning references::

Generate SSHKeys::

syntax::ssh-keygen -t ed25519 -C "[email protected]"

Keys avaibale path and save the key (/c/Users/HP/.ssh/id_ed25519):

Please follow below links for more understanding

https://docs.github.com/en/authentication/connecting-to-github-with-ssh

https://docs.github.com/en/authentication/connecting-to-github-with-ssh/generating-a-new-ssh-key-and-adding-it-to-the-ssh-agent

Once genearted the keys (public/private) and copy public key to Github Account

Go to -->settings

Click SSH and GPG Keys

click New SSH Key

Add new SSH Key and click Add SSH Key

git clone [email protected]:ifocusbatch2/spring-petclinic.git

HP@DESKTOP-E518Q66 MINGW64 ~/Desktop/Ifocus/batch2_17 $ git clone [email protected]:ifocusbatch2/spring-petclinic.git Cloning into 'spring-petclinic'... The authenticity of host 'github.com (20.207.73.82)' can't be established. ED25519 key fingerprint is SHA256:+DiY3wvvV6TuJJhbpZisF/zLDA0zPMSvHdkr4UvCOqU. This key is not known by any other names. Are you sure you want to continue connecting (yes/no/[fingerprint])? yes Warning: Permanently added 'github.com' (ED25519) to the list of known hosts. remote: Enumerating objects: 10430, done. remote: Total 10430 (delta 0), reused 0 (delta 0), pack-reused 10430 (from 1) Receiving objects: 100% (10430/10430), 7.67 MiB | 1.17 MiB/s, done. Resolving deltas: 100% (3935/3935), done.

HP@DESKTOP-E518Q66 MINGW64 ~/Desktop/Ifocus/batch2_17 $ cd spring-petclinic/

HP@DESKTOP-E518Q66 MINGW64 ~/Desktop/Ifocus/batch2_17/spring-petclinic (main) $ git status On branch main Your branch is up to date with 'origin/main'.

Changes not staged for commit: (use "git add ..." to update what will be committed) (use "git restore ..." to discard changes in working directory) modified: pom.xml

no changes added to commit (use "git add" and/or "git commit -a")

HP@DESKTOP-E518Q66 MINGW64 ~/Desktop/Ifocus/batch2_17/spring-petclinic (main) $ git add --all

HP@DESKTOP-E518Q66 MINGW64 ~/Desktop/Ifocus/batch2_17/spring-petclinic (main) $ git commit -m "updated pom.xml file" [main b2e46bf] updated pom.xml file 1 file changed, 1 insertion(+), 1 deletion(-)

HP@DESKTOP-E518Q66 MINGW64 ~/Desktop/Ifocus/batch2_17/spring-petclinic (main) $ git push Enumerating objects: 5, done. Counting objects: 100% (5/5), done. Delta compression using up to 4 threads Compressing objects: 100% (3/3), done. Writing objects: 100% (3/3), 340 bytes | 340.00 KiB/s, done. Total 3 (delta 2), reused 0 (delta 0), pack-reused 0 (from 0) remote: Resolving deltas: 100% (2/2), completed with 2 local objects. To github.com:ifocusbatch2/spring-petclinic.git 2aa53f9..b2e46bf main -> main

HP@DESKTOP-E518Q66 MINGW64 ~/Desktop/Ifocus/batch2_17/spring-petclinic (main) $ git checkout -b feature/2025.03.17 Switched to a new branch 'feature/2025.03.17'

HP@DESKTOP-E518Q66 MINGW64 ~/Desktop/Ifocus/batch2_17/spring-petclinic (feature/2025.03.17) $ git status On branch feature/2025.03.17 Changes not staged for commit: (use "git add ..." to update what will be committed) (use "git restore ..." to discard changes in working directory) modified: pom.xml

no changes added to commit (use "git add" and/or "git commit -a")

HP@DESKTOP-E518Q66 MINGW64 ~/Desktop/Ifocus/batch2_17/spring-petclinic (feature/2025.03.17) $ git add --all

HP@DESKTOP-E518Q66 MINGW64 ~/Desktop/Ifocus/batch2_17/spring-petclinic (feature/2025.03.17) $ git status On branch feature/2025.03.17 Changes to be committed: (use "git restore --staged ..." to unstage) modified: pom.xml

HP@DESKTOP-E518Q66 MINGW64 ~/Desktop/Ifocus/batch2_17/spring-petclinic (feature/2025.03.17) $ git commit -m "added branch" [feature/2025.03.17 f393310] added branch 1 file changed, 1 insertion(+), 1 deletion(-)

HP@DESKTOP-E518Q66 MINGW64 ~/Desktop/Ifocus/batch2_17/spring-petclinic (feature/2025.03.17) $ git push fatal: The current branch feature/2025.03.17 has no upstream branch. To push the current branch and set the remote as upstream, use

git push --set-upstream origin feature/2025.03.17

To have this happen automatically for branches without a tracking upstream, see 'push.autoSetupRemote' in 'git help config'.

HP@DESKTOP-E518Q66 MINGW64 ~/Desktop/Ifocus/batch2_17/spring-petclinic (feature/2025.03.17) $ git push origin feature/2025.03.17 Enumerating objects: 5, done. Counting objects: 100% (5/5), done. Delta compression using up to 4 threads Compressing objects: 100% (3/3), done. Writing objects: 100% (3/3), 302 bytes | 302.00 KiB/s, done. Total 3 (delta 2), reused 0 (delta 0), pack-reused 0 (from 0) remote: Resolving deltas: 100% (2/2), completed with 2 local objects. remote: remote: Create a pull request for 'feature/2025.03.17' on GitHub by visiting: remote: https://github.com/ifocusbatch2/spring-petclinic/pull/new/feature/2025.03.17 remote: To github.com:ifocusbatch2/spring-petclinic.git

• [new branch] feature/2025.03.17 -> feature/2025.03.17

Raise PR (Pull Request) :: Merge the code from one branch to another branch that is called pull request

below are the steps to raise PR::

Go to -->Pull requests and click

Click New Pull Request::

please select base & compare branches so here base branch is release/2025.02.25 and compare branch is feature/2025.02.25

i'm going to merge code changes from feature branch to release branch

click create pull request

parasa7358 wants to merge 1 commit into release/2025.02.25 from feature/2025.02.25

click merge request

confirm merge

Merged

If multiple developers OR DevOps Engineers are working on same Project/MOdules, if they tried to commits thier code changes to Repository, it will faces the conflicts issues and how to resolved those conflicts issues in real time projects

Avoide conflicts:: Before pushing the code changes to github repository, make sure, you should be run the command -->git pull

git pull --->git pull command is use, copies changes from a remote repository directly into your working directory (local directory) and merged code changes from remote repository to local repository git fetch ---->The git fetch command only fetch the changes into your local Git repo and it will not merged anything. just fetch the details

Please create A,B,C directories in your local machine and clone the project code separately

Editor steps for Resolved the conflicts::

editor::

1.press i from your keyboard, INCERT 2.press the esc from your keyboard at top left corner 3.shift+: 4.wq

Developer-A Activity::

git checkout feature/2025.02.27 error: pathspec 'feature/2025.02.27' did not match any file(s) known to git

HP@DESKTOP-E518Q66 MINGW64 ~/Desktop/A/spring-petclinic (main) $ git pull From github.com:parasa7358/spring-petclinic

• [new branch] feature/2025.02.27 -> origin/feature/2025.02.27 Already up to date.

HP@DESKTOP-E518Q66 MINGW64 ~/Desktop/A/spring-petclinic (main) $ git checkout feature/2025.02.27 branch 'feature/2025.02.27' set up to track 'origin/feature/2025.02.27'. Switched to a new branch 'feature/2025.02.27'

HP@DESKTOP-E518Q66 MINGW64 ~/Desktop/A/spring-petclinic (feature/2025.02.27) $ git status On branch feature/2025.02.27 Your branch is up to date with 'origin/feature/2025.02.27'.

Untracked files: (use "git add ..." to include in what will be committed) Jenkinsfile

nothing added to commit but untracked files present (use "git add" to track)

HP@DESKTOP-E518Q66 MINGW64 ~/Desktop/A/spring-petclinic (feature/2025.02.27) $ git add --all warning: in the working copy of 'Jenkinsfile', LF will be replaced by CRLF the next time Git touches it

HP@DESKTOP-E518Q66 MINGW64 ~/Desktop/A/spring-petclinic (feature/2025.02.27) $ git status On branch feature/2025.02.27 Your branch is up to date with 'origin/feature/2025.02.27'.

Changes to be committed: (use "git restore --staged ..." to unstage) new file: Jenkinsfile

HP@DESKTOP-E518Q66 MINGW64 ~/Desktop/A/spring-petclinic (feature/2025.02.27) $ git commit -m "Added jenkins file for Feb Release" [feature/2025.02.27 9ad4ee0] Added jenkins file for Feb Release 1 file changed, 22 insertions(+) create mode 100644 Jenkinsfile

HP@DESKTOP-E518Q66 MINGW64 ~/Desktop/A/spring-petclinic (feature/2025.02.27) $ git push Enumerating objects: 4, done. Counting objects: 100% (4/4), done. Delta compression using up to 4 threads Compressing objects: 100% (3/3), done. Writing objects: 100% (3/3), 483 bytes | 241.00 KiB/s, done. Total 3 (delta 1), reused 0 (delta 0), pack-reused 0 (from 0) remote: Resolving deltas: 100% (1/1), completed with 1 local object. To github.com:parasa7358/spring-petclinic.git e4b9aa2..9ad4ee0 feature/2025.02.27 -> feature/2025.02.27

HP@DESKTOP-E518Q66 MINGW64 ~/Desktop/A/spring-petclinic (feature/2025.02.27) $

Developer-B Activity::

HP@DESKTOP-E518Q66 MINGW64 ~/Desktop/B/spring-petclinic (feature/2025.02.27) $ git pull Already up to date.

HP@DESKTOP-E518Q66 MINGW64 ~/Desktop/B/spring-petclinic (feature/2025.02.27) $ git status On branch feature/2025.02.27 Your branch is ahead of 'origin/feature/2025.02.27' by 2 commits. (use "git push" to publish your local commits)

nothing to commit, working tree clean

HP@DESKTOP-E518Q66 MINGW64 ~/Desktop/B/spring-petclinic (feature/2025.02.27) $ git push Enumerating objects: 9, done. Counting objects: 100% (8/8), done. Delta compression using up to 4 threads Compressing objects: 100% (5/5), done. Writing objects: 100% (5/5), 586 bytes | 293.00 KiB/s, done. Total 5 (delta 3), reused 0 (delta 0), pack-reused 0 (from 0) remote: Resolving deltas: 100% (3/3), completed with 2 local objects. To github.com:parasa7358/spring-petclinic.git 9ad4ee0..ed57c5e feature/2025.02.27 -> feature/2025.02.27

Developer-C Activity::

HP@DESKTOP-E518Q66 MINGW64 ~/Desktop/C/spring-petclinic (feature/2025.02.27) $ git status On branch feature/2025.02.27 Your branch is ahead of 'origin/feature/2025.02.27' by 2 commits. (use "git push" to publish your local commits)

nothing to commit, working tree clean

HP@DESKTOP-E518Q66 MINGW64 ~/Desktop/C/spring-petclinic (feature/2025.02.27) $ git push Enumerating objects: 33, done. Counting objects: 100% (24/24), done. Delta compression using up to 4 threads Compressing objects: 100% (9/9), done. Writing objects: 100% (13/13), 1.14 KiB | 233.00 KiB/s, done. Total 13 (delta 5), reused 0 (delta 0), pack-reused 0 (from 0) remote: Resolving deltas: 100% (5/5), completed with 5 local objects. To github.com:parasa7358/spring-petclinic.git ed57c5e..80681f1 feature

Please be practice above 3 users activity in real time bases

Jenkins Introductiion::

Jenkins is a free and open source automation server/tool. It helps automate the parts of software development related to building, testing, and deploying, facilitating continuous integration and continuous delivery.

Jenkins is a Orchestration tool

Jenkins is a CI/CD tool

Jenkins is a Schedular

Jenkins is a crone job schedular

LLE/Pre-prod/UAT ---automatically ---contunutineus deployemt LLE/Pre-prod/UAT ---Manually ---contunutineus delivery

Continuous Integration(CI)::the practice of automating the integration of code changes from multiple Developers into a single software project. It's a primary DevOps best practice, allowing developers to frequently merge code changes into a central repository,after which automated builds and tests are run automatically.

developers frequently commit to a shared repository using a version control system such as Git,A continuous integration automatically builds and runs unit tests on the new code changes to immediately using jenkins Orchestration.

Continuous Delivery (CD)::Continuous Delivery is a software development practice in which code changes are automatically built, tested, and prepared for release to production in a consistent and reliable manner. The key distinction of continuous delivery is that the process of deploying the code to production is done manually by a human decision-maker.

Continuous Deployment(CD) :: Continuous Deployment is an extension of continuous delivery. With continuous deployment, every change that passes through the automated tests and builds is automatically deployed to production without any human intervention. The deployment process is fully automated.

Roles And Responsibilities::

1)The devops engineer was responsibility to release the product to the market as soon as possible 2)release the product speed to the market 3)Devops engineer was give continues feedback to the developers 4) Devops engineer responsibility start from git and end with production

A) when your activity start from git and end with production environment(production servers)Continues deployment when your activity start from git to LLE(lower level environment,testing environment,pre-prod…et) environment(pre-production servers)Continues delivery non-production environment

Download JDK 17 ::

https://www.oracle.com/java/technologies/javase/jdk17-archive-downloads.html

Windows x64 Installer 153.92 MB https://download.oracle.com/java/17/archive/jdk-17.0.12_windows-x64_bin.exe (sha256 )

OR

Windows x64 Compressed Archive 172.87 MB https://download.oracle.com/java/17/archive/jdk-17.0.12_windows-x64_bin.zip (sha256 )

Download Maven::

https://maven.apache.org/download.cgi

Source zip archive apache-maven-3.9.9-src.zip

====================

JDK 17 Environment setup::

Go to Search box & type Edit the system environemnt variables and click

It will navigate to System properties

Open Environemnt Variables

User variables:: JAVA_HOME=C:\Users\HP\Downloads\jdk-17.0.12_windows-x64_bin\jdk-17.0.12

System variable::

%JAVA_HOME%\bin %MAVEN_HOME%\bin

Maven setup:: MAVEN_HOME=C:\Users\HP\Downloads\apache-maven-3.9.9-bin\apache-maven-3.9.9

Download link https://maven.apache.org/download.cgi

Make sure we should setup the path at system variable

JAVA_HOME & MAVEN_HOME

now verify the java version & maven version:: go to git bash and verify. below are refreenced screenshots

java -version

mvn -v

once above setup is ready then we will proceed to installe jenkins

================

Installed jenkins in Windows:: https://www.jenkins.io/download/

Go to google search -->download jenkins war file for windows

Click --->WAR file link

Please follow the below link steps to installed jenkins in your windows machines

https://www.jenkins.io/doc/book/installing/war-file/

Steps::

https://www.jenkins.io/download/

1. First download the jenkins.war file and right click -->open gitbash here
2. run the command -->java -jar jenkins.war --httpPort=9090

Browse to http://localhost:9090 and wait until the Unlock Jenkins page appears

Installed the default suggested plugins

click on continue

Need to create jenkins user profile

USER Name--->admin (any name you can provide) PASSWORD -->admin (any password as your wish but make sure you should remembered the these credentials)

Click New Item

Configuration stages::

1.General

2.Source code management (SCM)

3.Triggres

4.Environment

5.Build Steps

6.Post Build Actions

General Section provide the Project/job description

At SCM stage level select the Git and provide the github details

Branches to build

Poll SCM:: i want triggered the jenkins job build every minute

Build steps::select the Invoke top-level Maven targets Goals section

mvn clean install

Maven goals::

mvn test

mvn install

mvn clean install

mvn clean

mvn package

Job will be created

Click Build Now

Buils is Inprogress

To automate the process of discarding old builds, you can configure the job’s settings to automatically delete old builds based on criteria such as the number of builds to keep or the age of the builds.

Follow these steps:

Open the Jenkins job (project). Click on Configure (on the left-hand side). Scroll down to the Build Discarder section (usually under the Build Triggers section). Check Discard old builds. Specify the following options: Max # of builds to keep: Set the maximum number of builds to keep. Max days to keep builds: Set the maximum age for builds to keep. Save the configuration by clicking Save.

Poll SCM ::Jenkins server ask git if there is any changes in git server or not, if changes there Jenkins server build/package the changes , every change build happened like 5 mints ,means every 5 minutes verify the Jenkins server to git if there is any changes

POLL SCM ----* * * * * --every minute when every commit

Go to jenkins Dashboard click New Item

Description

Provide the Git URL

Branch buiild

POLL SCM:: * * * * *

every minute build was trigger when new commits happend in github repository

Build Steps::

1.By Default execute the Jenkins build jobs are sequence way,one by one

2.Don’t do 2 projects build parallel this is real time scenario but we can do parallel builds as well one job

Jenkins build parallel setup Go job ---> configure ----> Generall ---> Execute concurrent builds if necessary

Here 5 builds execute parallel ,I kept executor is 5 this is same machine

Build Periodically::: H/15 * * * * ----this build happened every 5 minutes without commits ,if changes are commit or not but every 5 mints build happened in Jenkins

Description

Git url::

Build the branch

every 5 mints build will trigger

Build Periodically::: H/15 * * * * ----this build happened every 5 minutes without commits ,if changes are commit or not but every 5 mints build happened in Jenkins

click save

SCM::

 Where is your project

Build environment::

---all about your workspace folders

Build Triggers::

--whenever code changes --periodic ---script calls

Build steps::

Dev team will tell ,

Post build::

That aim is giving continue feedback to dev team

--send mails --build pass/fail --CI

1.configure system

--number of executors --E-mail notifications --internall org SMTP

We don’t change anything in system level configurations

--matrix security ---jenkins level security

Above options we can’t do anything in your organization

Java::

Maven::

Manage jenkins --->plugins

Availabe plugins Installed plugins

if you want installe new plugin ::

Go to Availabe plugins and erach plugins name

Once insatlled the plugin we will get the UI(User Interface) and it will not installed any software just get the UI

Parameterized Jenkins Jobs ::

In Jenkins, parameterized jobs allow you to customize job executions by passing different values or parameters. This can be useful for various reasons, such as running tests for different environments, branches, or using different configurations, all within the same job.

Run the same job with different inputs without modifying the configuration manually

Go To New Item

Enter Job Name, Free style project and click ok

Enter the description

Select the option This project is parameterised

Click Add Parameter

Select optiions String parameter or choise parameter or boolean parameter you can select the ny options based on your requirement

select string parameter

Select Choise Parameter

choise parameter

Click Save

You Can observed this project is parameterized

Click Build with parameter

select deployment environment

select which versioj you want to deployment like tis you can configured real time parameterized project in jenkins

Click Build

Building 3 Projects::

Project-A,Projec -B,Projec - C

Projec A is (Downstream project is ---Projec B)

Projec B is (UP Stream project for ----Projec A)

Projec C is (downstream project --Projec B)

i created 3 free style project in jenkins

Github URL::: https://github.com/parasa7358/spring-petclinic.git

Post Build Action , select the option Build Other Project Project-B

Github URL:::https://github.com/parasa7358/onlinebookstore.git

Post Build Action , select the option Build Other Project Project-C

Github URL:::https://github.com/parasa7358/game-of-life.git

Days to keep builds---->give 15 Max # of builds to keep ==give 10

In project -A ,please enabled POLL SCM -----> * * * * *

Every minute jenkins server verify is any new commits happend in github repository or not

NOTE:: please make few changes in Project-A then push those changes to github repository ,Now project-A Automatic Buiod will trigger Once Project-A build Success,then will start Project-B build automatically, Once Project-B success,then Project-C build will start Automatic Without manual intervension all 3 Projects Build will triggered.

Post build Action i want to published artifacts & test results

I'm going to created one free style job and configured Post-build Actions

In post build Action select the option Archive the artifacts

target/.war OR target/.jar OR target/.zip OR target/.ear

In post build Action select the option Publish JUnit test result report for to published the test results

target/surefire-reports/*.xml

ls target

Post build action stage

Select archive the artifact --target/*.jar

Junit test results:: --target/surefire-reports/*.xml

3.For every company will do sequence build on one project this is recommended approach

Pipelines Introduction:::

A Jenkins pipeline is a series of automated steps or stages that define the process of continuous integration/continuous delivery (CI/CD) for your code. Jenkins, being a popular open-source automation server, uses pipelines to automate tasks like building, testing, and deploying code.

There are two types of Jenkins pipelines:

1. Declarative Pipeline

2. Scripted Pipeline

3. Declarative Pipeline:: The declarative pipeline syntax is simpler and more structured. It's the recommended style for most users because it's easy to read and maintain

Here's an example of a simple declarative pipeline:

pipeline{

agent any

stages{

Stage ('Clone'){

steps{

// write code } }

Stage ('Build'){ steps{

// write code } // write code

}

Stage ('Test'){

steps{

// write code } // write code

} Stage ('Execute test casea and get the results'){

steps{

// write code } // write code

}

Stage ('Generated Artifact'){

steps{

// write code } // write code

}

Stage ('Deploy'){

steps{

// write code } // write code

}

// write code

}

}

The Pipeline: Stage View Plugin is a Jenkins plugin used to provide a graphical view of Jenkins pipeline executions. It gives users an easy-to-read, interactive, and detailed visualization of their pipeline stages, which can be very helpful for monitoring and debugging Jenkins jobs. Here's a breakdown of what this plugin does:

To use the Pipeline: Stage View Plugin, you need to have it installed on your Jenkins server. Here's how you can do that:

Go to Manage Jenkins > Manage Plugins.

Under the Available tab, search for Pipeline: Stage View Plugin and install it.

After installation, Jenkins may need a restart for the plugin to take effect.

Please try to create one pipeline job in jenkinsfile and execute the below Declarative pipeline example:;

pipeline { agent any

stages {
    stage('Clone') {
        steps {
            git branch: 'feature/2025.02.27', url: '[email protected]:parasa7358/spring-petclinic.git'
        }
    }
    stage('Build') {
        steps {
            sh 'mvn package'
        }
    }
    
    stage('Test') {
        steps {
            sh 'mvn test'
        }
    }
    stage('Test Results Reports') {
        steps {
            junit 'target/surefire-reports/*.xml'
        }
    }
    
    stage('Artifacts') {
        steps {
            archiveArtifacts artifacts: 'target/*.war', followSymlinks: false
        }
    }
    stage('Deploy') {
        steps {
            echo 'Hello World'
        }
    }
}

}

pipeline: This is the top-level structure. agent: Specifies where the pipeline will run, such as on any available agent, a specific node, or a Docker container. stages: Defines the different steps or stages in the pipeline (e.g., Build, Test, Deploy). steps: Commands to be executed in each stage.

2. Scripted Pipeline::

The scripted pipeline offers more flexibility, but it is less structured and can be harder to maintain. It uses Groovy syntax to define the pipeline.

Here's an example of a scripted pipeline:

node { try { stage('Build') { echo 'Building the application...' // Your build commands here }

    stage('Test') {
        echo 'Running tests...'
        // Your test commands here
    }

    stage('Deploy') {
        echo 'Deploying the application...'
        // Your deploy commands here
    }


    Please try to create one new jenkins pipeline job and execute below script for Scripted pipeline examples

    node {
    stage('Clone') {
            git branch: 'master', url: 'https://github.com/parasa7358/onlinebookstore.git'
		}
		
		 stage('Build') {
    
            sh 'mvn package'
    
		}
		stage('Test') {
    
            sh 'mvn test'
    
		}
    }

node: Represents a Jenkins agent where the pipeline will run.

Both declarative and scripted pipelines are stored as Jenkinsfiles, which you place in your source code repository. This allows you to version control your pipeline and keep it aligned with your application code.

pipeline { agent any

stages {
    stage('Clone') {
        steps {
            git branch: 'main', url: '[email protected]:parasa7358/spring-petclinic.git'
        }
    }
    stage('Build') {
        steps {
            sh 'mvn package'
        }
    }
    
    stage('Test') {
        steps {
            sh 'mvn test'
        }
    }
    stage('Test Results Reports') {
        steps {
            junit 'target/surefire-reports/*.xml'
        }
    }
    
    stage('Artifacts') {
        steps {
            archiveArtifacts artifacts: 'target/*.war', followSymlinks: false
        }
    }
    stage('Deploy') {
        steps {
            echo 'Hello World'
        }
    }
}

}

This pipeline:::

1 Checks out the source code from your Git repository. 2. Builds the project using Maven. 3.Runs unit tests. 4.Deploys the application using a custom script.

JOb creation::

Branches to build

Script Path::: This path is Jenkinsfiles where we maintained in github source code level

node { agent any

stages {
    stage('Clone') {
        steps {
            git branch: 'main', url: '[email protected]:parasa7358/spring-petclinic.git'
        }
    }
    stage('Build') {
        steps {
            sh 'mvn package'
        }
    }
    
    stage('Test') {
        steps {
            sh 'mvn test'
        }
    }
    stage('Test Results Reports') {
        steps {
            junit 'target/surefire-reports/*.xml'
        }
    }
    
    stage('Artifacts') {
        steps {
            archiveArtifacts artifacts: 'target/*.war', followSymlinks: false
        }
    }
    stage('Deploy') {
        steps {
            echo 'Hello World'
        }
    }
}

}

github sourcecode jenkinsfile

Apache Tomcat is an open-source web server and servlet container developed by the Apache Software Foundation. It is primarily used to serve Java applications and is one of the most popular servlet containers in the world.

Tomcat is an essential tool for anyone working with Java web applications. It provides a simple, reliable platform for deploying and managing Java Servlets and JSPs and is widely used in both development and production environments. Its ease of use, combined with powerful features and flexibility, makes it an ideal choice for many developers working on Java-based web applications.

Apache Tomcat is an open-source web server and servlet container that is primarily used to serve Java-based web applications. It implements several Java EE (Enterprise Edition) specifications, such as Java Servlet, JavaServer Pages (JSP), and WebSocket, among others. Tomcat is often used to run Java applications on the web because it's lightweight, easy to configure, and widely supported.

Here are some key points about Tomcat:

1. Servlet Container: Tomcat is a servlet container, meaning it manages the lifecycle of Java Servlets, which are small Java programs that run on a web server.

2. JSP Support: Tomcat also supports JavaServer Pages (JSP), a technology that allows for embedding Java code within HTML pages.

3. Configuration: It’s highly configurable through XML files, like server.xml for server settings, web.xml for application settings, and others.

4. Lightweight: Unlike full-fledged application servers like WildFly (formerly JBoss) or GlassFish, Tomcat is primarily a servlet and JSP container, which makes it lighter and easier to deploy for simpler Java web applications.

5. Performance: It’s known for good performance in handling static content, making it a popular choice for Java web developers.

https://tomcat.apache.org/download-90.cgi

64-bit Windows zip

Integrating Tomcat with Jenkins is a common use case for automating the deployment of Java-based web applications. Jenkins can be set up to deploy a web application to a Tomcat server whenever a new build is triggered.

Prerequisites:

Apache Tomcat should be installed and running on your server. Jenkins should be installed and running.

Steps to integrate Jenkins with Tomcat:

1. Install the "Deploy to Container" Plugin in Jenkins: The easiest way to deploy to Tomcat from Jenkins is by using the Deploy to Container plugin. This plugin allows Jenkins to deploy WAR files to a Tomcat server.

Go to your Jenkins dashboard. Click on Manage Jenkins > Manage Plugins. In the Available tab, search for Deploy to Container Plugin and install it. Once installed, restart Jenkins to apply the plugin.

2. Configure Tomcat Server in Jenkins: Now you need to tell Jenkins where your Tomcat server is running.

In Jenkins, go to Manage Jenkins > Configure System. Scroll down to the Deploy to container section. Click Add Tomcat Server.

Provide the necessary information: Name: Give the Tomcat server a name (Tomcat9). URL: The URL of your Tomcat server (e.g., http://localhost:8080). Username: The username for Tomcat's manager app (usually admin). Password: The password for that username (set in Tomcat's tomcat-users.xml). Save the configuration.

3. Configure Tomcat’s tomcat-users.xml: Make sure Tomcat is set up to allow Jenkins to deploy the application by editing the tomcat-users.xml file.

https://stackoverflow.com/questions/7763560/401-unauthorized-error-while-logging-in-manager-app-of-tomcat

Restart Tomcat to apply the changes.

4. Create a Jenkins Job to Build and Deploy the Application: Next, you need to create a Jenkins job that will build your web application (e.g., a WAR file) and deploy it to Tomcat.

From the Jenkins dashboard, click New Item.

Select Freestyle Project, give it a name, and click OK.

In the job configuration, go to the Build section and configure your build step, such as building a Maven project For Maven, you can use:

mvn clean install

In the Post-build Actions section, add Deploy war/ear to a container.

In the WAR/EAR files field, provide the path to your WAR file (e.g., target/my-app.war). In the Container field, choose the Tomcat server you configured earlier. Set the Context Path (e.g., IfocusAWSDevOpsTraining), which is the URL path where the application will be accessible on Tomcat. If you want Jenkins to deploy automatically after every successful build, check the option Deploy after every successful build. Save the job.

5. Trigger the Build and Deployment: Go to the Jenkins job you just created and click Build Now to trigger a build. After the build completes, Jenkins should deploy the WAR file to your Tomcat server.

You can access your application by going to http://<tomcat_host>:<tomcat_port>/<context_path>

example:: http://localhost:8080/IfocusApplication/

POLL SCM:: * * * * * (every minute automatic build & deployment happend when new commits happend in github) This setup will allow Jenkins to automatically build and deploy your Java web application to Tomcat with each new build

Polling SCM (Source Code Management) and webhooks are two common methods used for integrating continuous integration (CI) systems or automating tasks based on changes in repositories.

1. Polling SCM Polling SCM is a method where a system (like Jenkins, GitLab CI, etc.) periodically checks the source code repository for changes. If it detects changes, it triggers the build process or some other automated task.

How it works:

A job is set up to check the SCM (like GitHub, GitLab, Bitbucket, etc.) at regular intervals (e.g., every minute or hour).

The CI server pulls the repository to see if there are any new commits since the last poll.

If changes are detected, it triggers the CI/CD pipeline to build, test, or deploy the application.

2. Webhooks Webhooks provide a more efficient method for triggering actions based on changes in the repository. Rather than the CI system polling for changes, the source control platform sends an HTTP POST request (webhook) to the CI system when an event (like a commit or pull request) occurs.

at Build step select the Execute shell

git clone https://github.com/parasa7358/spring-petclinic.git

cd spring-petclinic

mvn install

Please go throw the recorded video session and follow the steps to create the free tier AWS account

please create one new pipeline job

Provide the Description

Enabled POLL SCM

In Pipeline Section write groovy script using Declarative style

pipeline { agent any

tools{

    maven 'maven'
}

stages{ stage('Git checkout'){

steps{

    git branch: 'main' url: 'https://github.com/parasa7358/Petclinic.git'

}

}

stage('clean and install'){

steps{

  sh 'mvn clean install'

}

}

stage('Package'){

steps{

  sh 'mvn package'

}

}

stage('Archive the Artifacts'){

steps{

  sh 'mvn clean install'
}
post{
    success{

        archiveArtifacts artifacts: '**target/*.war'
    }
}

}

stage('Test Cases'){

steps{

  sh 'mvn test'

}

}

stage('Deploy to tomcat server'){

steps{

  deploy adapters: [tomcat9(credentialsId: 'tomcat9credentials', path: '', url: 'http://localhost:8080/')], contextPath: 'Ifocus Solutions Pvt Ltd', war: '**/*.war'

}

}

} }

Run the job

To integrate Jenkins with Tomcat using the Declarative Pipeline approach, you'll be using Jenkins Pipeline syntax to automate the deployment process to a Tomcat server. This process typically involves building the application, packaging it, and then deploying it to Tomcat.

1. Jenkinsfile Configuration (Declarative Pipeline)

In your Jenkins project, you'll create a Jenkinsfile, which contains the Declarative Pipeline syntax. This file defines the steps involved in the CI/CD pipeline.

Please execute below script in jenkins pipeline job using Declarative style

pipeline { agent any

tools{

    maven 'maven'
}

stages{ stage('Git checkout'){

steps{

    git branch: 'feature/2025.03.12', url: 'https://github.com/parasa7358/Petclinic.git'

}

}

stage('clean and install'){

steps{

  sh 'mvn clean install'

}

}

stage('Package'){

steps{

  sh 'mvn package'

}

}

stage('Archive the Artifacts'){

steps{

  sh 'mvn clean install'
}
post{
    success{

        archiveArtifacts artifacts: '**target/*.war'
    }
}

}

stage('Test Cases'){

steps{

  sh 'mvn test'

}

}

stage('Deploy to tomcat server'){

steps{

  deploy adapters: [tomcat9(credentialsId: 'tomcat9credentials', path: '', url: 'http://localhost:8080/')], contextPath: 'Ifocus Solutions Pvt Ltd', war: '**/*.war'

}

}

} }

SonarQube::

To integrate SonarQube with Jenkins, you need to ensure that Jenkins can communicate with your SonarQube server to perform static code analysis during your CI/CD pipeline. This will allow you to analyze your code quality and get reports from SonarQube as part of your build process.

Here's how you can integrate SonarQube with Jenkins:please follow below steps

1. Install the SonarQube Plugin in Jenkins Before you start, ensure that you have the SonarQube Scanner Plugin installed in Jenkins:

Go to Jenkins Dashboard. Click on Manage Jenkins → Plugins. Go to the Available tab, and search for SonarQube Scanner. Install it and restart Jenkins.

2. Configure SonarQube in Jenkins Next, you need to configure SonarQube on Jenkins so it can communicate with your SonarQube server.

Go to Jenkins Dashboard. Click on Manage Jenkins → Configure System. Scroll down to the SonarQube servers section and click Add SonarQube.

Name::: Give your SonarQube instance a name (SonarQubeServer). Server URL: URL to your SonarQube instance (e.g., http://localhost:9000). and default port is 9000 Server Authentication Token: You can generate a token in SonarQube by navigating to My Account → Security → Generate Tokens. Paste this token into Jenkins. Click Save.

3. Configure the SonarQube Scanner in JenkinsSteps: =============================================== In the Configure System page, scroll to the SonarQube Scanner section. Click Add SonarQube Scanner and select SonarQube Scanner for Jenkins.

If you want to use a custom installation, specify the path to the SonarQube Scanner binary. Click Save.

Go to your SonarQube server (e.g., http://localhost:9000). Create a project or use an existing one. Obtain the Project Key from the SonarQube project and update the pipeline script as shown in the sonar.projectKey parameter.

Go to Projects and click Local project

Click Next

Selected Use the global setting

Click Create Project

Now Spring-petclinic Project created in Sonarqube

Click Locally

Click Generate for Token

Analyze "spring-petclinic12": sqp_0eb364758c5186bea4077eff841ddb99ba89a3ab

Click Continue

Selected Maven and copy below script from sonarqube and it will help to integrate Sonarqube with jenkins pipeline

mvn clean verify sonar:sonar
-Dsonar.projectKey=spring-petclinic12
-Dsonar.projectName='spring-petclinic12'
-Dsonar.host.url=http://localhost:9000
-Dsonar.token=sqp_0eb364758c5186bea4077eff841ddb99ba89a3ab

1. Install the SonarQube Plugin in Jenkins Before you start, ensure that you have the SonarQube Scanner Plugin installed in Jenkins:

Go to Jenkins Dashboard. Click on Manage Jenkins → Plugins. Go to the Available tab, and search for SonarQube Scanner. Install it and restart Jenkins.

2. Configure SonarQube in Jenkins Next, you need to configure SonarQube on Jenkins so it can communicate with your SonarQube server.

Go to Jenkins Dashboard. Click on Manage Jenkins → Configure System. Scroll down to the SonarQube servers section and click Add SonarQube.

Name::: Give your SonarQube instance a name (SonarQubeServer). Server URL: URL to your SonarQube instance (e.g., http://localhost:9000). and default port is 9000 Server Authentication Token: You can generate a token in SonarQube by navigating to My Account → Security → Generate Tokens. Paste this token into Jenkins. Click Save.

3. Configure the SonarQube Scanner in JenkinsSteps: =============================================== In the Configure System page, scroll to the SonarQube Scanner section. Click Add SonarQube Scanner and select SonarQube Scanner for Jenkins.

If you want to use a custom installation, specify the path to the SonarQube Scanner binary. Click Save.

Go to your SonarQube server (e.g., http://localhost:9000). Create a project or use an existing one. Obtain the Project Key from the SonarQube project and update the pipeline script as shown in the sonar.projectKey parameter.

Go to Projects and click Local project

Click Next

Selected Use the global setting

Click Create Project

Now Spring-petclinic Project created in Sonarqube

Click Locally

Click Generate for Token

Analyze "spring-petclinic12": sqp_0eb364758c5186bea4077eff841ddb99ba89a3ab

Click Continue

Selected Maven and copy below script from sonarqube and it will help to integrate Sonarqube with jenkins pipeline

mvn clean verify sonar:sonar
-Dsonar.projectKey=spring-petclinic12
-Dsonar.projectName='spring-petclinic12'
-Dsonar.host.url=http://localhost:9000
-Dsonar.token=sqp_0eb364758c5186bea4077eff841ddb99ba89a3ab

Go To jenkins and create new job IntegrateSonarqubeWithJenkins

Please use below script to run the pipeline job

pipeline { agent any

tools{

    maven 'maven'
}

stages{ stage('Git checkout'){

steps{

    git branch: 'main', url: 'https://github.com/parasa7358/Petclinic.git'

}

}

stage('clean and install'){

steps{

  sh 'mvn clean install'

}

}

stage('Package'){

steps{

  sh 'mvn package'

}

}

stage('Archive the Artifacts'){

steps{

  sh 'mvn clean install'
}
post{
    success{

        archiveArtifacts artifacts: '**target/*.war'
    }
}

}

stage('Test Cases'){

steps{

  sh 'mvn test'

}

}

stage('Sonarqube Analysis'){

steps{

  sh 'mvn clean package'

sh '''mvn sonar:sonar \

-Dsonar.projectKey='spring-petclinic'
-Dsonar.projectName='spring-petclinic'
-Dsonar.host.url='http://localhost:9000'
-Dsonar.token=sqp_8d74d659dbf3d3bf2924a0d24104f5ddba914fac'''

}

}

stage('Deploy to tomcat server'){

steps{

  deploy adapters: [tomcat9(credentialsId: 'tomcat9credentials', path: '', url: 'http://localhost:8080/')], contextPath: 'Ifocus Solutions Pvt Ltd', war: '**/*.war'

}

}

} }

After completed the CI/CD

7. Running the Pipeline Once the pipeline is configured, Jenkins will execute the SonarQube analysis during the build process. After the build completes, you can view the analysis results in your SonarQube dashboard.

8. View SonarQube Reports After the analysis is complete, you can view detailed reports about code quality, such as:

https://dzone.com/articles/getting-tsql-project-scanned-with-sonarqube

Code coverage Code smells Bugs Vulnerabilities Duplications These reports will be available in the SonarQube dashboard for your project.

first we need to create New Pipeline job in Jenkins

Click New Item

Enter Project Name and selected Pipeline

select Pipeline Definition, Pipeline Script from SCM

Provided github project url

https://github.com/jaiswaladi246/Petclinic.git

select Branches to build

select Script Path ---Jenkinsfile

pipeline{

agent any

tools {
    maven "Maven"
    
 	}


stages{

   stage('clone the project'){
    steps{
        
       git branch: 'main', url: 'https://github.com/jaiswaladi246/Petclinic.git'
      
    }

   }

   stage('Build the project'){
    steps{
       sh 'mvn clean install'
    }

   }

   stage('Test'){
    steps{
       sh 'mvn test'
    }

   }
   stage('published the test results'){
    steps{
       junit 'target/surefire-reports/*.xml'
    }

   }
   stage('publishedd the artifacts'){
    steps{
       archiveArtifacts artifacts: 'target/*.war', followSymlinks: false
    }

   }

 stage('Sonarqube Analysis'){
    steps{
       sh "mvn clean verify sonar:sonar \
     -Dsonar.projectKey='spring-petclinic' \
     -Dsonar.projectName='spring-petclinic' \
     -Dsonar.host.url='http://localhost:9000' \
     -Dsonar.token=sqp_b678f83ca558a3bb7735efadfdbd4697adbebc28"
    }

   }


   stage('Deploy to Tomcat Server'){
    steps{
       deploy adapters: [tomcat9(credentialsId: 'tomcat', path: '', url: 'http://localhost:8080/')], contextPath: 'Ifocus Solutions Pvt Limited', war: 'target/*.war'
    }

   }


}

}

Expected pipeline Executed Screenshot

JFrog Artifactory is a universal artifact repository manager that serves as a central hub for storing, managing, and distributing software artifacts, binaries, packages, and other assets throughout the software development lifecycle, improving automation, and ensuring release integrity.

Artifact Repository Management:

Allows for storing binaries and artifacts (e.g., libraries, packages, Docker images) in a centralized location. Supports all major package types (e.g., Maven, Gradle, npm, NuGet, RubyGems, etc.). Version Control:

Helps in managing versions of your artifacts and ensures the correct version is used during builds and deployments. Integration with CI/CD:

Integrates seamlessly with CI/CD tools like Jenkins, Bamboo, GitLab CI, and others. Enables automated publishing of artifacts as part of your continuous integration pipeline. Access Control & Security:

Provides fine-grained access control and permissions for users and groups. Supports user authentication, security, and audit trails to ensure compliance and secure artifact management. Replication:

Allows you to replicate artifacts across multiple Artifactory instances, ensuring high availability and disaster recovery capabilities. Remote Repositories:

Artifactory can proxy remote repositories, allowing you to cache and fetch external dependencies without re-downloading them each time. Promotion & Release Management:

You can "promote" artifacts from one repository to another (e.g., from a development repository to a production repository), allowing for better control over releases. Multi-Platform Support:

Artifactory supports multiple programming languages and platforms, making it a universal solution for managing software dependencies and releases.

First Step:: https://jfrog.com/download-jfrog-platform/ ---download url

previous versions link

https://jfrog.com/download-legacy/?product=artifactory&version=7.104.12

All zip version and search 6.12.1 OSS version

https://releases.jfrog.io/artifactory/bintray-artifactory/

First Step:: https://jfrog.com/download-jfrog-platform/ ---download url

previous versions link

https://jfrog.com/download-legacy/?product=artifactory&version=7.104.12

All zip version and search 6.12.1 OSS version

https://releases.jfrog.io/artifactory/bintray-artifactory/

stage ('Artifactory Server'){ steps { rtServer ( id: "Artifactory", url: 'http://localhost:8081/artifactory', username: 'admin', password: 'password', bypassProxy: true, timeout: 300 ) } } stage('Upload'){ steps{ rtUpload ( serverId:"Artifactory" , spec: '''{ "files": [ { "pattern": "*.war", "target": "ifocus-solutions-pvt-ltd" } ] }''', ) } } stage ('Publish build info') { steps { rtPublishBuildInfo ( serverId: "Artifactory" ) } }

After installed Artifactory plugin

Go to Manage Jenkins--System configuration find JFROG

Click JFrog Platform Instances

For user name and password Go to Jfrogadmin-Securityusers Default Jfrog U/P----admin/password

I need to setup target in Jfrog

ifocus-solutions-pvt-ltd

click Local repository

Select maven

Repository key :::: ifocus-solutions-pvt-ltd

Click save and finish

Go to artifacts and check repository is created with name -ifocus-solutions-pvt-ltd

pipeline{

agent any

tools {
    maven "Maven"
    
 	}


stages{

   stage('clone the project'){
    steps{
        
       git branch: 'main', url: 'https://github.com/jaiswaladi246/Petclinic.git'
      
    }

   }

   stage('Build the project'){
    steps{
       sh 'mvn clean install'
    }

   }

   stage('Test'){
    steps{
       sh 'mvn test'
    }

   }
   stage('published the test results'){
    steps{
       junit 'target/surefire-reports/*.xml'
    }

   }
   stage('publishedd the artifacts'){
    steps{
       archiveArtifacts artifacts: 'target/*.war', followSymlinks: false
    }

   }

 stage('Sonarqube Analysis'){
    steps{
       sh "mvn clean verify sonar:sonar \
     -Dsonar.projectKey='spring-petclinic' \
     -Dsonar.projectName='spring-petclinic' \
     -Dsonar.host.url='http://localhost:9000' \
     -Dsonar.token=sqp_b678f83ca558a3bb7735efadfdbd4697adbebc28"
    }

   }

stage ('Artifactory Server'){
        steps {
           rtServer (
             id: "Artifactory",
             url: 'http://localhost:8081/artifactory',
             username: 'admin',
              password: 'password',
              bypassProxy: true,
               timeout: 300
                    )
        }
    }

stage('Upload'){ steps{ rtUpload ( serverId:"Artifactory" , spec: '''{ "files": [ { "pattern": "*.war", "target": "ifocus-solutions-pvt-ltd" } ] }''', ) } }

    stage ('Publish build info') {
        steps {
            rtPublishBuildInfo (
                serverId: "Artifactory"
            )
        }
    }
   stage('Deploy to Tomcat Server'){
    steps{
       deploy adapters: [tomcat9(credentialsId: 'tomcat', path: '', url: 'http://localhost:8080/')], contextPath: 'Ifocus Solutions Pvt Limited', war: 'target/*.war'
    }

   }


}

}

Amazon Web Services (AWS) is a comprehensive and widely adopted cloud platform offered by Amazon. It provides a broad set of services to help organizations and individuals build and scale applications, manage data, and process workloads in the cloud. AWS is designed to provide flexible, scalable, and cost-effective solutions for computing, storage, networking, machine learning, and much more.

AWS ---Amazon web services

compute services:: Amazon EC2 (Elastic Compute Cloud): Provides scalable virtual servers to run applications. AWS Lambda: Lets you run code without provisioning or managing servers. It automatically scales based on usage.

Storage services:: Amazon S3 (Simple Storage Service): Object storage for storing and retrieving large amounts of data. Amazon EBS (Elastic Block Store): Persistent block-level storage for EC2 instances.

Database:: Amazon RDS (Relational Database Service): Managed relational database service supporting multiple database engines (e.g., MySQL, PostgreSQL, MariaDB, etc.). Amazon DynamoDB: A managed NoSQL database service. Amazon Aurora: A high-performance relational database engine compatible with MySQL and PostgreSQL.

Network services:: Amazon VPC (Virtual Private Cloud): Lets you create isolated networks within AWS for secure connections.

Security ::

AWS IAM (Identity and Access Management): Controls user access and permissions for AWS resources. AWS KMS (Key Management Service): Managed service for creating and controlling encryption keys. Security groups ---inbound, outbould roles

Containers & kuberneties:: ECS ---elastic containers servcies EKS ----estastic kuberneties services AKS ---Azure kuberneties services

Cloud watch --Metrics Monitoring

CloudWatch Metrics allows you to track the performance and utilization of AWS resources such as EC2 instances, RDS databases, Lambda functions, S3 buckets, and much more. These metrics include CPU utilization, disk activity, network traffic, and others. You can create custom metrics for your applications or services as well.

cloud trail ---Security Monitoring:

Use CloudTrail logs to detect unauthorized access or activity in your AWS environment. You can track changes in security settings, unauthorized API calls, or unexpected configuration changes.

Developer Tools:: AWS CodeCommit: Source control service for managing your code repositories. AWS CodeDeploy: Automates code deployments to EC2 instances and Lambda. AWS CodePipeline: Continuous integration and continuous delivery (CI/CD) service for automating the release pipeline.

Amazon Elastic Compute Cloud (Amazon EC2) is one of the core services provided by Amazon Web Services (AWS)

Wide Variety of Instance Types:

EC2 instances are grouped into families based on the type of workload they are optimized for. Some common instance families include: General Purpose: e.g., t3, m5 instances (balanced CPU, memory, and networking). Compute Optimized: e.g., c5 instances (great for high-performance computing tasks). Memory Optimized: e.g., r5, x1e instances (designed for high-memory workloads like databases).

Go to AWS ans Search EC2

Click EC2

Go to instances at left side bar

Click Launch Instances, EC2 ---> Instances -----> Launch an instance

Select Ubuntu

Select Amazon Machine Image (AMI)

select Instance type,t2 medium

Create Create new key pair and provide key pair name

click create pair

click launch instance

instance will be created

Jenkins manage builds across multiple machines, SSH is one of the cleanest and most common ways to connect your Jenkins master to agent nodes.

i have to create 2 EC2 ubuntu machines in AWS

1. Jenkinsmaster
2. Node

we have already .pem file dowloaded in you local machin

right click from .pem and click Open git bash here option Now Go to AWS Ubuntu machine which is already created in AWS insatnces and select master machine

Click Connect

Click SSH Client

Copy URL

ssh -i "Newkeysmasternode.pem" [email protected]

Now past that url in Gitbash

switch to root user below command run

Sudo -i

update the all packages ,please run below command

sudo apt-get update

JDK link

https://bluevps.com/blog/how-to-install-java-on-ubuntu

MAven link

https://phoenixnap.com/kb/install-maven-on-ubuntu

sudo apt-get install maven java -version mvn -v

Set java home environment

sudo vi /etc/environment JAVA_HOME=”/usr/lib/jvm/java-8-openjdk-amd64/jre” MAVEN_HOME=”/usr/share/maven”

Reload your system environment

source /etc/environment

Veriy the variables was set correctly

echo $JAVA_HOME echo $MAVEN_HOME

Insatll Jenkins on master machine

https://phoenixnap.com/kb/install-jenkins-ubuntu

AWS any machines default password authentication is disabled , we need to enabled in any linux machines

sudo vi /etc/ssh/sshd_config sudo service sshd restart In EC2 – by default password based authentication is disabled so we need to enabled vi /etc/ssh/sshd_config passwordauthentication :yes

In ubuntu machine default user is not sudo user,

visudo Jenkins ALL=(ALL:ALL) NOPASSWD:ALL su Jenkins Switching to new user

Once installed Jenkins successfully

we need to enabled the Inbounds and outbounds rules in AWS security groups

Inbounds rules

Copy public IP address and go to browser Access Jenkins using Public IP address http://35.86.160.156:8080/

bydefault Jenkins runs on port 8080 Jenkins home path/var/lib/Jenkins How to change the port number in Jenkins:: https://stackoverflow.com/questions/28340877/how-to-change-port-number-for-jenkins-installation-in-ubuntu-12-04

sudo nano /etc/default/jenkins

Please insatll JDK & Maven in node machine and setup environemnt varibles

sudo apt-get install maven java -version mvn -v Set java home environment

sudo vi /etc/environment JAVA_HOME=”/usr/lib/jvm/java-8-openjdk-amd64/jre” MAVEN_HOME=”/usr/share/maven”

Reload your system environment

source /etc/environment

Veriy the variables was set correctly

echo $JAVA_HOME echo $MAVEN_HOME

comminicate master & node via SSH keys

ssh-keygen after generated copy public key to node machine

option-1 to copy keys from master to node

ssh-copy-id user@ipaddressofnodemachine ssh-copy-id [email protected]

2nd option --copy keys manually from master to node

3rd options --i have created authorized_keys file in node machine and copy public key from master to node

in Jenkins master ---jenkins user as a sudo permission ---default user is not a sudo user ---passwordauthentication is disabaed in AWS machines , you should make enabled

                 PaawordAuthentication :yes
              ---ssh-keygen		or ssh-keygen -t ed25519	

NOde Machine---make you should create new user -like node >adduser node ---make sure you should provide the sudo permission for that new user---node >visudo node ALL=(ALL:ALL) NOPASWD:ALL

master node communicatuion via SSH keys::

---- copy public key from master to node machine

ssh-copy-id user@privateipaddresofnode machine if keys are copied properly from master to node, communication happned from master machine

ssh user@ipdaadres of node ssh [email protected]

got to manage Jenkins manage Nodes

click new node Remote root directory

Launch methods via ssh

Add credentials

Host Key Verification Strategy

Master Node Configuration::

got to manage Jenkins manage Nodes click new node Remote root directory

Launch methods via ssh

Add credentials ::

option-1::

this time please use credentials option SSH key with private key from node machine

option::2 please use credentials with Username & password and let's try if you copy properly ,agent machine will conenct Successfully

Host Key Verification Strategy

Agent successfully connected

Execute Jenkins job using slave Create one test slave job in Jenkins

select Restrict where this project can be run

select Label Expression

please create 2 job in jenkins master and setup 1 job in Node machine and 2nd job master machine, just trigger Build Now

Please observe below screenshot 2 job running different machines

advantage of master & Node Integartion

Ansible playbooks are the heart of automation with Ansible. They are simple YAML (Yet Another Markup Language) files that define automation tasks in a structured, human-readable format. Playbooks allow you to automate configurations, deployments, and orchestration tasks in a clear and organized way.

Playbook: A playbook is a file that contains one or more "plays." Each play defines a set of tasks to be executed on a group of hosts. The playbook can be used for things like installing packages, managing users, configuring services, etc.

Task: A task is an individual unit of work. Tasks define specific actions, such as installing a package, starting a service, or copying a file. Tasks are executed sequentially, in the order in which they are written in the playbook.

Inventory: An inventory is a list of hosts that Ansible will manage. The inventory file defines which machines to target. An inventory can group hosts together (e.g., web servers, db servers) for easy management.

Modules: Ansible provides numerous modules that are responsible for performing specific tasks like managing packages, services, files, etc. Common modules include apt, yum, service, copy, and file.

Create 3 AWS ubuntu machines::

1. ACS --ansible control serverless 2.node1 3.node2

all these 3 machine ping to each other and see beow screenshots all 3 machines pings each other

ubuntu@ip-172-31-28-207:$ sudo -i root@ip-172-31-28-207:# su ansible ansible@ip-172-31-28-207:/root$ cd ~ ansible@ip-172-31-28-207:~$ cd /etc/ansible/ ansible@ip-172-31-28-207:/etc/ansible$ ansible -m ping all [WARNING]: Platform linux on host localhost is using the discovered Python interpreter at /usr/bin/python3.12, but future installation of another Python interpreter could change the meaning of that path. See https://docs.ansible.com/ansible- core/2.17/reference_appendices/interpreter_discovery.html for more information. localhost | SUCCESS => { "ansible_facts": { "discovered_interpreter_python": "/usr/bin/python3.12" }, "changed": false, "ping": "pong" } [WARNING]: Platform linux on host [email protected] is using the discovered Python interpreter at /usr/bin/python3.12, but future installation of another Python interpreter could change the meaning of that path. See https://docs.ansible.com/ansible- core/2.17/reference_appendices/interpreter_discovery.html for more information. [email protected] | SUCCESS => { "ansible_facts": { "discovered_interpreter_python": "/usr/bin/python3.12" }, "changed": false, "ping": "pong" } [WARNING]: Platform linux on host [email protected] is using the discovered Python interpreter at /usr/bin/python3.12, but future installation of another Python interpreter could change the meaning of that path. See https://docs.ansible.com/ansible- core/2.17/reference_appendices/interpreter_discovery.html for more information. [email protected] | SUCCESS => { "ansible_facts": { "discovered_interpreter_python": "/usr/bin/python3.12" }, "changed": false, "ping": "pong" } ansible@ip-172-31-28-207:/etc/ansible$

Ansible playbooks are the heart of automation with Ansible. They are simple YAML (Yet Another Markup Language) files that define automation tasks in a structured, human-readable format. Playbooks allow you to automate configurations, deployments, and orchestration tasks in a clear and organized way.

Playbook: A playbook is a file that contains one or more "plays." Each play defines a set of tasks to be executed on a group of hosts. The playbook can be used for things like installing packages, managing users, configuring services, etc.

Task: A task is an individual unit of work. Tasks define specific actions, such as installing a package, starting a service, or copying a file. Tasks are executed sequentially, in the order in which they are written in the playbook.

Inventory: An inventory is a list of hosts that Ansible will manage. The inventory file defines which machines to target. An inventory can group hosts together (e.g., web servers, db servers) for easy management.

Modules: Ansible provides numerous modules that are responsible for performing specific tasks like managing packages, services, files, etc. Common modules include apt, yum, service, copy, and file.

A basic playbook has the following components:

YAML Header: The file begins with a --- to indicate it’s a YAML file.

the hosts (target machines) become: yes ----->Sudo user

Tasks: Tasks define the actions to be executed on the target systems.

I want to see where the Ansible is installed on ACS

cd /etc/ansible

Playbook is written in YAML format Inside the playbook tasks Each task is a module Playbook is a one of yaml file Yaml file is a collection of key-value pairsset of all tasks Playbook is tell to the ansible what are the tasks can be performed Each task  one module Module is a smallest item of ansible Module can be used to individual or smallest task can be performed Any configuration management tool should maintain ‘state’

hosts: all (apply all we can be mentioned in inventory ) become: yes (become user as a sudo user) tasks:

we can search in google ansible playbook https://docs.ansible.com/ansible/latest/user_guide/playbooks.html https://docs.ansible.com/ansible/latest/user_guide/playbooks_intro.html#basics

• hosts: all

  become: yes

  tasks:

  • name: install git

    apt:

    name: git

    state: present

    update_cache: yes

note:::default state is present update_cache: yes tells Ansible to run the apt-get update command on the remote machine before performing any further package operations (like installing or upgrading packages). become: yes # Elevate privileges to execute tasks as root

ansible@ip-172-31-19-120:/etc/ansible$ ansible-playbook installgit.yml

PLAY [all] **********************************************************************************************

TASK [Gathering Facts] ********************************************************************************** [WARNING]: Platform linux on host localhost is using the discovered Python interpreter at /usr/bin/python3.12, but future installation of another Python interpreter could change the meaning of that path. See https://docs.ansible.com/ansible- core/2.18/reference_appendices/interpreter_discovery.html for more information. ok: [localhost] [WARNING]: Platform linux on host [email protected] is using the discovered Python interpreter at /usr/bin/python3.12, but future installation of another Python interpreter could change the meaning of that path. See https://docs.ansible.com/ansible- core/2.18/reference_appendices/interpreter_discovery.html for more information. ok: [[email protected]] [WARNING]: Platform linux on host [email protected] is using the discovered Python interpreter at /usr/bin/python3.12, but future installation of another Python interpreter could change the meaning of that path. See https://docs.ansible.com/ansible- core/2.18/reference_appendices/interpreter_discovery.html for more information. ok: [[email protected]]

TASK [install git] ************************************************************************************** ok: [[email protected]] ok: [[email protected]] ok: [localhost]

PLAY RECAP ********************************************************************************************** localhost : ok=2 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 [email protected] : ok=2 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 [email protected] : ok=2 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0

ansible@ip-172-31-19-120:/etc/ansible$ git --version git version 2.43.0 ansible@ip-172-31-19-120:/etc/ansible$ Read from remote host ec2-34-226-192-28.compute-1.amazonaws.com: Connection reset by peer Connection to ec2-34-226-192-28.compute-1.amazonaws.com closed. client_loop: send disconnect: Connection reset by peer

java install playbook:: https://www.geeksforgeeks.org/how-to-install-java-using-ansible-playbook/

• hosts: all

  become: yes

  tasks:

  • name: install git

    apt:

    name: git

    state: present

    update_cache: yes

  • name: Install Java

    apt:

    name: openjdk-17-jdk

    state: present

sudo vi demo.yml

copy git playbook code to demo.yml

• hosts: all

  become: yes

  tasks:

  • name: install git

    apt:

    name: git

    state: present

    update_cache: yes

ansible-planbook ansible-playbook demo.yml

ansible@ip-172-31-28-207:/etc/ansible$ ansible-playbook demo.yml

PLAY [all] **************************************************************************************************************************************

TASK [Gathering Facts] ************************************************************************************************************************** [WARNING]: Platform linux on host localhost is using the discovered Python interpreter at /usr/bin/python3.12, but future installation of another Python interpreter could change the meaning of that path. See https://docs.ansible.com/ansible- core/2.17/reference_appendices/interpreter_discovery.html for more information. ok: [localhost] [WARNING]: Platform linux on host [email protected] is using the discovered Python interpreter at /usr/bin/python3.12, but future installation of another Python interpreter could change the meaning of that path. See https://docs.ansible.com/ansible- core/2.17/reference_appendices/interpreter_discovery.html for more information. ok: [[email protected]] [WARNING]: Platform linux on host [email protected] is using the discovered Python interpreter at /usr/bin/python3.12, but future installation of another Python interpreter could change the meaning of that path. See https://docs.ansible.com/ansible- core/2.17/reference_appendices/interpreter_discovery.html for more information. ok: [[email protected]]

TASK [install git] ****************************************************************************************************************************** ok: [localhost] ok: [[email protected]] ok: [[email protected]]

PLAY RECAP ************************************************************************************************************************************** [email protected] : ok=2 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 [email protected] : ok=2 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 localhost : ok=2 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0

ansible@ip-172-31-28-207:/etc/ansible$

• hosts: localhost

  become: yes

  tasks:

  • name: install git

    apt:

    name: git

    state: present

    update_cache: yes

  • name: Install Java jdk17 on ubuntu machine

    apt:

    name: openjdk-17-jdk

    state: absent

    update_cache: yes

https://docs.ansible.com/ansible/2.9/modules/list_of_all_modules.html https://docs.ansible.com/ansible/2.9/modules/apt_module.html#parameters https://www.geeksforgeeks.org/how-to-install-java-using-ansible-playbook/ https://www.yamllint.com/ https://www.geeksforgeeks.org/how-to-install-tomcat-using-ansible-playbook/

https://docs.ansible.com/ansible/latest/modules/list_of_all_modules.html https://docs.ansible.com/ansible/2.9/modules/list_of_all_modules.html

Executing ansible in 2 ways

1. Adhoc command yearly base
2. Playbook (YAML/YML) format use for repetitive work

When we can use adhoc commands ->I want restart servers yearly base

if you can use system inventory, below is the command

ansible-playbook ansible-playbook hello-world.yml

I don’t want to use system level inventory

where hosts/ipaddress are stored

I want to create my own inventory

Cd /etc/ansible

cat /etc/ansible/hosts

Sudo vi hosts

Copy all hosts

In Ansible, inventory groups are used to organize and categorize hosts (machines or servers) into logical groups. This allows you to apply tasks to specific sets of servers, simplifying playbook management and execution. An inventory is a list of managed hosts and their associated metadata, and groups are one of the key components of that structure.

Here’s a detailed explanation of Ansible inventory groups

1. What Are Inventory Groups? An inventory group in Ansible is a way to group hosts based on a shared characteristic. For example, you might have groups for different environments (e.g., dev, prod), different types of servers (e.g., web_servers, db_servers), or other logical categories that fit your needs.

static inventory groups defined in the standard INI or YAML format.

[web_servers]

[email protected]

[email protected]

localhost

[db_servers]

[email protected]

[email protected]

[app_servers]

localhost

• hosts: web_server

  become: yes

  tasks:

  • name: install git

    apt:

    name: git

    state: present

    update_cache: yes

  • name: install tree

    apt:

    name: tree

    state: present

  • name: install apache

    apt:

    name: apache2

    state: present

once above two files created run the below command

ansible-playbook -i hosts installsoftware.yml

ansible -i hosts -m ping Webserver

Best practice is you need to create our own inventories

sudo vi hosts

after ran the above yaml, please try to access all machines with IPaddresss

Inbound and outbound rules refer to the types of network traffic that are allowed or denied to and from a system, such as a server, virtual machine, or network device. These rules are typically defined in firewalls or security groups (such as in cloud environments like AWS, Azure, or Google Cloud). The primary goal is to control which data can enter or leave a network, ensuring security and proper access control.

Here’s a detailed explanation of inbound and outbound rules:

Inbound Rules:: Inbound rules control traffic entering a system or network. These rules define which types of external traffic are allowed to reach a server, instance, or device.

Common Uses: Allowing specific users or services to access the system.

Restricting access to the system from unauthorized users.

Opening ports for services like web servers (HTTP, HTTPS), SSH, database connections, etc

Allowing incoming traffic on port 80 (HTTP) so that users can access a web server.

Outbound Rules:: Outbound rules control traffic leaving a system or network. These rules define which traffic is allowed to exit a server or device and reach external destinations.

Common Uses: Allowing a server to access external services like APIs, databases, or external servers.

Restricting unwanted traffic from the system to external destinations.

Controlling the flow of outgoing traffic to ensure compliance with security policies.

Allow HTTP/HTTPS: Allow outbound traffic on ports 80 (HTTP) and 443 (HTTPS) to any IP:

A LAMP stack stands for Linux, Apache, MySQL, and PHP, which is a popular open-source software stack used for web development. It provides everything you need to set up a dynamic website or web application.

Here’s a quick overview of each component:

Linux: The operating system (in this case, Ubuntu).

Apache: The web server that serves your website’s files.

MySQL: The database management system for storing and retrieving data.

PHP: The programming language used for dynamic web page generation.

https://www.digitalocean.com/community/tutorials/how-to-install-lamp-stack-on-ubuntu

sudo apt update

sudo apt install apache2

sudo apt install mysql-server

sudo apt install php

sudo apt install libapache2-mod-php

sudo apt install php-mysql

sudo systemctl restart apache2

sudo apt install php-cli

sudo nano /var/www/html/info.php

above steps are manually installed all required softwares in LAMP project but my requirement is to write a Playbook for those manuall steps

• hosts: all

  become: yes

  tasks:

  • name: install apache2

    apt:

    name: apache2

    state: present

    update_cache: yes

  • name: install php

    apt:

    name: php

    state: present

  • name: install mysql-server

    apt:

    name: mysql-server

    state: present

  • name: install libapache2-mod-php

    apt:

    name: libapache2-mod-php

    state: present

  • name: install php-mysql

    apt:

    name: php-mysql

    state: present

  • name: restart apache

    service:

    name: apache2

    enabled: true

    state: restarted

  • name: install php-cli

    apt:

    name: php-cli

    state: present

  • name: copy module info.php

    copy:

    src: info.php

    dest: /var/www/html/info.php

https://docs.ansible.com/ansible/latest/collections/ansible/builtin/copy_module.html

https://docs.ansible.com/ansible/latest/collections/ansible/builtin/service_module.html

[Webservers] [email protected] [email protected] localhost

[Appservers] [email protected]

[DBservers]

localhost

ansible@ip-172-31-28-207:/etc/ansible/playbook$ ls hosts info.php installsoftwares.yml phppackage.yml ansible@ip-172-31-28-207:/etc/ansible/playbook$ sudo vi phppackage.yml ansible@ip-172-31-28-207:/etc/ansible/playbook$ sudo vi hosts ansible@ip-172-31-28-207:/etc/ansible/playbook$ sudo vi phppackage.yml ansible@ip-172-31-28-207:/etc/ansible/playbook$ ansible-playbook -i hosts phppackage.yml ansible@ip-172-31-28-207:/etc/ansible/playbook$ sudo vi info.php ansible@ip-172-31-28-207:/etc/ansible/playbook$ ansible-playbook -i hosts phppackage.yml

PLAY [Webservers] *********************************************************************************************

TASK [Gathering Facts] **************************************************************************************** [WARNING]: Platform linux on host localhost is using the discovered Python interpreter at /usr/bin/python3.12, but future installation of another Python interpreter could change the meaning of that path. See https://docs.ansible.com/ansible-core/2.17/reference_appendices/interpreter_discovery.html for more information. ok: [localhost] [WARNING]: Platform linux on host [email protected] is using the discovered Python interpreter at /usr/bin/python3.12, but future installation of another Python interpreter could change the meaning of that path. See https://docs.ansible.com/ansible-core/2.17/reference_appendices/interpreter_discovery.html for more information. ok: [[email protected]] [WARNING]: Platform linux on host [email protected] is using the discovered Python interpreter at /usr/bin/python3.12, but future installation of another Python interpreter could change the meaning of that path. See https://docs.ansible.com/ansible-core/2.17/reference_appendices/interpreter_discovery.html for more information. ok: [[email protected]]

TASK [install apache2] **************************************************************************************** ok: [[email protected]] ok: [[email protected]] ok: [localhost]

TASK [install php] ******************************************************************************************** ok: [[email protected]] ok: [[email protected]] ok: [localhost]

TASK [install mysql-server] *********************************************************************************** ok: [[email protected]] ok: [[email protected]] ok: [localhost]

TASK [install libapache2-mod-php] ***************************************************************************** ok: [[email protected]] ok: [[email protected]] ok: [localhost]

TASK [install php-mysql] ************************************************************************************* ok: [[email protected]] ok: [[email protected]] ok: [localhost]

TASK [restart apache] ***************************************************************************************** changed: [[email protected]] changed: [localhost] changed: [[email protected]]

TASK [install php-cli] **************************************************************************************** ok: [[email protected]] ok: [localhost] ok: [[email protected]]

TASK [copy module info.php] *********************************************************************************** changed: [localhost] changed: [[email protected]] changed: [[email protected]]

PLAY RECAP **************************************************************************************************** [email protected] : ok=9 changed=2 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 [email protected] : ok=9 changed=2 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 localhost : ok=9 changed=2 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0

Please execute above steps we will see the php insatlled on all 3 machines

<p>This is the landing page of <strong>your_domain</strong>.</p>

<p>This is the landing page of <strong>your_domain</strong>.</p>

In Ansible, loops are used to repeat tasks over a list of items, making automation more efficient and reducing redundancy in playbooks. You can loop through arrays, dictionaries, and other types of data in Ansible to execute tasks multiple times.

There are several ways to use loops in Ansible, and here are the most common methods:

1. Using loop keyword The loop keyword is the most common way to iterate over a list of items. Here's an example of how to use it:

https://spacelift.io/blog/ansible-loops

https://docs.ansible.com/ansible/latest/playbook_guide/playbooks_loops.html

https://docs.ansible.com/ansible/latest/playbook_guide/playbooks_loops.html

• hosts: Webservers

  become: yes

  tasks:

  • name: Install all packages

    apt:

  name: "{{ item }}"

    state: latest
  

  loop: - apache2 - php - php-mysql - libapache2-mod-php - php-cli

  • name: restart apache

    service:

    name: apache2

    enabled: true

    state: restarted

  • name: copy module info.php

    copy:

    src: info.php

    dest: /var/www/html/info.php

https://docs.ansible.com/ansible/latest/collections/ansible/builtin/setup_module.html Setup module is used to collect the facts Facts information gather from nodes called facts

ansible -I hosts -m setup Webserver

Using filter command

ansible -i hosts -m setup -a "filter=os" Webserver

ansible_os_family": "Debian"

Ansible when statements

https://docs.ansible.com/ansible/latest/user_guide/playbooks_conditionals.html#the-when-statement

ansible_os_family": "Debian"

When condition is always used bottom of the script and using scrips we can able to run a playbook on a different platforms

• hosts: Webserver

  become: yes

  tasks:

  • name: install apache

    apt: name: apache2

    state: present

    update_cache: yes

    when: ansible_os_family == "Debian"

  • name: install apache

    yum:

    name: httpd

    state: present

    when: ansible_os_family == "Redhat"

In Ansible, variables are used to store values that can be referenced and used throughout your playbooks, roles, and tasks. This allows for dynamic, reusable, and flexible automation. Here’s a basic breakdown of how Ansible variables work and the different ways you can define and use them:

define variables in 3 places

1. Inventory level lowest priority
2. Playbook level
3. Command line level –highest level priority

defined variable in Ansible::

1.commandline level ---highest priorty 2.playbook level ----2nd highest priority 3.inventory level -- low priorty a.host level variabel b. group level

Inventory variables: These are defined in the inventory file (or dynamic inventory) for specific hosts or groups.

[webservers] [email protected] package_name=git [email protected] package_name=apache2 localhost

[webservers:vars] [email protected] localhost

package_name=httpd

Playbook variables: You can define variables directly within your playbooks using the vars section.

• hosts: Webservers

  become: yes

  vars:

  pacakge_name: git

  tasks:

  • name: Install all packages

    apt:

    name: "{{ pacakge_name }}"

    state: present

    Command-line variables: You can pass variables to your playbooks at runtime using the -e or --extra-vars option.

    ansible-playbook -i hosts -e "package_name=apache2" variables2.yml

Extra-vars (-e on the command line): Command-line variables take the highest precedence.

Playbook variables: Variables defined within the playbook.

Inventory variables: Variables set in the inventory.

https://docs.ansible.com/ansible/latest/collections/ansible/builtin/debug_module.html

• name: Echo message on localhost

  hosts: localhost

  connection: local

  gather_facts: no

  vars:

  message: "Hello from Ansible playbook on localhost!"

  tasks:

  • name: Echo message and connection type

    ansible.builtin.shell: "echo '{{ message }}' ; echo 'Connection type: {{ ansible_connection }}'"

    register: echo_output

  • name: Display output

    debug:

    msg: "{{ echo_output.stdout_lines }}"

ansible-playbook -i hosts -vvv variable.yaml --------> verbose logs purpose ,please run this command

Registry is a module used to results can be stored in a variable Stored ouptput of a task or script I want execute a command and results can be stored in a variable is called registry

Sometimes you want a task to run only when a change is made on a machine. For example, you may want to restart a service if a task updates the configuration of that service, but not if the configuration is unchanged. Ansible uses handlers to address this use case. Handlers are tasks that only run when notified

hosts: webservers become: yes tasks: - name: Ensure apache is at the latest version ansible.builtin.yum: name: httpd state: latest handlers: - name: Restart apache ansible.builtin.service: name: httpd state: restarted

• hosts: DBservers become: yes tasks:

  • name: install apache2 apt: name: apache2 state: present update_cache: yes

  • debug: msg: "install apache2 successfully in ubuntu machines"

  • name: install my sql software apt: name: mysql-server state: present

  • debug: msg: "install mysql-server successfully in ubuntu machines"

  • name: install php apt: name: php state: present

  • debug: msg: "install php successfully in ubuntu machines"

  • name: install libapache2-mod-php apt: name: libapache2-mod-php state: present

  • debug: msg: "install mod php successfully in ubuntu machines"

  • name: install php-mcrypt apt: name: php-mcrypt state: present

  • debug: msg: "install mcrypt successfully in ubuntu machines"

  • name: install php-mysql apt: name: php-mysql state: present

  • debug: msg: "install mysql successfully in ubuntu machines" handlers:

  • name: restart apache2 service: name: apache2 enabled : yes state: stopped handlers:

  • name: start apache2 service: name: apache2 enabled : yes state: started

  • name: install php-cli apt: name: php-cli state: present

  • debug: msg: "install php-cli successfully in ubuntu machines"

  • name: restart apache2 service: name: apache2 enabled : yes state: restarted

  • name: Copy file with src and destination copy: src: info.php dest: /var/www/html/info.php

Ansible roles are a way of organizing playbooks and tasks in a modular, reusable, and maintainable structure. They allow you to break down complex playbooks into smaller, focused units of functionality that can be easily shared and reused across different projects. Here's a more detailed look at Ansible roles:

https://docs.ansible.com/ansible/latest/playbook_guide/playbooks_reuse_roles.html

1.Written ansible in a reusable fashion 2.How do I use someone else’s work 3.Ansible galaxy is a place where we can find reusable roles

https://galaxy.ansible.com/

4.Which we can use in your script

install roles

Ansible-galaxy install

ansible-galaxy install my_role

create my own role::

ansible-galaxy init

ansible-galaxy init my_role

my_role/ ├── defaults/ │ └── main.yml # Default variables ├── files/ │ └── somefile # Files to be copied to the target ├── handlers/ │ └── main.yml # Handlers (usually for service restarts) ├── meta/ │ └── main.yml # Metadata about the role ├── tasks/ │ └── main.yml # The main tasks (this file includes other task files if needed) ├── templates/ │ └── config.j2 # Jinja2 templates for dynamic file creation ├── tests/ │ └── test.yml # Test playbooks to verify the role works ├── vars/ │ └── main.yml # Custom variables

Using Roles in Playbooks Once you've defined a role, you can use it in your playbook like this:

• name: Example Playbook using roles hosts: all become: yes roles:
  • my_role

Benefits of Using Roles Reusability: Roles can be reused across different playbooks and projects.

Modularity: Roles allow you to organize your playbook into smaller, manageable parts.

Clarity: Each role focuses on a specific task or function, making your playbooks more understandable.

Example Role: Installing Tomcat

https://galaxy.ansible.com/ui/standalone/roles/robertdebock/tomcat/install/

Create my own role

Ansible-galaxy init rolename

Install tomcat

If you're looking to install or use an Ansible role for Tomcat from Ansible Galaxy, you can search for available roles and collections related to Tomcat. Here's how you can find and use a role related to Tomcat from Galaxy.

1. Search for a Tomcat Role

https://galaxy.ansible.com/

To search for a role related to Tomcat on Ansible Galaxy, you can use the following command: bash Copy ansible-galaxy search tomcat This will return a list of roles related to Tomcat that you can install and use. 2. Install a Tomcat Role Once you’ve found a suitable role for Tomcat, you can install it using the ansible-galaxy install command. For example, if you find a role called geerlingguy.tomcat, you can install it by running: bash Copy

ansible-galaxy install geerlingguy.tomcat This will download and install the role into your ~/.ansible/roles/ directory (or the path defined in your ansible.cfg file).

3. Use the Installed Tomcat Role in Your Playbook After installing the role, you can use it in your playbook. Here’s an example of a simple playbook that installs and configures Tomcat: yaml Copy

• hosts: localhost become: yes roles:

  • robertdebock.java
  • robertdebock.tomcat

  ansible-playbook -i hosts Deploywar.yml

This will use the geerlingguy.tomcat role to set up Tomcat on your webservers hosts.

https://galaxy.ansible.com/robertdebock/tomcat

Deploywar.yml

By default tomcat run port 8080 http://18.236.181.244:8080/ http://34.216.173.44:8080/manager/html

Most of the work is done Where is my war file

If war file is available in local machine use copy module if war file is available other machine(internet) use get_url module Tomcat by default install

/opt/tomcat

• hosts: Webservers become: yes roles:
  • robertdebock.java
  • robertdebock.tomcat tasks:
  • name: copy war get_url: url: https://baby7358.s3.us-west-2.amazonaws.com/onlinebookstore.zip dest: /opt/tomcat/webapps/gameoflife.war

Go to AWS account and search S3 bucket

S3=SSS=simple storage services

Select S3

Click Create bucket

Bucket name provide

Object Ownership ---- ACLs enabled selected

Unchecked Block all public access

Ackened

Click crete bucket

S3 bucket is created in AWS

S3 bucket Created successfully

Click Bucket

Click Upload

Click Add Files

Select Onlinebookstore.war file

Select check box to upload the onlinebookstore.war file

Click Upload

Upload Succeeded

Copy URL

• hosts: localhost become: yes roles:
  • robertdebock.java
  • robertdebock.tomcat tasks:
  • name: copy war get_url: url: https://infocus942.s3.us-west-2.amazonaws.com/onlinebookstore.war dest: /opt/tomcat/webapps/onlinebookstore.war

run the playbook

ansible-playbook -i hosts onlinebookstore.yml

Success

Verify deployment in Tomcat server

http://54.218.133.244:8080/onlinebookstore/

Docker is an opensource & Applicatuions level virtualization technology and it's called containirazition.

Docker is an open-source platform that automates the deployment, scaling, and management of applications in lightweight, portable containers. Containers are isolated environments that package an application and all its dependencies (such as libraries, binaries, and configurations) to ensure it runs uniformly across different computing environments.

1.container is an insolation area of executuions of your applications OR instance of images are called containers 2.Containers are created from “images” 3. Containers are the core of Docker. They are lightweight, portable, and isolated environments where applications run. Docker is run your software packages /Applications in containers called containarizations.

4. if you build a docker container for your application called containerization
5. containers have it’s own boundaries

who will create containers? Ans --docker images are created the containers

docker image is a package with all dependencies and the necessary information to create the container and docker image derived from multiple base images.

An image is a snapshot of a container, a blueprint that defines what the container will contain and how it will behave when run. It consists of an application and its dependencies. Docker images are built using a Dockerfile

A Docker Registry is a system for storing and distributing Docker images. It is a centralized location where Docker images can be uploaded (pushed), stored, and downloaded (pulled) by users and applications. Docker images are the building blocks of containers, and registries provide a way to manage, version, and share these images across different environments.

Default registry :: https://hub.docker.com/

1.tomcat & nodejs containers have it’s own process tree,own files systems,own network interfaces own storage,ram…etc 2.when you want to give application to your team/testers docker is the best choice and when you want give system to your team/ testers VMwares are best choice. 3.application level virtulization docker is the best choice and OS level virtulization VMwares are best choice 4.individually scale the your application very easy in docker

Example:: For festival season In your organization leave management application multiple employees are applied leaves at the same time in that scenario docker is very easy to scale the one more application but physically it’s very difficult so docker is the best choice

Please follow below link steps to install the docker in ubuntu and please read all the content in that link

https://www.digitalocean.com/community/tutorials/how-to-install-and-use-docker-on-ubuntu-22-04

once installed docker please verify below commands::

docker --version

root@ip-172-31-20-86:~# docker --version Docker version 28.0.4, build b8034c0

root@ip-172-31-20-86:~# docker info Client: Docker Engine - Community Version: 28.0.4 Context: default Debug Mode: false Plugins: buildx: Docker Buildx (Docker Inc.) Version: v0.22.0 Path: /usr/libexec/docker/cli-plugins/docker-buildx compose: Docker Compose (Docker Inc.) Version: v2.34.0 Path: /usr/libexec/docker/cli-plugins/docker-compose

Server: Containers: 0 Running: 0 Paused: 0 Stopped: 0 Images: 0 Server Version: 28.0.4 Storage Driver: overlay2 Backing Filesystem: extfs Supports d_type: true Using metacopy: false Native Overlay Diff: true userxattr: false Logging Driver: json-file Cgroup Driver: systemd Cgroup Version: 2 Plugins: Volume: local Network: bridge host ipvlan macvlan null overlay Log: awslogs fluentd gcplogs gelf journald json-file local splunk syslog Swarm: inactive Runtimes: io.containerd.runc.v2 runc Default Runtime: runc Init Binary: docker-init containerd version: 05044ec0a9a75232cad458027ca83437aae3f4da runc version: v1.2.5-0-g59923ef init version: de40ad0 Security Options: apparmor seccomp Profile: builtin cgroupns Kernel Version: 6.8.0-1024-aws Operating System: Ubuntu 24.04.2 LTS OSType: linux Architecture: x86_64 CPUs: 2 Total Memory: 3.82GiB Name: ip-172-31-20-86 ID: 201c6f4b-75d3-4326-adf5-00b9a82a8d4d Docker Root Dir: /var/lib/docker Debug Mode: false Experimental: false Insecure Registries: ::1/128 127.0.0.0/8 Live Restore Enabled: false

if above page is came without any erros, it means docker is installed in your machine

Docker's high-level architecture revolves around several components that work together to provide containerization and isolation for applications

The Docker Client is the primary interface for interacting with Docker. It can be a command-line interface (CLI), like the docker command, or a graphical interface (GUI) in some tools.

It allows users to interact with Docker's features, such as building containers, running containers, and managing containers and images.

It sends requests to the Docker Daemon to execute commands.

The Docker Daemon (also known as dockerd) is the core component of Docker. It runs in the background on the host system.

The daemon is responsible for managing Docker containers, images, networks, and volumes. It listens for Docker API requests and handles container lifecycle operations such as starting, stopping, and building containers.

The Docker Daemon can communicate with multiple Docker clients, allowing for distributed management of containers.

1.The Docker Client sends a command to the Docker Daemon.

2.The Docker Daemon interacts with containers, images, and storage volumes.

3.The Docker Daemon can pull images from a Docker Registry.

4.The Docker Daemon runs containers based on the images and handles networking and storage.

docker pull docker pull hello-world docker images ----used to display the all images docker image ls ----used to display the all images

docker run ---used to build the images and create the container

Docker detached mode refers to running a container in the background

docker run -d <image_name>

example::

docker run -d nginx

Where:

-d is the flag for detached mode.

<image_name> is the name of the Docker image you want to run.

docker run -d nginx

This command will:

Run the nginx container in detached mode.

Start the container in the background.

docker ps

docker stop

docker start

docker exec -it <container_id_or_name> docker exec -it 5336d949f33b /bin/bash

root@5336d949f33b:/# hostname 5336d949f33b root@5336d949f33b:/# hostname -i 172.17.0.3

docker exec -it 5178eb58223a /bin/bash Use this command inside the container

ctrl pq Outside the containers

take one nginx web server

docker pull nginx

root@ip-172-31-20-86:~# docker pull nginx Using default tag: latest latest: Pulling from library/nginx 6e909acdb790: Pull complete 5eaa34f5b9c2: Pull complete 417c4bccf534: Pull complete e7e0ca015e55: Pull complete 373fe654e984: Pull complete 97f5c0f51d43: Pull complete c22eb46e871a: Pull complete Digest: sha256:124b44bfc9ccd1f3cedf4b592d4d1e8bddb78b51ec2ed5056c52d3692baebc19 Status: Downloaded newer image for nginx:latest docker.io/library/nginx:latest

docker images

root@ip-172-31-20-86:~# docker images REPOSITORY TAG IMAGE ID CREATED SIZE jenkins/jenkins latest be95e0848c42 7 days ago 466MB nginx latest 53a18edff809 7 weeks ago 192MB

docker run -d -p 80:80 nginx

root@ip-172-31-20-86:~# docker run -d -p 80:80 nginx 3d1a52d091b05878e079b89002aa57b460c5263a585a8add0ecc671608d1f999

docker ps

root@ip-172-31-20-86:~# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 3d1a52d091b0 nginx "/docker-entrypoint.…" 3 seconds ago Up 3 seconds 0.0.0.0:80->80/tcp, [::]:80->80/tcp thirsty_shaw

docker exec -it 3d1a52d091b0

root@ip-172-31-20-86:~# docker exec -it 3d1a52d091b0 /bin/bash docker: 'docker exec' requires at least 2 arguments

root@ip-172-31-20-86:~# docker exec -it 3d1a52d091b0 /bin/bash root@3d1a52d091b0:/# hostname 3d1a52d091b0 root@3d1a52d091b0:/# hostname -i 172.17.0.3

root@5336d949f33b:/# ls bin boot dev docker-entrypoint.d docker-entrypoint.sh etc home lib lib64 media mnt opt proc root run sbin srv sys tmp usr var root@5336d949f33b:/# cd opt/ root@5336d949f33b:/opt# ls root@5336d949f33b:/opt# cd .. root@5336d949f33b:/# ls bin boot dev docker-entrypoint.d docker-entrypoint.sh etc home lib lib64 media mnt opt proc root run sbin srv sys tmp usr var root@5336d949f33b:/# cd usr/ root@5336d949f33b:/usr# ls bin games include lib lib64 libexec local sbin share src root@5336d949f33b:/usr# cd lib root@5336d949f33b:/usr/lib# ls apt dpkg init locale lsb mime nginx os-release sasl2 ssl systemd terminfo tmpfiles.d udev x86_64-linux-gnu root@5336d949f33b:/usr/lib# root@5336d949f33b:/usr/lib# docker images bash: docker: command not found root@5336d949f33b:/usr/lib# docker imagesexit bash: docker: command not found root@5336d949f33b:/usr/lib# read escape sequence root@ip-172-31-20-86:# docker images REPOSITORY TAG IMAGE ID CREATED SIZE jenkins/jenkins latest be95e0848c42 7 days ago 466MB nginx latest 53a18edff809 7 weeks ago 192MB ubuntu latest a04dc4851cbc 2 months ago 78.1MB hello-world latest 74cc54e27dc4 2 months ago 10.1kB root@ip-172-31-20-86:# docekr runRead from remote host ec2-34-204-17-141.compute-1.amazonaws.com: Connection reset by peer Connection to ec2-34-204-17-141.compute-1.amazonaws.com closed. client_loop: send disconnect: Connection reset by peer

we can see below nginx web page and nginx is running on containers

A Dockerfile is a script containing a series of instructions on how to build a Docker image. It defines the environment and application setup, including dependencies, configurations, and the necessary steps to get your application running in a container.

dockerfile is a text file, and it have set up of all instructiuons

https://docs.docker.com/get-started/docker-concepts/building-images/writing-a-dockerfile/

Dockerfile::dockerfile is text file, and it have set up of all instructiuons FROM nginx or ubuntu or LABEL "AUthor =[email protected]" RUN apt update && apt-get install jenkins -y COPY . . ----src destnations ADD . . -----src destinatuion CMD ["echo",".jar"] ENTRYPOINT ["echo", "war"] EXPOSE 8080,8085 ENV APP_HOME ="Ifocus SOlutions pvt ltd" WORKDIR $APP_HOME /app VOLUME

FROM: Specifies the base image for the Docker image you're creating. FROM ubuntu:20.04

RUN: Executes commands inside the container, often used to install dependencies. RUN apt-get update && apt-get install -y python3

COPY or ADD: Copies files from your local machine into the container. COPY . /app

WORKDIR: Sets the working directory for any subsequent commands in the Dockerfile. WORKDIR /app CMD: Specifies the command to run when a container is started from the image. CMD ["python3", "app.py"] EXPOSE: Defines the network ports the container will listen on at runtime. EXPOSE 8080

ENV: Sets environment variables inside the container. ENV APP_ENV=production CMD & ENTRPOINT can be executed starting of the container

--use CMD you can change the value but ENTRYPOINT not possible to change the value at the starting of the container --CMD you can change the argument value --ENTRYPOINT can’t change the argument value

CMD ["echo",".jar"] ENTRYPOINT ["echo", "war"]

CMD/ENTRYPOINT ====should have something which runs till your app is alive

life time of your container -->time which your cmd/entrypont is alive

Here’s a simple Dockerfile example that builds a Python web app:

FROM python:3.9-slim

WORKDIR /app

COPY . /app

RUN pip install --no-cache-dir -r requirements.txt

EXPOSE 5000

CMD ["python", "app.py"]

Building and Running a Docker Image: Once you’ve written your Dockerfile, you can build and run it using Docker commands:

Build the Docker image:

docker build -t my-python-app .

Run the container:

docker run -d -p 8080:8080 my-python-app

A Dockerfile is a script containing a series of instructions on how to build a Docker image. It defines the environment and application setup, including dependencies, configurations, and the necessary steps to get your application running in a container. Essentially, it's the blueprint for creating Docker images.

1. FROM: Specifies the base image for the Docker image you're creating.

   FROM ubuntu:20.04

2. RUN: Executes commands inside the container, often used to install dependencies.

   RUN apt-get update && apt-get install -y python3

3. COPY or ADD: Copies files from your local machine into the container.

   COPY . /app

4. WORKDIR: Sets the working directory for any subsequent commands in the Dockerfile.

   WORKDIR /app

5. CMD: Specifies the command to run when a container is started from the image.

   CMD ["python3", "app.py"]

6. EXPOSE: Defines the network ports the container will listen on at runtime.

   EXPOSE 8080

7. ENV: Sets environment variables inside the container.

   ENV APP_ENV=production

Here’s a simple Dockerfile example that builds a Python web app:

# Use an official Python runtime as the base image
FROM python:3.9-slim

# Set the working directory in the container
WORKDIR /app

# Copy the current directory contents into the container
COPY . /app

# Install the required dependencies
RUN pip install --no-cache-dir -r requirements.txt

# Expose the port the app runs on
EXPOSE 5000

# Define the command to run the application
CMD ["python", "app.py"]

Once you’ve written your Dockerfile, you can build and run it using Docker commands:

1. Build the Docker image:

   docker build -t my-python-app .

2. Run the container:

   docker run -p 5000:5000 my-python-app

The Dockerfile streamlines the process of creating consistent and reproducible environments, making it easier to deploy applications across different systems.

Example 2 For Dockerfile::

please follow the below link to execute the dockerfile for jenkins

https://www.geeksforgeeks.org/what-is-dockerfile/

FROM openjdk:11-jdk MAINTAINER GFG author LABEL env=production ENV apparea /data/app RUN mkdir -p $apparea ADD https://get.jenkins.io/war/2.397/jenkins.war $apparea WORKDIR $apparea EXPOSE 8080 CMD ["java","-jar","jenkins.war"]

docker build -t jenkins:1 . docker build -t jenkins:2 .

docker run -d -p 8080:8080 <Imagetag/ID> docker run -d -p 8081:8080 <Imagetag/ID>

Expected :: jenkins is up & running inside the containers

https://github.com/ifocus7358/spring-ms/blob/master/Dockerfile

Please clone this project in ubuntu machines

root@ip-172-31-20-86:~# git clone https://github.com/ifocus7358/spring-ms.git

root@ip-172-31-20-86:# cd spring-ms/ root@ip-172-31-20-86:/spring-ms# ls Dockerfile azure-pipeline.yml azure-pipelines.yml deploy.yaml pom.xml src root@ip-172-31-20-86:~/spring-ms#

root@ip-172-31-20-86:~/spring-ms# docker image build -t springmyapp . [+] Building 0.4s (12/12) FINISHED docker:default => [internal] load build definition from Dockerfile 0.0s => => transferring dockerfile: 256B 0.0s => WARN: FromAsCasing: 'as' and 'FROM' keywords' casing do not match (line 1) 0.0s => [internal] load metadata for registry.access.redhat.com/ubi8/openjdk-11:latest 0.3s => [internal] load metadata for docker.io/library/maven:3.6.3-jdk-11 0.1s => [auth] library/maven:pull token for registry-1.docker.io 0.0s => [internal] load .dockerignore 0.0s => => transferring context: 2B 0.0s => [internal] load build context 0.0s => => transferring context: 2.76kB 0.0s => [stage-1 1/2] FROM registry.access.redhat.com/ubi8/openjdk-11:latest@sha256:28b35eea470174a39befd8eb9250a3276b79a4f6e7dac787 0.0s => [stage1 1/3] FROM docker.io/library/maven:3.6.3-jdk-11@sha256:1d29ccf46ef2a5e64f7de3d79a63f9bcffb4dc56be0ae3daed5ca5542b38aa 0.0s => CACHED [stage1 2/3] COPY . . 0.0s => CACHED [stage1 3/3] RUN mvn clean package 0.0s => CACHED [stage-1 2/2] COPY --from=stage1 target/*.jar app.jar 0.0s => exporting to image 0.0s => => exporting layers 0.0s => => writing image sha256:bdbbb4bbe700af425032e6a27d6909e2906677fbffce9b833d596e3f37082479 0.0s => => naming to docker.io/library/springmyapp 0.0s

1 warning found (use docker --debug to expand):

• FromAsCasing: 'as' and 'FROM' keywords' casing do not match (line 1) root@ip-172-31-20-86:~/spring-ms#

root@ip-172-31-20-86:/spring-ms# docker images REPOSITORY TAG IMAGE ID CREATED SIZE spring latest bdbbb4bbe700 9 hours ago 410MB springmyapp latest bdbbb4bbe700 9 hours ago 410MB srinu7358/spring-03042025 latest bdbbb4bbe700 9 hours ago 410MB allinstructions latest c2993e54968d 9 hours ago 1.17GB 805cbec82269 9 hours ago 1.17GB testmyownimage latest 621f509fde33 10 hours ago 1.1GB ifocus latest 381bfb89fb02 10 hours ago 1.1GB srinu7358/ifocus-myapp latest 381bfb89fb02 10 hours ago 1.1GB root@ip-172-31-20-86:/spring-ms# docker run -d -p 8081:8081 springmyapp:latest 17ac78f05de4abdca3d46972e63f29c897a011d732ca3e76e7c1ef2158af10b1 root@ip-172-31-20-86:~/spring-ms#

/repositoryname: Docker.io username/reponame ::latest

[docker.io/srinu7358/ifocus-myapp] :latest ---->image formate

docker.io -----registry name ----docekr hub

srinu7358 ----repository username

ifocus-myapp ---image name

docker container run –d –p 8080:8080 springmyapp:1.0 -d --> detached mode -p -->mappimg a port 8080: host port 8080: container port springmyapp:: image name 1.0:: tag name

Expected http://54.162.108.91:8080/

• bridge: Default network for containers on the same host. • host: The container shares the host’s networking stack. • overlay: Used for multi-host networking (requires Docker Swarm). • none: No network connectivity is assigned to the container. • >bridge network is used for single node communication • >overlay network is used for multi node communication • ---Kubernetes/swarm are used to communicate 2 containers in docker that’s like orchestration macvlan network:: may be used to give containers across different hosts unique, routable IP addresses in a larger network IPVLAN:Containers share the host’s MAC address but have individual IP addresses.

docker network create my_custom_network

Created my own network - my_custom_network

docker run -d --name container1 --network my_custom_network nginx

docker run -d --name container2 --network my_custom_network redis

In this example: • container1 will run an Nginx container. • container2 will run a Redis container.

Both containers are connected to the my_custom_network.

To view detailed information about a network (like connected containers and settings), use the docker network inspect command:

docker ps docker network ls docker network inspect my_custom_network

docker network connect my_custom_network container_name Disconnect a Container from a Network: docker network disconnect my_custom_network container_name Remove a Docker Network:: docker network rm my_custom_network Note that the network must be unused by any containers before it can be removed.

A common use case for Docker networks is to isolate different applications or microservices, ensuring that containers in one application cannot easily communicate with containers in another. This helps you maintain security and control over how containers interact with each other.

--default network bridge can only ping throw ip address not container name --our own network bridge(mybridge) able to ping both ip address and container name that’s advantage of network create.

---Kubernetes/swarm are used to communicate 2 containers in docker that’s like orchestration --if you create your own bridge network the advantage is you can able to resolved the any issues using container name not only ipaddress but by default using you can able to resolved the issues by ipaddress.

bridge network is used for single node communication overlay network is used for multi node communication

Docker and Docker Swarm are both tools used to manage containers, but they serve different purposes and have different features.

Docker is a platform that allows you to create, deploy, and run applications inside containers. Containers are lightweight, portable, and ensure that the application works the same regardless of where it's deployed, making Docker a powerful tool for developing, testing, and deploying applications.

• Containerization: Docker encapsulates applications and their dependencies into containers, ensuring consistency across environments (e.g., development, staging, production). • Images and Containers: Docker uses images to define the environment for an application. Containers are instances of those images. • Docker Hub: Docker Hub is a cloud-based registry where you can find pre-built images or upload your own. • Portability: Docker containers can run on any system with Docker installed, from your laptop to a cloud server. • Isolation: Containers are isolated from the host system, so they don’t interfere with other processes or systems.

• Build an Image: docker build -t my-image . • Run a Container: docker run -d --name my-container my-image • List Containers: docker ps • Stop a Container: docker stop my-container • Remove a Container: docker rm my-container • List Images: docker images

Docker Swarm is a clustering and orchestration tool for Docker containers. It allows you to deploy and manage multiple containers across multiple Docker hosts (machines), forming a swarm. This means that you can treat a collection of Docker hosts as a single virtual host and manage them as one. Docker Swarm makes it easier to scale, deploy, and maintain containerized applications in production environments. It provides high availability, fault tolerance, and easy scaling of applications across multiple machines.

• Node: A machine (physical or virtual) running Docker that is part of the Swarm cluster. There are two types of nodes: o Manager Node: Manages the cluster and orchestrates services. o Worker Node: Runs the actual containers based on instructions from manager nodes. • Service: A service is a description of the tasks (containers) you want to run. When you define a service, Docker Swarm ensures that the desired number of replicas of that service are running at all times. • Task: A task is a running container in the context of a service. Each task runs a container that is part of a service.

• Docker is used to build and run containers on a single machine, whereas Docker Swarm extends Docker to manage containers across a cluster of machines. • Docker Swarm provides orchestration features such as load balancing, scaling, and high availability, which are not available in basic Docker. • Docker Swarm is built into Docker, making it easier to set up and use compared to other container orchestration systems like Kubernetes.

1.Manager Node 2.Worker Node

docker swarm init runs on master docker swarm join runs on node

docker swarm join --token SWMTKN-1-33cj3h7mhtq98iy5aifyy9s1cdqnzh4jgl3rdgdez0vbfx8fnc-bu27q63wt2i7qfgkh0r07o85o 172.31.24.64:2377

once initialize the swarm it will automatically created overlay network

docker network create –d overlay qt-overlay

docker network create -d overlay qt-overlay docker node ls

docker network create –d overlay qt-overlay

docker network create -d overlay ifocus-overlay docker node ls

docker service create --name ifocus --network ifocus-overlay --replicas 3 -p 80:80 nginx docker service create --name my-web-service --replicas 3 -p 80:80 nginx docker service ls docker node ls

--docker always maintain --replicas 3 means 3 containers by default if for example 1 container die docker automatically create container automatically this is main use of services with docker

docker swarm:: multi containarization for your applications

Docker Swarm is a built-in container orchestration tool that allows you to manage a cluster of Docker hosts as a single entity

in any cloud we have docker /container services lke

1.AWS --->ECS ----elastic conatienr services 2.Azure---->ACS ----Azure contaienr services 3.Kuberneties---->EKS ---Elsatic kuberneties services

• this is Docker Inc's Container Orchestration Platform
• it only supports managing Docker containerized application workloads
• it is pretty easy to install and learn
• can be installed on a laptop with pretty basic configuation as well as it is very light weight
• good for POC or learning purpose
• not production grade

Kubernetes (often abbreviated as K8s) is an open-source container orchestration platform designed to automate the deployment, scaling, and management of containerized applications. Originally developed by Google.

free and opensource container orchestration platform developed by Google along with many open source contributors

• it is production grade

• free for personal and commercial use

• as it is opensource, we won't get support from Google

• only supports command line interface (CLI)

• doesn't support web console

• Kubernetes does provide some basic Dashboard but it is considered a security vulnerability, hence no one uses the Kubernetes Dashboard

• Rancher is opensource webconsole for Google Kubernetes

• supports inbuilt monitoring features

  • it can check the health of our application, when it finds your application is not responding, it can repair it or replace it with another good healthy instance of your application
  • it supports inbuilt load-balancing

  Master ---Management --(Orchestration) Node machine (minion) --workers (containers)

  POD ---the smallest unit, mainatained one or more containers

  YAML --key-value paires

1.Container Orchestration: Kubernetes helps you manage multiple containers, ensuring that they run efficiently and reliably across many servers.

2.Scaling: Kubernetes can automatically scale your applications up or down based on demand, making it easier to handle varying workloads.

3.Load Balancing: It can distribute network traffic to different containers, ensuring that applications remain responsive even under heavy loads.

4.Self-Healing: If a container crashes or stops working, Kubernetes can automatically restart or replace it, ensuring the application stays available.

5.Automated Deployment and Rollback: Kubernetes can automate the process of deploying new versions of an application, and if something goes wrong, it can roll back to a previous version.

6.Storage Management: Kubernetes can automatically mount the storage resources you need for your applications, making it easier to manage persistent data.

In short, Kubernetes is designed to make it easier to manage applications at scale in a way that is highly automated, reliable, and efficient. It’s widely used in DevOps platform

Cluster:: collection of nodes with a single responsibility

All the nodes in that cluster do same process, same type of work can will do collection of nodes in cluster

a cluster might refer to a set of virtual machines or containers working together for a specific application or service.

1.Master Node (Control Plane): The Master Node is the brain of the Kubernetes cluster. It manages the cluster and makes decisions about scheduling, scaling, and maintaining the health of the application. The control plane consists of several key components:

The API server exposes the Kubernetes API, which is used to interact with the cluster.

The scheduler assigns work (pods) to available worker nodes.

Ensures that the desired state of the system is maintained, such as ensuring that the correct number of pods are running.

A distributed key-value store used to store all cluster data, including the state of the system (like deployed pods, config maps, and secrets).

o The Worker Nodes are responsible for running the actual application workloads. These nodes host the pods, which are the smallest deployable units in Kubernetes. A worker node typically runs:

1.Kubelet: An agent that ensures the containers in the pods are running and healthy.

2.Kube Proxy: A network proxy that maintains network rules for pod communication.

3.Container Runtime: The software responsible for running containers (e.g., Docker, containerd).

4.Pods::

A pod is the smallest unit of execution in Kubernetes and can contain one or more containers that share resources such as networking and storage. Pods are always deployed in a Kubernetes cluster and are managed by the control plane.

5.Services:

A service in Kubernetes is a way to expose an application running in a pod to other pods or external users. It ensures that network communication between pods is reliable, even as pods are dynamically created or destroyed.

NOTE:::In kubernetes master is not created containers, this is recommended approaches we can create containers in master also but not proposed

kubernetes is help to individually scale micro services

Basically, kubernetes is used for to maintain containers

Above picture directly using pods without using services and if ipaddress no longer available our application is not worked. pods communication throw ip address right, so it has a problem to resolved the this problem services is come to the picture.

Services –logical entity and maintain ip address

Below picture is running the pods with Service

for this i have to take 3 ubuntu machines

1. Master Node
2. Worker NOde1
3. Worker Node2

PLease follow The step-by-step guide on this page will explain you how to install Kubernetes cluster on Ubuntu 24.04 using Kubeadm command step by step.

Below link have all the steps to setup the kubernets cluster with worker nodes machines just below execute the all the commands

https://www.linuxtechi.com/install-kubernetes-on-ubuntu-22-04/

root@ip-172-31-44-79:# sudo hostnamectl set-hostname "k8smaster" root@ip-172-31-44-79:# exec bash root@k8smaster:# sudo vi /etc/hosts root@k8smaster:# root@k8smaster:# sudo swapoff -a root@k8smaster:# sudo sed -i '/ swap / s/^(.*)$/#\1/g' /etc/fstab root@k8smaster:# sudo tee /etc/modules-load.d/containerd.conf <<EOF overlay br_netfilter EOF overlay br_netfilter root@k8smaster:# sudo modprobe overlay root@k8smaster:# sudo modprobe br_netfilter root@k8smaster:# sudo tee /etc/sysctl.d/kubernetes.conf <<EOT net.bridge.bridge-nf-call-ip6tables = 1 net.bridge.bridge-nf-call-iptables = 1 net.ipv4.ip_forward = 1 EOT net.bridge.bridge-nf-call-ip6tables = 1 net.bridge.bridge-nf-call-iptables = 1 net.ipv4.ip_forward = 1 root@k8smaster:~# sudo sysctl --system

• Applying /usr/lib/sysctl.d/10-apparmor.conf ...
• Applying /etc/sysctl.d/10-bufferbloat.conf ...
• Applying /etc/sysctl.d/10-console-messages.conf ...
• Applying /etc/sysctl.d/10-ipv6-privacy.conf ...
• Applying /etc/sysctl.d/10-kernel-hardening.conf ...
• Applying /etc/sysctl.d/10-magic-sysrq.conf ...
• Applying /etc/sysctl.d/10-map-count.conf ...
• Applying /etc/sysctl.d/10-network-security.conf ...
• Applying /etc/sysctl.d/10-ptrace.conf ...
• Applying /etc/sysctl.d/10-zeropage.conf ...
• Applying /etc/sysctl.d/50-cloudimg-settings.conf ...
• Applying /usr/lib/sysctl.d/50-pid-max.conf ...
• Applying /etc/sysctl.d/99-cloudimg-ipv6.conf ...
• Applying /usr/lib/sysctl.d/99-protect-links.conf ...
• Applying /etc/sysctl.d/99-sysctl.conf ...
• Applying /etc/sysctl.d/kubernetes.conf ...
• Applying /etc/sysctl.conf ... kernel.apparmor_restrict_unprivileged_userns = 1 net.core.default_qdisc = fq_codel kernel.printk = 4 4 1 7 net.ipv6.conf.all.use_tempaddr = 2 net.ipv6.conf.default.use_tempaddr = 2 kernel.kptr_restrict = 1 kernel.sysrq = 176 vm.max_map_count = 1048576 net.ipv4.conf.default.rp_filter = 2 net.ipv4.conf.all.rp_filter = 2 kernel.yama.ptrace_scope = 1 vm.mmap_min_addr = 65536 net.ipv4.neigh.default.gc_thresh2 = 15360 net.ipv4.neigh.default.gc_thresh3 = 16384 net.netfilter.nf_conntrack_max = 1048576 kernel.pid_max = 4194304 net.ipv6.conf.all.use_tempaddr = 0 net.ipv6.conf.default.use_tempaddr = 0 fs.protected_fifos = 1 fs.protected_hardlinks = 1 fs.protected_regular = 2 fs.protected_symlinks = 1 net.bridge.bridge-nf-call-ip6tables = 1 net.bridge.bridge-nf-call-iptables = 1 net.ipv4.ip_forward = 1 root@k8smaster:~# sudo apt install -y curl gnupg2 software-properties-common apt-transport-https ca-certificates Reading package lists... Done Building dependency tree... Done Reading state information... Done curl is already the newest version (8.5.0-2ubuntu10.6). software-properties-common is already the newest version (0.99.49.2). software-properties-common set to manually installed. apt-transport-https is already the newest version (2.7.14build2). ca-certificates is already the newest version (20240203). The following additional packages will be installed: dirmngr gnupg gnupg-l10n gnupg-utils gpg gpg-agent gpg-wks-client gpgconf gpgsm gpgv keyboxd Suggested packages: pinentry-gnome3 tor parcimonie xloadimage gpg-wks-server scdaemon The following NEW packages will be installed: gnupg2 The following packages will be upgraded: dirmngr gnupg gnupg-l10n gnupg-utils gpg gpg-agent gpg-wks-client gpgconf gpgsm gpgv keyboxd 11 upgraded, 1 newly installed, 0 to remove and 69 not upgraded. Need to get 2296 kB of archives. After this operation, 32.8 kB of additional disk space will be used. Get:1 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble-updates/main amd64 gpg-wks-client amd64 2.4.4-2ubuntu17.2 [70.9 kB] Get:2 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble-updates/main amd64 dirmngr amd64 2.4.4-2ubuntu17.2 [323 kB] Get:3 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble-updates/main amd64 gnupg-utils amd64 2.4.4-2ubuntu17.2 [109 kB] Get:4 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble-updates/main amd64 gpgsm amd64 2.4.4-2ubuntu17.2 [232 kB] Get:5 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble-updates/main amd64 gpg-agent amd64 2.4.4-2ubuntu17.2 [227 kB] Get:6 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble-updates/main amd64 gpg amd64 2.4.4-2ubuntu17.2 [565 kB] Get:7 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble-updates/main amd64 gpgconf amd64 2.4.4-2ubuntu17.2 [103 kB] Get:8 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble-updates/main amd64 gnupg all 2.4.4-2ubuntu17.2 [359 kB] Get:9 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble-updates/main amd64 keyboxd amd64 2.4.4-2ubuntu17.2 [78.3 kB] Get:10 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble-updates/main amd64 gpgv amd64 2.4.4-2ubuntu17.2 [158 kB] Get:11 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble-updates/main amd64 gnupg-l10n all 2.4.4-2ubuntu17.2 [66.1 kB] Get:12 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble-updates/universe amd64 gnupg2 all 2.4.4-2ubuntu17.2 [4750 B] Fetched 2296 kB in 0s (37.4 MB/s) (Reading database ... 70564 files and directories currently installed.) Preparing to unpack .../0-gpg-wks-client_2.4.4-2ubuntu17.2_amd64.deb ... Unpacking gpg-wks-client (2.4.4-2ubuntu17.2) over (2.4.4-2ubuntu17) ... Preparing to unpack .../1-dirmngr_2.4.4-2ubuntu17.2_amd64.deb ... Unpacking dirmngr (2.4.4-2ubuntu17.2) over (2.4.4-2ubuntu17) ... Preparing to unpack .../2-gnupg-utils_2.4.4-2ubuntu17.2_amd64.deb ... Unpacking gnupg-utils (2.4.4-2ubuntu17.2) over (2.4.4-2ubuntu17) ... Preparing to unpack .../3-gpgsm_2.4.4-2ubuntu17.2_amd64.deb ... Unpacking gpgsm (2.4.4-2ubuntu17.2) over (2.4.4-2ubuntu17) ... Preparing to unpack .../4-gpg-agent_2.4.4-2ubuntu17.2_amd64.deb ... Unpacking gpg-agent (2.4.4-2ubuntu17.2) over (2.4.4-2ubuntu17) ... Preparing to unpack .../5-gpg_2.4.4-2ubuntu17.2_amd64.deb ... Unpacking gpg (2.4.4-2ubuntu17.2) over (2.4.4-2ubuntu17) ... Preparing to unpack .../6-gpgconf_2.4.4-2ubuntu17.2_amd64.deb ... Unpacking gpgconf (2.4.4-2ubuntu17.2) over (2.4.4-2ubuntu17) ... Preparing to unpack .../7-gnupg_2.4.4-2ubuntu17.2_all.deb ... Unpacking gnupg (2.4.4-2ubuntu17.2) over (2.4.4-2ubuntu17) ... Preparing to unpack .../8-keyboxd_2.4.4-2ubuntu17.2_amd64.deb ... Unpacking keyboxd (2.4.4-2ubuntu17.2) over (2.4.4-2ubuntu17) ... Preparing to unpack .../9-gpgv_2.4.4-2ubuntu17.2_amd64.deb ... Unpacking gpgv (2.4.4-2ubuntu17.2) over (2.4.4-2ubuntu17) ... Setting up gpgv (2.4.4-2ubuntu17.2) ... (Reading database ... 70564 files and directories currently installed.) Preparing to unpack .../gnupg-l10n_2.4.4-2ubuntu17.2_all.deb ... Unpacking gnupg-l10n (2.4.4-2ubuntu17.2) over (2.4.4-2ubuntu17) ... Selecting previously unselected package gnupg2. Preparing to unpack .../gnupg2_2.4.4-2ubuntu17.2_all.deb ... Unpacking gnupg2 (2.4.4-2ubuntu17.2) ... Setting up gnupg-l10n (2.4.4-2ubuntu17.2) ... Setting up gpgconf (2.4.4-2ubuntu17.2) ... Setting up gpg (2.4.4-2ubuntu17.2) ... Setting up gnupg-utils (2.4.4-2ubuntu17.2) ... Setting up gpg-agent (2.4.4-2ubuntu17.2) ... Setting up gpgsm (2.4.4-2ubuntu17.2) ... Setting up dirmngr (2.4.4-2ubuntu17.2) ... Setting up keyboxd (2.4.4-2ubuntu17.2) ... Setting up gnupg (2.4.4-2ubuntu17.2) ... Setting up gnupg2 (2.4.4-2ubuntu17.2) ... Setting up gpg-wks-client (2.4.4-2ubuntu17.2) ... Processing triggers for install-info (7.1-3build2) ... Processing triggers for man-db (2.12.0-4build2) ... Scanning processes... Scanning linux images...

Running kernel seems to be up-to-date.

No services need to be restarted.

No containers need to be restarted.

No user sessions are running outdated binaries.

No VM guests are running outdated hypervisor (qemu) binaries on this host. root@k8smaster:# sudo curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmour -o /etc/apt/trusted.gpg.d/docker.gpg root@k8smaster:# sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" Repository: 'deb [arch=amd64] https://download.docker.com/linux/ubuntu noble stable' Description: Archive for codename: noble components: stable More info: https://download.docker.com/linux/ubuntu Adding repository. Press [ENTER] to continue or Ctrl-c to cancel. Adding deb entry to /etc/apt/sources.list.d/archive_uri-https_download_docker_com_linux_ubuntu-noble.list Adding disabled deb-src entry to /etc/apt/sources.list.d/archive_uri-https_download_docker_com_linux_ubuntu-noble.list Hit:1 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble InRelease Hit:2 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble-updates InRelease Hit:3 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble-backports InRelease Get:4 https://download.docker.com/linux/ubuntu noble InRelease [48.8 kB] Hit:5 http://security.ubuntu.com/ubuntu noble-security InRelease Get:6 https://download.docker.com/linux/ubuntu noble/stable amd64 Packages [24.0 kB] Fetched 72.8 kB in 0s (170 kB/s) Reading package lists... Done root@k8smaster:# sudo apt update Hit:1 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble InRelease Hit:2 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble-updates InRelease Hit:3 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble-backports InRelease Hit:4 http://security.ubuntu.com/ubuntu noble-security InRelease Hit:5 https://download.docker.com/linux/ubuntu noble InRelease Reading package lists... Done Building dependency tree... Done Reading state information... Done 69 packages can be upgraded. Run 'apt list --upgradable' to see them. root@k8smaster:# sudo apt install -y containerd.io Reading package lists... Done Building dependency tree... Done Reading state information... Done The following NEW packages will be installed: containerd.io 0 upgraded, 1 newly installed, 0 to remove and 69 not upgraded. Need to get 30.5 MB of archives. After this operation, 125 MB of additional disk space will be used. Get:1 https://download.docker.com/linux/ubuntu noble/stable amd64 containerd.io amd64 1.7.27-1 [30.5 MB] Fetched 30.5 MB in 0s (67.2 MB/s) Selecting previously unselected package containerd.io. (Reading database ... 70570 files and directories currently installed.) Preparing to unpack .../containerd.io_1.7.27-1_amd64.deb ... Unpacking containerd.io (1.7.27-1) ... Setting up containerd.io (1.7.27-1) ... Created symlink /etc/systemd/system/multi-user.target.wants/containerd.service → /usr/lib/systemd/system/containerd.service. Processing triggers for man-db (2.12.0-4build2) ... Scanning processes... Scanning linux images...

Running kernel seems to be up-to-date.

No services need to be restarted.

No containers need to be restarted.

No user sessions are running outdated binaries.

No VM guests are running outdated hypervisor (qemu) binaries on this host. root@k8smaster:# containerd config default | sudo tee /etc/containerd/config.toml >/dev/null 2>&1 root@k8smaster:# sudo sed -i 's/SystemdCgroup = false/SystemdCgroup = true/g' /etc/containerd/config.toml root@k8smaster:# sudo systemctl restart containerd root@k8smaster:# sudo systemctl enable containerd root@k8smaster:# docker --version Command 'docker' not found, but can be installed with: snap install docker # version 27.5.1, or apt install docker.io # version 26.1.3-0ubuntu124.04.1 apt install podman-docker # version 4.9.3+ds1-1ubuntu0.2 See 'snap info docker' for additional versions. root@k8smaster:# curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.28/deb/Release.key | sudo gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg root@k8smaster:# echo 'deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.28/deb/ /' | sudo tee /etc/apt/sources.list.d/kubernetes.list deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.28/deb/ / root@k8smaster:# root@k8smaster:# Read from remote host ec2-54-166-228-72.compute-1.amazonaws.com: Connection reset by peer Connection to ec2-54-166-228-72.compute-1.amazonaws.com closed. client_loop: send disconnect: Connection reset by peer

HP@DESKTOP-E518Q66 MINGW64 ~/Downloads $ ssh -i "dockerAndKUbernetes.pem" [email protected] Welcome to Ubuntu 24.04.2 LTS (GNU/Linux 6.8.0-1024-aws x86_64)

• Documentation: https://help.ubuntu.com
• Management: https://landscape.canonical.com
• Support: https://ubuntu.com/pro

System information as of Fri May 2 04:17:06 UTC 2025

System load: 0.0 Processes: 118 Usage of /: 30.5% of 6.71GB Users logged in: 1 Memory usage: 3% IPv4 address for enX0: 172.31.44.79 Swap usage: 0%

Expanded Security Maintenance for Applications is not enabled.

69 updates can be applied immediately. 27 of these updates are standard security updates. To see these additional updates run: apt list --upgradable

Enable ESM Apps to receive additional future security updates. See https://ubuntu.com/esm or run: sudo pro status

Last login: Fri May 2 03:43:59 2025 from 49.206.45.177 ubuntu@k8smaster:$ sud -i Command 'sud' not found, but there are 15 similar ones. ubuntu@k8smaster:$ sudo -i root@k8smaster:# sudo apt update Hit:1 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble InRelease Hit:2 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble-updates InRelease Hit:3 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble-backports InRelease Hit:4 http://security.ubuntu.com/ubuntu noble-security InRelease Hit:5 https://download.docker.com/linux/ubuntu noble InRelease Get:6 https://prod-cdn.packages.k8s.io/repositories/isv:/kubernetes:/core:/stable:/v1.28/deb InRelease [1192 B] Get:7 https://prod-cdn.packages.k8s.io/repositories/isv:/kubernetes:/core:/stable:/v1.28/deb Packages [21.3 kB] Fetched 22.5 kB in 1s (43.2 kB/s) Reading package lists... Done Building dependency tree... Done Reading state information... Done 69 packages can be upgraded. Run 'apt list --upgradable' to see them. root@k8smaster:# sudo apt install -y kubelet kubeadm kubectl Reading package lists... Done Building dependency tree... Done Reading state information... Done The following additional packages will be installed: conntrack cri-tools kubernetes-cni The following NEW packages will be installed: conntrack cri-tools kubeadm kubectl kubelet kubernetes-cni 0 upgraded, 6 newly installed, 0 to remove and 69 not upgraded. Need to get 87.4 MB of archives. After this operation, 335 MB of additional disk space will be used. Get:1 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble/main amd64 conntrack amd64 1:1.4.8-1ubuntu1 [37.9 kB] Get:2 https://prod-cdn.packages.k8s.io/repositories/isv:/kubernetes:/core:/stable:/v1.28/deb cri-tools 1.28.0-1.1 [19.6 MB] Get:3 https://prod-cdn.packages.k8s.io/repositories/isv:/kubernetes:/core:/stable:/v1.28/deb kubernetes-cni 1.2.0-2.1 [27.6 MB] Get:4 https://prod-cdn.packages.k8s.io/repositories/isv:/kubernetes:/core:/stable:/v1.28/deb kubelet 1.28.15-1.1 [19.6 MB] Get:5 https://prod-cdn.packages.k8s.io/repositories/isv:/kubernetes:/core:/stable:/v1.28/deb kubectl 1.28.15-1.1 [10.4 MB] Get:6 https://prod-cdn.packages.k8s.io/repositories/isv:/kubernetes:/core:/stable:/v1.28/deb kubeadm 1.28.15-1.1 [10.1 MB] Fetched 87.4 MB in 1s (90.9 MB/s) Selecting previously unselected package conntrack. (Reading database ... 70586 files and directories currently installed.) Preparing to unpack .../0-conntrack_1%3a1.4.8-1ubuntu1_amd64.deb ... Unpacking conntrack (1:1.4.8-1ubuntu1) ... Selecting previously unselected package cri-tools. Preparing to unpack .../1-cri-tools_1.28.0-1.1_amd64.deb ... Unpacking cri-tools (1.28.0-1.1) ... Selecting previously unselected package kubernetes-cni. Preparing to unpack .../2-kubernetes-cni_1.2.0-2.1_amd64.deb ... Unpacking kubernetes-cni (1.2.0-2.1) ... Selecting previously unselected package kubelet. Preparing to unpack .../3-kubelet_1.28.15-1.1_amd64.deb ... Unpacking kubelet (1.28.15-1.1) ... Selecting previously unselected package kubectl. Preparing to unpack .../4-kubectl_1.28.15-1.1_amd64.deb ... Unpacking kubectl (1.28.15-1.1) ... Selecting previously unselected package kubeadm. Preparing to unpack .../5-kubeadm_1.28.15-1.1_amd64.deb ... Unpacking kubeadm (1.28.15-1.1) ... Setting up conntrack (1:1.4.8-1ubuntu1) ... Setting up kubectl (1.28.15-1.1) ... Setting up cri-tools (1.28.0-1.1) ... Setting up kubernetes-cni (1.2.0-2.1) ... Setting up kubelet (1.28.15-1.1) ... Setting up kubeadm (1.28.15-1.1) ... Processing triggers for man-db (2.12.0-4build2) ... Scanning processes... Scanning linux images...

Running kernel seems to be up-to-date.

No services need to be restarted.

No containers need to be restarted.

No user sessions are running outdated binaries.

No VM guests are running outdated hypervisor (qemu) binaries on this host. root@k8smaster:# sudo apt-mark hold kubelet kubeadm kubectl kubelet set on hold. kubeadm set on hold. kubectl set on hold. root@k8smaster:# sudo kubeadm init --control-plane-endpoint=k8smaster I0502 04:23:24.943351 4347 version.go:256] remote version is much newer: v1.33.0; falling back to: stable-1.28 [init] Using Kubernetes version: v1.28.15 [preflight] Running pre-flight checks [preflight] Pulling images required for setting up a Kubernetes cluster [preflight] This might take a minute or two, depending on the speed of your internet connection [preflight] You can also perform this action in beforehand using 'kubeadm config images pull' W0502 04:23:35.198085 4347 checks.go:835] detected that the sandbox image "registry.k8s.io/pause:3.8" of the container runtime is inconsistent with that used by kubeadm. It is recommended that using "registry.k8s.io/pause:3.9" as the CRI sandbox image. [certs] Using certificateDir folder "/etc/kubernetes/pki" [certs] Generating "ca" certificate and key [certs] Generating "apiserver" certificate and key [certs] apiserver serving cert is signed for DNS names [k8smaster kubernetes kubernetes.default kubernetes.default.svc kubernetes.default.svc.cluster.local] and IPs [10.96.0.1 172.31.44.79] [certs] Generating "apiserver-kubelet-client" certificate and key [certs] Generating "front-proxy-ca" certificate and key [certs] Generating "front-proxy-client" certificate and key [certs] Generating "etcd/ca" certificate and key [certs] Generating "etcd/server" certificate and key [certs] etcd/server serving cert is signed for DNS names [k8smaster localhost] and IPs [172.31.44.79 127.0.0.1 ::1] [certs] Generating "etcd/peer" certificate and key [certs] etcd/peer serving cert is signed for DNS names [k8smaster localhost] and IPs [172.31.44.79 127.0.0.1 ::1] [certs] Generating "etcd/healthcheck-client" certificate and key [certs] Generating "apiserver-etcd-client" certificate and key [certs] Generating "sa" key and public key [kubeconfig] Using kubeconfig folder "/etc/kubernetes" [kubeconfig] Writing "admin.conf" kubeconfig file [kubeconfig] Writing "kubelet.conf" kubeconfig file [kubeconfig] Writing "controller-manager.conf" kubeconfig file [kubeconfig] Writing "scheduler.conf" kubeconfig file [etcd] Creating static Pod manifest for local etcd in "/etc/kubernetes/manifests" [control-plane] Using manifest folder "/etc/kubernetes/manifests" [control-plane] Creating static Pod manifest for "kube-apiserver" [control-plane] Creating static Pod manifest for "kube-controller-manager" [control-plane] Creating static Pod manifest for "kube-scheduler" [kubelet-start] Writing kubelet environment file with flags to file "/var/lib/kubelet/kubeadm-flags.env" [kubelet-start] Writing kubelet configuration to file "/var/lib/kubelet/config.yaml" [kubelet-start] Starting the kubelet [wait-control-plane] Waiting for the kubelet to boot up the control plane as static Pods from directory "/etc/kubernetes/manifests". This can take up to 4m0s [kubelet-check] Initial timeout of 40s passed. [apiclient] All control plane components are healthy after 126.567127 seconds [upload-config] Storing the configuration used in ConfigMap "kubeadm-config" in the "kube-system" Namespace [kubelet] Creating a ConfigMap "kubelet-config" in namespace kube-system with the configuration for the kubelets in the cluster [upload-certs] Skipping phase. Please see --upload-certs [mark-control-plane] Marking the node k8smaster as control-plane by adding the labels: [node-role.kubernetes.io/control-plane node.kubernetes.io/exclude-from-external-load-balancers] [mark-control-plane] Marking the node k8smaster as control-plane by adding the taints [node-role.kubernetes.io/control-plane:NoSchedule] [bootstrap-token] Using token: b1yj52.f057prjwtq0pf18c [bootstrap-token] Configuring bootstrap tokens, cluster-info ConfigMap, RBAC Roles [bootstrap-token] Configured RBAC rules to allow Node Bootstrap tokens to get nodes [bootstrap-token] Configured RBAC rules to allow Node Bootstrap tokens to post CSRs in order for nodes to get long term certificate credentials [bootstrap-token] Configured RBAC rules to allow the csrapprover controller automatically approve CSRs from a Node Bootstrap Token [bootstrap-token] Configured RBAC rules to allow certificate rotation for all node client certificates in the cluster [bootstrap-token] Creating the "cluster-info" ConfigMap in the "kube-public" namespace [kubelet-finalize] Updating "/etc/kubernetes/kubelet.conf" to point to a rotatable kubelet client certificate and key [addons] Applied essential addon: CoreDNS [addons] Applied essential addon: kube-proxy

Your Kubernetes control-plane has initialized successfully!

To start using your cluster, you need to run the following as a regular user:

mkdir -p $HOME/.kube sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config sudo chown $(id -u):$(id -g) $HOME/.kube/config

Alternatively, if you are the root user, you can run:

export KUBECONFIG=/etc/kubernetes/admin.conf

You should now deploy a pod network to the cluster. Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at: https://kubernetes.io/docs/concepts/cluster-administration/addons/

You can now join any number of control-plane nodes by copying certificate authorities and service account keys on each node and then running the following as root:

kubeadm join k8smaster:6443 --token b1yj52.f057prjwtq0pf18c
--discovery-token-ca-cert-hash sha256:fd928d117255c54ccc3f025e19e61a4c0b4672d55f1caabaa65ead804190a010
--control-plane

Then you can join any number of worker nodes by running the following on each as root:

kubeadm join k8smaster:6443 --token b1yj52.f057prjwtq0pf18c
--discovery-token-ca-cert-hash sha256:fd928d117255c54ccc3f025e19e61a4c0b4672d55f1caabaa65ead804190a010 root@k8smaster:# root@k8smaster:# root@k8smaster:# kubectl get nodes E0502 04:30:39.095085 5211 memcache.go:265] couldn't get current server API group list: Get "http://localhost:8080/api?timeout=32s": dial tcp 127.0.0.1:8080: connect: connection refused E0502 04:30:39.095354 5211 memcache.go:265] couldn't get current server API group list: Get "http://localhost:8080/api?timeout=32s": dial tcp 127.0.0.1:8080: connect: connection refused E0502 04:30:39.096830 5211 memcache.go:265] couldn't get current server API group list: Get "http://localhost:8080/api?timeout=32s": dial tcp 127.0.0.1:8080: connect: connection refused E0502 04:30:39.097327 5211 memcache.go:265] couldn't get current server API group list: Get "http://localhost:8080/api?timeout=32s": dial tcp 127.0.0.1:8080: connect: connection refused E0502 04:30:39.098702 5211 memcache.go:265] couldn't get current server API group list: Get "http://localhost:8080/api?timeout=32s": dial tcp 127.0.0.1:8080: connect: connection refused The connection to the server localhost:8080 was refused - did you specify the right host or port? root@k8smaster:# export KUBECONFIG=/etc/kubernetes/admin.conf root@k8smaster:~# kubectl get nodes

NAME STATUS ROLES AGE VERSION k8smaster NotReady control-plane 6m47s v1.28.15 k8sworker1 NotReady 3m49s v1.28.15 k8sworker2 NotReady 2m55s v1.28.15

Please complete the 1 master & 2 workers setup done like below

root@k8smaster:~# kubectl get nodes

NAME STATUS ROLES AGE VERSION k8smaster NotReady control-plane 6m47s v1.28.15 k8sworker1 NotReady 3m49s v1.28.15 k8sworker2 NotReady 2m55s v1.28.15

git clone https://github.com/ifocus7358/docker-Java-kubernetes-project.git

root@ip-172-31-36-154:~# git clone https://github.com/ifocus7358/docker-Java-kubernetes-project.git Cloning into 'docker-Java-kubernetes-project'... remote: Enumerating objects: 156, done. remote: Counting objects: 100% (42/42), done. remote: Compressing objects: 100% (32/32), done. remote: Total 156 (delta 27), reused 10 (delta 10), pack-reused 114 (from 1) Receiving objects: 100% (156/156), 27.40 KiB | 9.13 MiB/s, done. Resolving deltas: 100% (35/35), done.

root@ip-172-31-36-154:# ls docker-Java-kubernetes-project minikube-linux-amd64 snap root@ip-172-31-36-154:# cd docker-Java-kubernetes-project/ root@ip-172-31-36-154:/docker-Java-kubernetes-project# ls README.md kubernetes productcatalogue shopfront stockmanager root@ip-172-31-36-154:/docker-Java-kubernetes-project# cd kubernetes/ root@ip-172-31-36-154:/docker-Java-kubernetes-project/kubernetes# ls productcatalogue-service.yaml shopfront-service.yaml stockmanager-service.yaml root@ip-172-31-36-154:/docker-Java-kubernetes-project/kubernetes# cd .. root@ip-172-31-36-154:/docker-Java-kubernetes-project# ls README.md kubernetes productcatalogue shopfront stockmanager root@ip-172-31-36-154:/docker-Java-kubernetes-project# cd shopfront/ root@ip-172-31-36-154:/docker-Java-kubernetes-project/shopfront# ls Dockerfile pom.xml src root@ip-172-31-36-154:/docker-Java-kubernetes-project/shopfront# root@ip-172-31-36-154:~/docker-Java-kubernetes-project/shopfront# docker build -t shopfront .

root@ip-172-31-36-154:~/docker-Java-kubernetes-project/shopfront# mvn -v Apache Maven 3.8.7

So need to build the source code first it will generate target folder

mvn clean install

[INFO] BUILD SUCCESS [INFO] ------------------------------------------------------------------------ [INFO] Total time: 5.598 s [INFO] Finished at: 2025-04-08T05:52:09Z [INFO] ------------------------------------------------------------------------ root@ip-172-31-36-154:/docker-Java-kubernetes-project/shopfront# ls Dockerfile pom.xml src target root@ip-172-31-36-154:/docker-Java-kubernetes-project/shopfront# cd target/ root@ip-172-31-36-154:/docker-Java-kubernetes-project/shopfront/target# ls classes generated-sources maven-archiver maven-status shopfront-0.0.1-SNAPSHOT.jar shopfront-0.0.1-SNAPSHOT.jar.original root@ip-172-31-36-154:/docker-Java-kubernetes-project/shopfront/target# ls classes generated-sources maven-archiver maven-status shopfront-0.0.1-SNAPSHOT.jar shopfront-0.0.1-SNAPSHOT.jar.original root@ip-172-31-36-154:/docker-Java-kubernetes-project/shopfront/target# cd .. root@ip-172-31-36-154:/docker-Java-kubernetes-project/shopfront# docker build -t shopfront . [+] Building 8.8s (7/7) FINISHED docker:default => [internal] load build definition from Dockerfile 0.0s => => transferring dockerfile: 198B 0.0s => [internal] load metadata for docker.io/library/openjdk:8-jre 0.1s => [internal] load .dockerignore 0.0s => => transferring context: 2B 0.0s => [internal] load build context 0.5s => => transferring context: 46.10MB 0.5s => [1/2] FROM docker.io/library/openjdk:8-jre@sha256:667a15e7bc533a90fb39ddb7e5bed63162ac3c13a97e6c698bf4f139f51b7d33 6.1s => => resolve docker.io/library/openjdk:8-jre@sha256:667a15e7bc533a90fb39ddb7e5bed63162ac3c13a97e6c698bf4f139f51b7d33 0.0s => => sha256:2068746827ec1b043b571e4788693eab7e9b2a95301176512791f8c317a2816a 10.88MB / 10.88MB 0.3s => => sha256:a6a74c7b774e00fd2ec5664e257d344f1b7e69e2a618b1c0678f69719863c5ad 1.58kB / 1.58kB 0.0s => => sha256:0c14a0e20aa3a19448f6227265c6642571112e9cd9a69b5e7a323df46d1aa835 7.43kB / 7.43kB 0.0s => => sha256:d9d4b9b6e964657da49910b495173d6c4f0d9bc47b3b44273cf82fd32723d165 5.16MB / 5.16MB 0.2s => => sha256:667a15e7bc533a90fb39ddb7e5bed63162ac3c13a97e6c698bf4f139f51b7d33 1.04kB / 1.04kB 0.0s => => sha256:001c52e26ad57e3b25b439ee0052f6692e5c0f2d5d982a00a8819ace5e521452 55.00MB / 55.00MB 1.3s => => sha256:8510da692cda60e4746c14dd90905695eade5888e2ad640706a2be9dc42a0224 5.66MB / 5.66MB 0.5s => => sha256:c34215579d03c1311f4e8cd3525bc03dbbb53d79d8b58e63cce8cdd355356347 211B / 211B 0.4s => => sha256:73d77b4774a96dfa09076212d5170e977d153ceab60c1ec4312a8f436b91371c 41.42MB / 41.42MB 1.2s => => extracting sha256:001c52e26ad57e3b25b439ee0052f6692e5c0f2d5d982a00a8819ace5e521452 2.7s => => extracting sha256:d9d4b9b6e964657da49910b495173d6c4f0d9bc47b3b44273cf82fd32723d165 0.2s => => extracting sha256:2068746827ec1b043b571e4788693eab7e9b2a95301176512791f8c317a2816a 0.3s => => extracting sha256:8510da692cda60e4746c14dd90905695eade5888e2ad640706a2be9dc42a0224 0.2s => => extracting sha256:c34215579d03c1311f4e8cd3525bc03dbbb53d79d8b58e63cce8cdd355356347 0.0s => => extracting sha256:73d77b4774a96dfa09076212d5170e977d153ceab60c1ec4312a8f436b91371c 1.0s => [2/2] ADD target/shopfront-0.0.1-SNAPSHOT.jar app.jar 2.1s => exporting to image 0.3s => => exporting layers 0.3s => => writing image sha256:3ccf19de392942c193c580caabe914257071f0c0b1cb8c8b371d369d5e0630fd 0.0s => => naming to docker.io/library/shopfront 0.0s root@ip-172-31-36-154:/docker-Java-kubernetes-project/shopfront# docker images REPOSITORY TAG IMAGE ID CREATED SIZE shopfront latest 3ccf19de3929 14 seconds ago 320MB gcr.io/k8s-minikube/kicbase v0.0.46 e72c4cbe9b29 2 months ago 1.31GB root@ip-172-31-36-154:/docker-Java-kubernetes-project/shopfront# docker run -d -p 80:80 shopfront 836d8e23016935ac3cd74067bbdb4998dba147ce425d17edafced967b1884233 root@ip-172-31-36-154:/docker-Java-kubernetes-project/shopfront# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 836d8e230169 shopfront "java -Djava.securit…" 6 seconds ago Up 5 seconds 0.0.0.0:80->80/tcp, [::]:80->80/tcp, 8010/tcp epic_leavitt ad8f297fbeca gcr.io/k8s-minikube/kicbase:v0.0.46 "/usr/local/bin/entr…" 27 minutes ago Up 27 minutes 127.0.0.1:32768->22/tcp, 127.0.0.1:32769->2376/tcp, 127.0.0.1:32770->5000/tcp, 127.0.0.1:32771->8443/tcp, 127.0.0.1:32772->32443/tcp minikube root@ip-172-31-36-154:/docker-Java-kubernetes-project/shopfront# root@ip-172-31-36-154:/docker-Java-kubernetes-project/shopfront# docker images REPOSITORY TAG IMAGE ID CREATED SIZE shopfront latest 3ccf19de3929 3 minutes ago 320MB gcr.io/k8s-minikube/kicbase v0.0.46 e72c4cbe9b29 2 months ago 1.31GB root@ip-172-31-36-154:/docker-Java-kubernetes-project/shopfront# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 836d8e230169 shopfront "java -Djava.securit…" About a minute ago Up About a minute 0.0.0.0:80->80/tcp, [::]:80->80/tcp, 8010/tcp epic_leavitt ad8f297fbeca gcr.io/k8s-minikube/kicbase:v0.0.46 "/usr/local/bin/entr…" 28 minutes ago Up 28 minutes 127.0.0.1:32768->22/tcp, 127.0.0.1:32769->2376/tcp, 127.0.0.1:32770->5000/tcp, 127.0.0.1:32771->8443/tcp, 127.0.0.1:32772->32443/tcp minikube root@ip-172-31-36-154:/docker-Java-kubernetes-project/shopfront# docker rm 836d8e230169 Error response from daemon: cannot remove container "/epic_leavitt": container is running: stop the container before removing or force remove root@ip-172-31-36-154:/docker-Java-kubernetes-project/shopfront# docker rm -f 836d8e230169 836d8e230169 root@ip-172-31-36-154:/docker-Java-kubernetes-project/shopfront# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES ad8f297fbeca gcr.io/k8s-minikube/kicbase:v0.0.46 "/usr/local/bin/entr…" 29 minutes ago Up 29 minutes 127.0.0.1:32768->22/tcp, 127.0.0.1:32769->2376/tcp, 127.0.0.1:32770->5000/tcp, 127.0.0.1:32771->8443/tcp, 127.0.0.1:32772->32443/tcp minikube root@ip-172-31-36-154:/docker-Java-kubernetes-project/shopfront# docker images REPOSITORY TAG IMAGE ID CREATED SIZE shopfront latest 3ccf19de3929 4 minutes ago 320MB gcr.io/k8s-minikube/kicbase v0.0.46 e72c4cbe9b29 2 months ago 1.31GB root@ip-172-31-36-154:/docker-Java-kubernetes-project/shopfront# docker image tag shopfront srinu7358/shopfront-myapp root@ip-172-31-36-154:/docker-Java-kubernetes-project/shopfront# docker images REPOSITORY TAG IMAGE ID CREATED SIZE shopfront latest 3ccf19de3929 6 minutes ago 320MB srinu7358/shopfront-myapp latest 3ccf19de3929 6 minutes ago 320MB gcr.io/k8s-minikube/kicbase v0.0.46 e72c4cbe9b29 2 months ago 1.31GB root@ip-172-31-36-154:~/docker-Java-kubernetes-project/shopfront# docker login -u srinu7358

i Info → A Personal Access Token (PAT) can be used instead. To create a PAT, visit https://app.docker.com/settings

Password:

WARNING! Your credentials are stored unencrypted in '/root/.docker/config.json'. Configure a credential helper to remove this warning. See https://docs.docker.com/go/credential-store/

Login Succeeded root@ip-172-31-36-154:/docker-Java-kubernetes-project/shopfront# docker push srinu7358/shopfront-myapp Using default tag: latest The push refers to repository [docker.io/srinu7358/shopfront-myapp] c54136e18c64: Pushed 1aaddf64804f: Mounted from library/openjdk 990c5138f5d1: Mounted from library/openjdk 5c384ea5f752: Mounted from library/openjdk 293d5db30c9f: Mounted from library/openjdk 03127cdb479b: Mounted from library/openjdk 9c742cd6c7a5: Mounted from library/openjdk latest: digest: sha256:e027803e479a98c9d1fdcc6d983a6b778b62c2a91dee9bcccfffcb921848b42e size: 1794 root@ip-172-31-36-154:/docker-Java-kubernetes-project/shopfront# docker pull srinu7358/shopfront-myapp:latest latest: Pulling from srinu7358/shopfront-myapp Digest: sha256:e027803e479a98c9d1fdcc6d983a6b778b62c2a91dee9bcccfffcb921848b42e Status: Image is up to date for srinu7358/shopfront-myapp:latest docker.io/srinu7358/shopfront-myapp:latest root@ip-172-31-36-154:/docker-Java-kubernetes-project/shopfront# docker images REPOSITORY TAG IMAGE ID CREATED SIZE shopfront latest 3ccf19de3929 12 minutes ago 320MB srinu7358/shopfront-myapp latest 3ccf19de3929 12 minutes ago 320MB gcr.io/k8s-minikube/kicbase v0.0.46 e72c4cbe9b29 2 months ago 1.31GB root@ip-172-31-36-154:/docker-Java-kubernetes-project/shopfront# cd .. root@ip-172-31-36-154:/docker-Java-kubernetes-project# ls README.md kubernetes productcatalogue shopfront stockmanager root@ip-172-31-36-154:/docker-Java-kubernetes-project# Read from remote host ec2-54-174-108-84.compute-1.amazonaws.com: Connection reset by peer Connection to ec2-54-174-108-84.compute-1.amazonaws.com closed. client_loop: send disconnect: Connection reset by peer

Please build the stockmanager project and it will generated target/ after build success

[INFO] BUILD SUCCESS [INFO] ------------------------------------------------------------------------ [INFO] Total time: 5.152 s [INFO] Finished at: 2025-04-10T04:54:00Z [INFO] ------------------------------------------------------------------------ root@ip-172-31-36-154:/docker-Java-kubernetes-project/stockmanager# ls Dockerfile build pom.xml src target root@ip-172-31-36-154:/docker-Java-kubernetes-project/stockmanager# cd target/ root@ip-172-31-36-154:~/docker-Java-kubernetes-project/stockmanager/target# ls classes generated-sources maven-archiver maven-status stockmanager-0.0.1-SNAPSHOT.jar stockmanager-0.0.1-SNAPSHOT.jar.original

root@ip-172-31-36-154:~/docker-Java-kubernetes-project/stockmanager# docker image build -t stockmanager .

[+] Building 1.1s (8/8) FINISHED docker:default => [internal] load build definition from Dockerfile 0.0s => => transferring dockerfile: 201B 0.0s => [internal] load metadata for docker.io/library/openjdk:8-jre 0.1s => [auth] library/openjdk:pull token for registry-1.docker.io 0.0s => [internal] load .dockerignore 0.0s => => transferring context: 2B 0.0s => [internal] load build context 0.4s => => transferring context: 43.32MB 0.4s => CACHED [1/2] FROM docker.io/library/openjdk:8-jre@sha256:667a15e7bc533a90fb39ddb7e5bed63162ac3c13a97e6c698bf4f139f51b7d33 0.0s => [2/2] ADD target/stockmanager-0.0.1-SNAPSHOT.jar app.jar 0.2s => exporting to image 0.3s => => exporting layers 0.3s => => writing image sha256:3de0cce0b9d4173e0ab799d4a59b986a841c5e08244b25d0887f1d0a9d496662 0.0s => => naming to docker.io/library/stockmanager

root@ip-172-31-36-154:~/docker-Java-kubernetes-project/stockmanager# docker images REPOSITORY TAG IMAGE ID CREATED SIZE stockmanager latest 3de0cce0b9d4 10 seconds ago 317MB shopfront latest 3ccf19de3929 47 hours ago 320MB srinu7358/shopfront-myapp latest 3ccf19de3929 47 hours ago 320MB gcr.io/k8s-minikube/kicbase v0.0.46 e72c4cbe9b29 2 months ago 1.31GB

root@ip-172-31-36-154:/docker-Java-kubernetes-project/stockmanager# docker image tag stockmanager srinu7358/stockmanager-myapp root@ip-172-31-36-154:/docker-Java-kubernetes-project/stockmanager# docker images REPOSITORY TAG IMAGE ID CREATED SIZE stockmanager latest 3de0cce0b9d4 About a minute ago 317MB srinu7358/stockmanager-myapp latest 3de0cce0b9d4 About a minute ago 317MB shopfront latest 3ccf19de3929 47 hours ago 320MB srinu7358/shopfront-myapp latest 3ccf19de3929 47 hours ago 320MB gcr.io/k8s-minikube/kicbase v0.0.46 e72c4cbe9b29 2 months ago 1.31GB

root@ip-172-31-36-154:~/docker-Java-kubernetes-project/stockmanager# docker login -u srinu7358

i Info → A Personal Access Token (PAT) can be used instead. To create a PAT, visit https://app.docker.com/settings

Password: Login Succeeded

root@ip-172-31-36-154:~/docker-Java-kubernetes-project/stockmanager# docker push srinu7358/stockmanager-myapp Using default tag: latest The push refers to repository [docker.io/srinu7358/stockmanager-myapp] 03b73450f8a0: Pushed 1aaddf64804f: Mounted from srinu7358/shopfront-myapp 990c5138f5d1: Mounted from srinu7358/shopfront-myapp 5c384ea5f752: Mounted from srinu7358/shopfront-myapp 293d5db30c9f: Mounted from srinu7358/shopfront-myapp 03127cdb479b: Mounted from srinu7358/shopfront-myapp 9c742cd6c7a5: Mounted from srinu7358/shopfront-myapp latest: digest: sha256:1104a4cb9737fc33cae8cfb60b7b0093942da0c201322e4e001ddb9fb417f23b size: 1794

root@ip-172-31-36-154:/docker-Java-kubernetes-project/productcatalogue# ls Dockerfile pom.xml product-catalogue.yml src root@ip-172-31-36-154:/docker-Java-kubernetes-project/productcatalogue# cd src/ root@ip-172-31-36-154:/docker-Java-kubernetes-project/productcatalogue/src# ls main root@ip-172-31-36-154:/docker-Java-kubernetes-project/productcatalogue/src# cd .. root@ip-172-31-36-154:~/docker-Java-kubernetes-project/productcatalogue# mvn clean install [INFO] Scanning for projects...

[INFO] BUILD SUCCESS [INFO] ------------------------------------------------------------------------ [INFO] Total time: 9.130 s [INFO] Finished at: 2025-04-10T04:58:34Z [INFO] ------------------------------------------------------------------------ root@ip-172-31-36-154:~/docker-Java-kubernetes-project/productcatalogue# ls Dockerfile pom.xml product-catalogue.yml src target

root@ip-172-31-36-154:~/docker-Java-kubernetes-project/productcatalogue# docker image build -t productcatalogue .

[+] Building 0.6s (8/8) FINISHED docker:default => [internal] load build definition from Dockerfile 0.0s => => transferring dockerfile: 273B 0.0s => [internal] load metadata for docker.io/library/openjdk:8-jre 0.1s => [internal] load .dockerignore 0.0s => => transferring context: 2B 0.0s => CACHED [1/3] FROM docker.io/library/openjdk:8-jre@sha256:667a15e7bc533a90fb39ddb7e5bed63162ac3c13a97e6c698bf4f139f51b7d33 0.0s => [internal] load build context 0.2s => => transferring context: 17.63MB 0.2s => [2/3] ADD target/productcatalogue-0.0.1-SNAPSHOT.jar app.jar 0.1s => [3/3] ADD product-catalogue.yml app-config.yml 0.0s => exporting to image 0.1s => => exporting layers 0.1s => => writing image sha256:6c0847459aa3acde4375bfed34e3f04d029bf02a6ceedff1503657d3fc4e75e4 0.0s => => naming to docker.io/library/productcatalogue

root@ip-172-31-36-154:~/docker-Java-kubernetes-project/productcatalogue# docker images REPOSITORY TAG IMAGE ID CREATED SIZE productcatalogue latest 6c0847459aa3 9 seconds ago 291MB stockmanager latest 3de0cce0b9d4 4 minutes ago 317MB srinu7358/stockmanager-myapp latest 3de0cce0b9d4 4 minutes ago 317MB shopfront latest 3ccf19de3929 47 hours ago 320MB srinu7358/shopfront-myapp latest 3ccf19de3929 47 hours ago 320MB gcr.io/k8s-minikube/kicbase v0.0.46 e72c4cbe9b29 2 months ago 1.31GB

root@ip-172-31-36-154:~/docker-Java-kubernetes-project/productcatalogue# docker image tag productcatalogue srinu7358/productcatalogue-myapp

root@ip-172-31-36-154:~/docker-Java-kubernetes-project/productcatalogue# docker images REPOSITORY TAG IMAGE ID CREATED SIZE productcatalogue latest 6c0847459aa3 About a minute ago 291MB srinu7358/productcatalogue-myapp latest 6c0847459aa3 About a minute ago 291MB stockmanager latest 3de0cce0b9d4 5 minutes ago 317MB srinu7358/stockmanager-myapp latest 3de0cce0b9d4 5 minutes ago 317MB srinu7358/shopfront-myapp latest 3ccf19de3929 47 hours ago 320MB shopfront latest 3ccf19de3929 47 hours ago 320MB gcr.io/k8s-minikube/kicbase v0.0.46 e72c4cbe9b29 2 months ago 1.31GB

root@ip-172-31-36-154:~/docker-Java-kubernetes-project/productcatalogue# docker push srinu7358/productcatalogue-myapp Using default tag: latest The push refers to repository [docker.io/srinu7358/productcatalogue-myapp] c445b4f83c8c: Pushed 24772609f9a3: Pushed 1aaddf64804f: Mounted from srinu7358/stockmanager-myapp 990c5138f5d1: Mounted from srinu7358/stockmanager-myapp 5c384ea5f752: Mounted from srinu7358/stockmanager-myapp 293d5db30c9f: Mounted from srinu7358/stockmanager-myapp 03127cdb479b: Mounted from srinu7358/stockmanager-myapp 9c742cd6c7a5: Mounted from srinu7358/stockmanager-myapp latest: digest: sha256:5254cff2f0ce313265acee48dc8a8bd7a502ff0a6f08e3bb0dfa3ec7738676c8 size: 2001

edit the yaml file

root@ip-172-31-36-154:/docker-Java-kubernetes-project# ls README.md kubernetes productcatalogue shopfront stockmanager root@ip-172-31-36-154:/docker-Java-kubernetes-project# cd kubernetes/ root@ip-172-31-36-154:/docker-Java-kubernetes-project/kubernetes# ls productcatalogue-service.yaml shopfront-service.yaml stockmanager-service.yaml root@ip-172-31-36-154:/docker-Java-kubernetes-project/kubernetes# sudo vi shopfront-service.yaml

in yaml file please use your docker hub image------->srinu7358/shopfront-myapp

root@ip-172-31-36-154:/docker-Java-kubernetes-project/kubernetes# kubectl get pods No resources found in default namespace. root@ip-172-31-36-154:/docker-Java-kubernetes-project/kubernetes# kubectl get deploy No resources found in default namespace. root@ip-172-31-36-154:~/docker-Java-kubernetes-project/kubernetes# kubectl get service NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE kubernetes ClusterIP 10.96.0.1 443/TCP 47h

root@ip-172-31-36-154:~/docker-Java-kubernetes-project/kubernetes# kubectl apply -f shopfront-service.yaml service/shopfront created deployment.apps/shopfront created above command is used to created pods,deployments,servcies

root@ip-172-31-36-154:~/docker-Java-kubernetes-project/kubernetes# kubectl get po NAME READY STATUS RESTARTS AGE shopfront-69467555f6-nzsxw 1/1 Running 0 22s

root@ip-172-31-36-154:~/docker-Java-kubernetes-project/kubernetes# kubectl get deploy NAME READY UP-TO-DATE AVAILABLE AGE shopfront 1/1 1 1 7m2s

root@ip-172-31-36-154:~/docker-Java-kubernetes-project/kubernetes# kubectl get service NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE kubernetes ClusterIP 10.96.0.1 443/TCP 2d shopfront NodePort 10.109.12.218 8010:32451/TCP 7m14s

we need to do other 2 micro services as well

root@ip-172-31-36-154:/docker-Java-kubernetes-project/kubernetes# sudo vi productcatalogue-service.yaml root@ip-172-31-36-154:/docker-Java-kubernetes-project/kubernetes# kubectl apply -f productcatalogue-service.yaml service/productcatalogue created deployment.apps/productcatalogue created root@ip-172-31-36-154:/docker-Java-kubernetes-project/kubernetes# kubectl get po NAME READY STATUS RESTARTS AGE productcatalogue-968c9cbf8-dl5zx 0/1 ErrImagePull 0 15s shopfront-69467555f6-nzsxw 1/1 Running 0 9m4s stockmanager-6c4454c6cb-2hhfd 1/1 Running 3 (2s ago) 2m43s root@ip-172-31-36-154:/docker-Java-kubernetes-project/kubernetes# kubectl get deploy NAME READY UP-TO-DATE AVAILABLE AGE productcatalogue 0/1 1 0 42s shopfront 1/1 1 1 9m31s stockmanager 1/1 1 1 3m10s root@ip-172-31-36-154:/docker-Java-kubernetes-project/kubernetes# kubectl get svc NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE kubernetes ClusterIP 10.96.0.1 443/TCP 2d productcatalogue NodePort 10.105.165.177 8020:32215/TCP 56s shopfront NodePort 10.109.12.218 8010:32451/TCP 9m45s stockmanager NodePort 10.96.92.240 8030:31767/TCP 3m24s root@ip-172-31-36-154:/docker-Java-kubernetes-project/kubernetes# kubectl get deploy NAME READY UP-TO-DATE AVAILABLE AGE productcatalogue 0/1 1 0 71s shopfront 1/1 1 1 10m stockmanager 1/1 1 1 3m39s root@ip-172-31-36-154:~/docker-Java-kubernetes-project/kubernetes# kubectl get po NAME READY STATUS RESTARTS AGE productcatalogue-968c9cbf8-dl5zx 0/1 ImagePullBackOff 0 77s shopfront-69467555f6-nzsxw 1/1 Running 0 10m stockmanager-6c4454c6cb-2hhfd 1/1 Running 4 (14s ago) 3m45s

root@ip-172-31-36-154:/docker-Java-kubernetes-project/kubernetes# kubectl get po NAME READY STATUS RESTARTS AGE productcatalogue-968c9cbf8-dl5zx 0/1 ImagePullBackOff 0 2m8s shopfront-69467555f6-nzsxw 1/1 Running 0 10m stockmanager-6c4454c6cb-2hhfd 1/1 Running 5 (15s ago) 4m36s root@ip-172-31-36-154:/docker-Java-kubernetes-project/kubernetes# sudo vi productcatalogue-service.yaml root@ip-172-31-36-154:/docker-Java-kubernetes-project/kubernetes# kubectl apply -f productcatalogue-service.yaml service/productcatalogue unchanged deployment.apps/productcatalogue configured root@ip-172-31-36-154:/docker-Java-kubernetes-project/kubernetes# kubectl get po NAME READY STATUS RESTARTS AGE productcatalogue-86c9dd7b7b-bzj29 1/1 Running 0 16s shopfront-69467555f6-nzsxw 1/1 Running 0 14m stockmanager-6c4454c6cb-2hhfd 0/1 CrashLoopBackOff 6 (44s ago) 8m25s root@ip-172-31-36-154:/docker-Java-kubernetes-project/kubernetes# kubectl get po NAME READY STATUS RESTARTS AGE productcatalogue-86c9dd7b7b-bzj29 1/1 Running 0 28s shopfront-69467555f6-nzsxw 1/1 Running 0 14m stockmanager-6c4454c6cb-2hhfd 0/1 CrashLoopBackOff 6 (56s ago) 8m37s root@ip-172-31-36-154:/docker-Java-kubernetes-project/kubernetes# kubectl apply -f stockmanager-service.yaml service/stockmanager unchanged deployment.apps/stockmanager configured root@ip-172-31-36-154:~/docker-Java-kubernetes-project/kubernetes# kubectl get po NAME READY STATUS RESTARTS AGE productcatalogue-86c9dd7b7b-bzj29 1/1 Running 0 47s shopfront-69467555f6-nzsxw 1/1 Running 0 15m stockmanager-6c4454c6cb-2hhfd 0/1 CrashLoopBackOff 6 (75s ago) 8m56s

if any pod is CrashLoopBackOff , please delete or update new image

root@ip-172-31-36-154:/docker-Java-kubernetes-project/kubernetes# kubectl get po NAME READY STATUS RESTARTS AGE productcatalogue-86c9dd7b7b-bzj29 1/1 Running 0 47s shopfront-69467555f6-nzsxw 1/1 Running 0 15m stockmanager-6c4454c6cb-2hhfd 0/1 CrashLoopBackOff 6 (75s ago) 8m56s root@ip-172-31-36-154:/docker-Java-kubernetes-project/kubernetes# kubectl delete po stockmanager-6c4454c6cb-2hhfd

root@ip-172-31-36-154:~/docker-Java-kubernetes-project/kubernetes# kubectl get po NAME READY STATUS RESTARTS AGE productcatalogue-86c9dd7b7b-bzj29 1/1 Running 0 91s shopfront-69467555f6-nzsxw 1/1 Running 0 16m stockmanager-6c4454c6cb-8wkxv 1/1 Running 0 5s

root@ip-172-31-36-154:/docker-Java-kubernetes-project/kubernetes# kubectl get po NAME READY STATUS RESTARTS AGE productcatalogue-86c9dd7b7b-bzj29 1/1 Running 0 2m54s shopfront-69467555f6-wwfbv 1/1 Running 0 5s stockmanager-6c4454c6cb-8wkxv 1/1 Running 1 (28s ago) 88s root@ip-172-31-36-154:/docker-Java-kubernetes-project/kubernetes# kubectl get deploy NAME READY UP-TO-DATE AVAILABLE AGE productcatalogue 1/1 1 1 10m shopfront 1/1 1 1 19m stockmanager 1/1 1 1 12m root@ip-172-31-36-154:~/docker-Java-kubernetes-project/kubernetes# kubectl get svc NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE kubernetes ClusterIP 10.96.0.1 443/TCP 2d productcatalogue NodePort 10.105.165.177 8020:32215/TCP 10m shopfront NodePort 10.109.12.218 8010:32451/TCP 19m stockmanager NodePort 10.96.92.240 8030:31767/TCP 13m

kubectl describe svc shopfront

use above command to ge the details of service

YAML::

apiversion --v1 or v2 --standadard syntax kind ----deployment/service metadata ----we can define name of the service name: shopfront labels ---->laben are very important in kubernetes and match with pod and matcgh with service

spec type: clusterIP/NodePort

ClusterIP is the default service type in Kubernetes. It creates a virtual IP (VIP) inside the cluster that other internal components (pods/services) can access — but it's not accessible from outside the cluster.

apiVersion: v1 kind: Service metadata: name: backend-service spec: type: ClusterIP # This is the default, so it can be omitted selector: app: my-backend ports: - protocol: TCP port: 80 # Port exposed by the service targetPort: 8080 # Port the container is listening on

NodePort is a type of Kubernetes Service that exposes your app outside the cluster, by opening a specific port on each worker node's IP address.

apiVersion: v1 kind: Service metadata: name: my-nodeport-service spec: type: NodePort selector: app: my-app ports: - port: 80 # Service port (used internally by ClusterIP) targetPort: 8080 # Port on the pod nodePort: 30080 # Optional: if not set, Kubernetes picks one

OpenShift is an open-source container application platform built around Docker containers and Kubernetes. It's designed to help developers and IT organizations to develop, deploy, and manage applications in a highly automated environment. OpenShift offers a range of tools to make the development process more streamlined, such as CI/CD (Continuous Integration/Continuous Delivery) pipelines, a user-friendly web console, monitoring, and logging features. Here are some key features and components of OpenShift:

1. Kubernetes-based orchestration: OpenShift is built on top of Kubernetes, providing advanced container orchestration, scaling, and management.
2. Developer Tools: OpenShift offers tools that make it easier for developers to deploy applications, like a simple web-based interface, CLI (Command Line Interface), and built-in support for various programming languages.
3. Integrated CI/CD Pipelines: OpenShift integrates with Jenkins and other tools to automate the process of building, testing, and deploying applications.
4. Security: OpenShift has several security features, including integrated authentication, network policies, and role-based access control (RBAC).
5. Multi-cloud & Hybrid Cloud: It supports hybrid cloud environments, so applications can run across multiple infrastructures—on-premises, in the cloud, or a combination.
6. Automated Scaling: OpenShift can automatically scale applications up or down based on resource usage.
7. Registry and Image Management: It includes a built-in container registry to manage Docker images and store them for your applications

• Red Hat Openshift is developed on top of Opeensource OKD ( which in turn is developed on top of opensource Kubernetes )
• supports command line interface and webconsole(GUI)
• supports Role based access control (RBAC), hence multiple users can be created with different level of access to Openshift cluster
• supports many additional features on top of all the Kubernetes features
  1. User Management
  2. Pre-integrated monitoring tools ( Prometheus & Grafana Dashboards )
  3. Out of the box - Private Container Registry
  4. Routes - a new feature only available in Openshift which is developed on top of Kubernetes Ingress
  5. Using the Kubernetes operators, the Red Hat Openshift team has many additional features on top of Kubernetes
• Openshift version upto 3 - supported many different container runtime/engines including Docker
• Openshift version 4 and above - only supports Podman Container Engine and CRI-O Container Runtime
• Due to security vulnerabilities issues in Docker,

https://console.redhat.com/openshift/sandbox

we need to register free Red Hat account for OpenShift

Enter Redhat Login Name

Enter the Password

click create account

you will get the Email verification, please check the email

click the link which is you got

Red Hat Developer Sandbox

Select Openshift Launch

click DevSandBox

select Role is Developer

click all selected permissions

Get started

Openshift is ready and go to Developer -->Helm---->Helm charts---->search Jenkins ---Installed Jenkins Helm Charts

Login command line::

OC ----> Openshift Client

click Copy login command at top right corner

copy Login in with this Token

Getting oc command is not found

So we need to download the oc from google

1 download oc.exe https://developers.redhat.com/openshift/command-line-tools 2 navigate to environment variables -> system variables -> new 3 add here: /path/to/the/oc.exe

https://docs.redhat.com/en/documentation/openshift_container_platform/4.8/html/cli_tools/openshift-cli-oc#cli-installing-cli_cli-developer-commands

https://access.redhat.com/downloads/content/290/ver=4.18/rhel---9/4.18.7/x86_64/product-software

OC is a client tool used to create and manage Openshift resources in OpenShift it makes REST call to API Server

https://access.redhat.com/downloads/content/290/ver=4.18/rhel---9/4.18.8/x86_64/product-software

Download Windows client

Download the oc for window and extracted all the files

Open from command line

Switch project

oc project oc project srinu942-dev

OpenShift resources • Deployment (K8s resource) • ReplicaSet (K8s resource) • Pod (K8s resource) • Job (K8s resource) • DaemonSet (K8s resource) • StatefulSet (K8s resource) • Build ( OpenShift resource - Custom Resource added by OpenShift ) • ImageStream ( OpenShift resource - Custom Resource added by OpenShift ) • DeploymentConfig ( OpenShift resource - Custom Resource added by OpenShift )

Deployment command looks like this

oc create deployment nginx --image=bitnami/nginx:latest --replicas=3

This is a JSON/YAML definition which is stored in etcd database The deployment is managed by Deployment Controller when we applications, they are deployed as Deployment with Kubernetes/OpenShift Deployment Controller creates ReplicaSet, which is then managed by ReplicaSet Controller Deployment has one or more ReplicaSet(s)

This is a JSON/YAML definition which is stored in etcd database The ReplicaSet is managed by ReplicaSet Controller ReplicaSet capture details like How many Pod instances are desired? ReplicaSet Controller reads the ReplicaSet definition and learns the desired Pod instance count ReplicaSet Controller creates so many Pod definition as indicated in the ReplicaSet ReplicaSet Controller ensures the desired Pod count matches with the actual Pod count, whenever a Pod crashes, it is the responsibility of ReplicaSet Controller to ensure the desired and actual Pods are equal ReplicaSet has one or more Pods

is a collection of one or more Containers IP address is assigned on the Pod level not on the Container level If two containers are in the same Pod, there will be sharing IP Address of the Pod within container, application are deployment ( tomcat,mysql, nginx these are applications ) recommended best practice,only one application should be there in a Pod Pods are scheduled by Scheduler onto some Node every Pod has a Network Stack and Network Interface Card (NIC)

is a daemon service that interacts with the Container Runtime on the current node/server where kubelet is running kubelet downloads the required container image and creates the Pod containers kubelet frequently reports the status of Pod container status to the API server kubelet also monitors the health of POds running on the node and ensures they are healthy kubelet will there on every node ( master and worker nodes )

is a Pod that runs one instance per node (both master and worker nodes) provides load-balancing a group of similar Pods Sample Demo Project fro Openshift

is a client tool used to create and manage deployments and services in Kubernetes it also works in OpenShift it make REST call to API Server

is a client tool used to create and manage Openshift resources in OpenShift it makes REST call to API Server

https://github.com/wicksy/openshift-demo-app/tree/master https://github.com/wicksy/openshift-demo-app

Login command line::

OC ----> Openshift Client

click Copy login command at top right corner

copy Login in with this Token

Getting oc command is not found

So we need to download the oc from google

1 download oc.exe https://developers.redhat.com/openshift/command-line-tools 2 navigate to environment variables -> system variables -> new 3 add here: /path/to/the/oc.exe

https://docs.redhat.com/en/documentation/openshift_container_platform/4.8/html/cli_tools/openshift-cli-oc#cli-installing-cli_cli-developer-commands

https://access.redhat.com/downloads/content/290/ver=4.18/rhel---9/4.18.7/x86_64/product-software

OC is a client tool used to create and manage Openshift resources in OpenShift it makes REST call to API Server

https://access.redhat.com/downloads/content/290/ver=4.18/rhel---9/4.18.8/x86_64/product-software

Download Windows client

Download the oc for window and extracted all the files

Open from command line

Switch project

oc project oc project srinu942-dev

OpenShift resources • Deployment (K8s resource) • ReplicaSet (K8s resource) • Pod (K8s resource) • Job (K8s resource) • DaemonSet (K8s resource) • StatefulSet (K8s resource) • Build ( OpenShift resource - Custom Resource added by OpenShift ) • ImageStream ( OpenShift resource - Custom Resource added by OpenShift ) • DeploymentConfig ( OpenShift resource - Custom Resource added by OpenShift )

Deployment command looks like this

oc create deployment nginx --image=bitnami/nginx:latest --replicas=3

This is a JSON/YAML definition which is stored in etcd database The deployment is managed by Deployment Controller when we applications, they are deployed as Deployment with Kubernetes/OpenShift Deployment Controller creates ReplicaSet, which is then managed by ReplicaSet Controller Deployment has one or more ReplicaSet(s)

This is a JSON/YAML definition which is stored in etcd database The ReplicaSet is managed by ReplicaSet Controller ReplicaSet capture details like How many Pod instances are desired? ReplicaSet Controller reads the ReplicaSet definition and learns the desired Pod instance count ReplicaSet Controller creates so many Pod definition as indicated in the ReplicaSet ReplicaSet Controller ensures the desired Pod count matches with the actual Pod count, whenever a Pod crashes, it is the responsibility of ReplicaSet Controller to ensure the desired and actual Pods are equal ReplicaSet has one or more Pods

is a collection of one or more Containers IP address is assigned on the Pod level not on the Container level If two containers are in the same Pod, there will be sharing IP Address of the Pod within container, application are deployment ( tomcat,mysql, nginx these are applications ) recommended best practice,only one application should be there in a Pod Pods are scheduled by Scheduler onto some Node every Pod has a Network Stack and Network Interface Card (NIC)

is a daemon service that interacts with the Container Runtime on the current node/server where kubelet is running kubelet downloads the required container image and creates the Pod containers kubelet frequently reports the status of Pod container status to the API server kubelet also monitors the health of POds running on the node and ensures they are healthy kubelet will there on every node ( master and worker nodes )

is a Pod that runs one instance per node (both master and worker nodes) provides load-balancing a group of similar Pods Sample Demo Project fro Openshift

is a client tool used to create and manage deployments and services in Kubernetes it also works in OpenShift it make REST call to API Server

is a client tool used to create and manage Openshift resources in OpenShift it makes REST call to API Server

https://github.com/wicksy/openshift-demo-app/tree/master https://github.com/wicksy/openshift-demo-app

LAB::

Microsoft Windows [Version 10.0.19045.5737] (c) Microsoft Corporation. All rights reserved.

C:\Users\HP\Downloads\openshift-client-windows-4.18.8>oc login --token=sha256~_Ovx_YgPqkXz8SdXBZr9_zm4Yn-1wZfETn7DMKQsKZI --server=https://api.rm1.0a51.p1.openshiftapps.com:6443 Logged into "https://api.rm1.0a51.p1.openshiftapps.com:6443" as "ifocus942" using the token provided.

You have access to the following projects and can switch between them with 'oc project ':

• ifocus942-dev openshift-virtualization-os-images

Using project "ifocus942-dev".

C:\Users\HP\Downloads\openshift-client-windows-4.18.8>oc projects You have access to the following projects and can switch between them with ' project ':

• ifocus942-dev openshift-virtualization-os-images

Using project "ifocus942-dev" on server "https://api.rm1.0a51.p1.openshiftapps.com:6443".

C:\Users\HP\Downloads\openshift-client-windows-4.18.8>oc project ifocus942-dev Already on project "ifocus942-dev" on server "https://api.rm1.0a51.p1.openshiftapps.com:6443".

C:\Users\HP\Downloads\openshift-client-windows-4.18.8>oc get pods NAME READY STATUS RESTARTS AGE nodejs-ex-1-build 0/1 Completed 0 47m

C:\Users\HP\Downloads\openshift-client-windows-4.18.8>oc delete pods error: resource(s) were provided, but no name was specified

C:\Users\HP\Downloads\openshift-client-windows-4.18.8>oc delete pod nodejs-ex-1-build pod "nodejs-ex-1-build" deleted

C:\Users\HP\Downloads\openshift-client-windows-4.18.8>oc get pods No resources found in ifocus942-dev namespace.

C:\Users\HP\Downloads\openshift-client-windows-4.18.8>oc get deploy NAME READY UP-TO-DATE AVAILABLE AGE spring-hello-1-00001-deployment 0/0 0 0 2d23h spring-petclinic-git-00001-deployment 0/0 0 0 2d23h

C:\Users\HP\Downloads\openshift-client-windows-4.18.8>oc get service NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE example ClusterIP 172.30.227.55 80/TCP 2d23h jenkins ClusterIP 172.30.123.117 80/TCP 2d23h jenkins-jnlp ClusterIP 172.30.163.61 50000/TCP 2d23h modelmesh-serving ClusterIP None 8033/TCP,8008/TCP,8443/TCP,2112/TCP 3d nginx ClusterIP 172.30.117.157 8080/TCP,8443/TCP 4m50s nodejs-ex ClusterIP 172.30.197.26 8080/TCP 48m spring-hello-1 ExternalName kourier-internal.knative-serving-ingress.svc.cluster.local 80/TCP 2d23h spring-hello-1-00001 ClusterIP 172.30.231.196 80/TCP,443/TCP 2d23h spring-hello-1-00001-private ClusterIP 172.30.196.109 80/TCP,443/TCP,9090/TCP,9091/TCP,8022/TCP,8012/TCP 2d23h spring-petclinic-git ExternalName kourier-internal.knative-serving-ingress.svc.cluster.local 80/TCP 2d23h spring-petclinic-git-00001 ClusterIP 172.30.75.177 80/TCP,443/TCP 2d23h spring-petclinic-git-00001-private ClusterIP 172.30.96.228 80/TCP,443/TCP,9090/TCP,9091/TCP,8022/TCP,8012/TCP 2d23h

C:\Users\HP\Downloads\openshift-client-windows-4.18.8>oc create deployment nginx --image=bitnami/nginx:latest -p 80:80 --replicates=3 error: unknown shorthand flag: 'p' in -p See 'oc create deployment --help' for usage.

C:\Users\HP\Downloads\openshift-client-windows-4.18.8>oc create deployment nginx --image=bitnami/nginx:latest --replicates=3 error: unknown flag: --replicates See 'oc create deployment --help' for usage.

C:\Users\HP\Downloads\openshift-client-windows-4.18.8>oc create deployment nginx --image=bitnami/nginx:latest --replicas=3 deployment.apps/nginx created

C:\Users\HP\Downloads\openshift-client-windows-4.18.8>oc new-app https://github.com/sclorg/nodejs-ex.git --> Found image 6061449 (5 months old) in image stream "openshift/nodejs" under tag "20-ubi9" for "nodejs"

Node.js 20
----------
Node.js 20 available as container is a base platform for building and running various Node.js 20 applications and frameworks. Node.js is a platform built on Chrome's JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices.

Tags: builder, nodejs, nodejs20

* The source repository appears to match: nodejs
* A source build using source code from https://github.com/sclorg/nodejs-ex.git will be created
  * The resulting image will be pushed to image stream tag "nodejs-ex:latest"
  * Use 'oc start-build' to trigger a new build

--> Creating resources ... error: buildconfigs.build.openshift.io "nodejs-ex" already exists deployment.apps "nodejs-ex" created error: services "nodejs-ex" already exists --> Failed

C:\Users\HP\Downloads\openshift-client-windows-4.18.8>oc get pods NAME READY STATUS RESTARTS AGE nginx-85458687c9-5kzp7 1/1 Running 0 4m56s nginx-85458687c9-kvqk6 1/1 Running 0 4m56s nginx-85458687c9-z2c2j 1/1 Running 0 4m56s nodejs-ex-668bc6bbb6-r9sf6 1/1 Running 0 12s

C:\Users\HP\Downloads\openshift-client-windows-4.18.8>oc get services NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE example ClusterIP 172.30.227.55 80/TCP 2d23h jenkins ClusterIP 172.30.123.117 80/TCP 2d23h jenkins-jnlp ClusterIP 172.30.163.61 50000/TCP 2d23h modelmesh-serving ClusterIP None 8033/TCP,8008/TCP,8443/TCP,2112/TCP 3d nginx ClusterIP 172.30.117.157 8080/TCP,8443/TCP 14m nodejs-ex ClusterIP 172.30.197.26 8080/TCP 58m spring-hello-1 ExternalName kourier-internal.knative-serving-ingress.svc.cluster.local 80/TCP 2d23h spring-hello-1-00001 ClusterIP 172.30.231.196 80/TCP,443/TCP 2d23h spring-hello-1-00001-private ClusterIP 172.30.196.109 80/TCP,443/TCP,9090/TCP,9091/TCP,8022/TCP,8012/TCP 2d23h spring-petclinic-git ExternalName kourier-internal.knative-serving-ingress.svc.cluster.local 80/TCP 2d23h spring-petclinic-git-00001 ClusterIP 172.30.75.177 80/TCP,443/TCP 2d23h spring-petclinic-git-00001-private ClusterIP 172.30.96.228 80/TCP,443/TCP,9090/TCP,9091/TCP,8022/TCP,8012/TCP 2d23h

C:\Users\HP\Downloads\openshift-client-windows-4.18.8>oc expose svc/nodejs-ex Error from server (AlreadyExists): routes.route.openshift.io "nodejs-ex" already exists

C:\Users\HP\Downloads\openshift-client-windows-4.18.8>oc expose svc/nginx route.route.openshift.io/nginx exposed

C:\Users\HP\Downloads\openshift-client-windows-4.18.8>oc create deployment nginx --image=bitnami/nginx --replicas=2 deployment.apps/nginx created

C:\Users\HP\Downloads\openshift-client-windows-4.18.8>oc create deployment nginx --image=bitnami/nginx --replicas=1 error: failed to create deployment: deployments.apps "nginx" already exists

C:\Users\HP\Downloads\openshift-client-windows-4.18.8>oc create deployment nginx --image=bitnami/nginx --replicas=1 deployment.apps/nginx created

C:\Users\HP\Downloads\openshift-client-windows-4.18.8>oc get svc NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE example ClusterIP 172.30.227.55 80/TCP 3d jenkins ClusterIP 172.30.123.117 80/TCP 2d23h jenkins-jnlp ClusterIP 172.30.163.61 50000/TCP 2d23h modelmesh-serving ClusterIP None 8033/TCP,8008/TCP,8443/TCP,2112/TCP 3d nginx ClusterIP 172.30.117.157 8080/TCP,8443/TCP 18m nodejs-ex ClusterIP 172.30.197.26 8080/TCP 62m spring-hello-1 ExternalName kourier-internal.knative-serving-ingress.svc.cluster.local 80/TCP 2d23h spring-hello-1-00001 ClusterIP 172.30.231.196 80/TCP,443/TCP 2d23h spring-hello-1-00001-private ClusterIP 172.30.196.109 80/TCP,443/TCP,9090/TCP,9091/TCP,8022/TCP,8012/TCP 2d23h spring-petclinic-git ExternalName kourier-internal.knative-serving-ingress.svc.cluster.local 80/TCP 2d23h spring-petclinic-git-00001 ClusterIP 172.30.75.177 80/TCP,443/TCP 2d23h spring-petclinic-git-00001-private ClusterIP 172.30.96.228 80/TCP,443/TCP,9090/TCP,9091/TCP,8022/TCP,8012/TCP 2d23h