Complete Real-time DevOps CI/CD Project | Jenkins Shared Lib | DevSecOps | Advanced Pro | HandsOn

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

we will hit the build it is going through these various stages and so this is just a recap we will see how we can implement this complete project but before getting onto the project and implementation I am just showing you what is the result overall result we will achieve and this project is completely Jenkins said Library based and we will see a lot many more thing this is going to help you in the interview as well okay it once you will do this project you don't need to do anything apart from it if you are aware of the basics of uh devops tools right so let me hit the ready for the config it has started deploying our part onto the eks cluster which we have created using data form okay so we will see these all things okay so let's just let me just start the project all right hello everyone welcome back to my channel this is vikas here and today I'm back with a complete end-to-end devops CI CD pipeline this is going to be a end-to-end devops pipeline which is going to be very very useful for your interview perspective if you will do that you don't need to do anything other than that if you are prepared with the devops basics so let's get it started with the project I'm you can see this is going to be a complete big picture of the project which we are going to do today okay so in order to implement it you have to understand each and every concept like what are all the things which we are going to implement so so we are using here a visual studio code in order to implement these all things to write our configuration manifest Jenkins file whatever it is okay and once we will push our code to the GitHub okay so the most important thing I would like to tell you here we are going to implement this overall scenario using Jenkins shared Library concept what is shared Library mainly shared libraries is something which makes your Jenkins code reusable suppose for different different scenario like Suppose there is a centralized Jenkins server okay team a and Team B project a and Project B they are also working on Java code you are also working on Java code right so so many similarity in the Jenkins stages right like your Maven build integration testing unit testing correct pushing it to the ECR or Docker have deploying onto eks Docker images scanning okay so these all things are common okay so instead of instead of writing the code again and again why don't we Club this all function into a unit okay okay so see there will be a root directory okay it is having Source it is having Vats and it is having resources okay resources section is something where you will keep your static data like you will you will describe how you can how anybody can utilize your shared Library is the most important part here it is similar to variables okay like you will divide each and every stages of your Jenkins into a unit like for Maven build for integration testing for unit testing okay for that you will create each one uh like many n number of files based on your uh stages okay so this is something like suppose you are having a Java class inside that there are so many functions has been declared so whenever you will create the object of the Java class you will create by calling the object name dot function object name dot function in that way but folk we have to mainly focus on this variable folder right since we have our shared Library Thing on GitHub and our application code also on GitHub so what else now Jenkins will come in picture right once we will push our code to the GitHub it should do webhook so Jenkins is taking Jenkins is running Maven because we as I told we are using Java we are working on Java application so we will be compiling our application using maven now we will be performing unit testing integration testing and Maven build these other thing guys will be done using Jenkins shared library on once you push your code to the GitHub then Jenkins comment picture Jenkins will do get checkout okay it started doing unit testing on your Java application it started doing integration testing on their Java application now one more thing you will not build your code now now you have to do static code analysis using Sonar Cube after that you will do quality gate status check okay once your quality gate status will be passed okay then only your Jenkins job will go ahead and Stage will go ahead right otherwise if it is not up to the Mark if quality grade status is filling then it will Mark the Jenkins Builders field there itself okay if not then it will go ahead okay this is done now we will build our image by when right so here what we will do we will whenever we will build the maven code we will get some artifact right it will be either okay so in this code mainly it is going to be a DOT Zar file okay that data file I am going to copy from my Docker file into the Container right in order to run any Java application or any application you would be required at our file you're already aware of that once I will build the docker image okay so before pushing it to the ECR so what we have to do for the best practice we have to scan the image right so we will see how we can scan the particular Docker image which we have built before pushing it to the ECR repository okay so today I am using ECR not Docker Hub so once the scanning is done so here we will be using a scanning Docker image scanning tool that is trivia you can use stick also okay and you know for aw CCR you already have scan on a push on a scan feature okay whenever you will try to push the image to the easier if you will enable that feature whenever you are creating the ECR repository it will automatically scan so this is very very important as per your interview perspective okay once image scanning image scanning is done we will check the results of the image scanning thing so once we will push our application to push our Docker image to the ECR now our CI part is done now our build is completed now in the second stage second means deployment part we will write kubernetes manifest file where we will be using our image name like whatever image we have pushed to the easier the same image we will be using into our manifest file in order to create pods right and we will expose using Services here okay so let's get started with the project so I will be needing a server right as per the image you are aware right we will be needing a Jenkins server let's go ahead and let's just create a Jenkins server here so this is my existing Jenkins server Let me refresh it just go to launch instances Jenkins I will be using Ubuntu image Ubuntu 20. let as the latest image and here I will be choosing like because see I will be running sonar Q onto the Jenkins server itself so it should be capable of running the sonar Cube as well so I will suggest you better use T2 medium here property to medium just choose a keypad if you don't have using this so that so we can add one more what else we need Jenkins run on ET right so let's declare the port Ranger 8080 okay apart from that what I said I will be running sonar Cube as well onto the same server right so for that what we can do add one more Port wrench that is 9000 that is nine thousand for our sonar cube right and let's add sources everywhere let's choose 30 GB because we are making use of two things at the same time once this is done you just have to go to my repository just search for install you will get all the installation script here right no need to worry about anything so just go to Jenkins and just copy everything at a time okay if you're not sure why nowadays nowadays it doesn't work let's choose it copy and what we have to do we just have to go to okay apart from that what we have to do we need to install sonar Cube as well right so let's check if you have this on our cable script so I will be using I will be installing a docker and I will be using I will be creating sonar Cube as a Docker container here right because two configures on Arcade we have to do so many thing you have to configure the databases and all so quickly let's do this so for that we would be needing Docker right so just copy all the things of Docker here I have the command let's go back to the ec2 instance and here once this is done uh how we can how we can create so as I told I will be running a Docker container I so here let's search for uh sonar Cube so you will get this as well right just take the command okay we are just running the docker run command so that it will create our container also so once this is done just hit on launch let's wait for some time still it is initializing right so here we go 10 Kisses up so we'll just grab the password if we are able to access our instance okay here we go we are able to access our instance just sudo cat and then the location you will get the password copy this go back to the Jenkins and paste it right never install the distress plugin let's check either our Cube has been installation has been done or not Docker container LS so it is saying permission is denied right so to resolve this error what you have to do you have to do sudo CH mode triple seven and then just take the path once this is done now let's try to Docker container Docker container list iPhone it is currently in stopped State because because of that issue right so let's restart that Dockers container start then ID that is six double e spelling is not correct that is a typo okay now let's check okay now so not cube is also up so how we can access the sonar key using the same IP because this is also running on the running along with the Jenkins right foreign so it is admin admin okay old password is admin just set the password this is mandatory you have to do it okay once both servers are completely configured now what is the next step you have to do so let's just start creating our Jenkins file right this is a simple Java application where we are calling just the API just go to the Java then go to the rest then click on homeresource.java and here if you will see we have to how we can hit this API so we will we have to just along with the you know the end point we have to provide slash home slash data then only we would be able to see the output right so for that I would be needing a GitHub repository as well right so let's just go ahead and let's just create a GitHub repo for this so just when we will hit on click this is going to be a public repository right just to get add git commit okay then hit push origin ated it is going to pressure go to the GitHub all right now you will refresh you will get all the code right for this right before getting into shared Library let's just start with sample Jenkins image then we would convert those all stages one by one into shared libraries all right so let's just go with the flow first then only we would do a quick change right so this is our code let's just start by creating a Jenkins file okay and you have to mention the particular stage that is first is get you can check out stage after that there will be steps and side steps there will be stage there will be a script okay so how we will write if you don't know how to write a group scripting let's see how we can generate a syntax right so just try to create any job okay this is my job name I will be choosing this pipeline okay not issue we just need this pipeline syntax just click on that you will come here just check for get checkout here you have to provide the repo URL what is the branch in which your code is just provide the repo URL just go to your just click on this code and just take the https URL just go back to your Jenkins paste it here what is the branch for your code here you have you are having just one branch you can see your branch name is main right just provide this okay and here we don't have credential right because we are using public repo so we don't need any credential here right so if not then you can try providing uh suppose your repository is private right in that case what you can do now Jenkins uh has stopped taking a username and password uh only password of GitHub okay so for that you have to generate a personal access token right so that you will you will provide if your repository is private my case is different so once I got this URL let's take it just go back to the code okay and let's paste it here it will push now let's do one thing let's just configure our Java application Java application job just go to configure let's say discard old builds so that it will show maximum three jobs right once this is done let's choose your pipeline script from SCM right and you have to choose get you have to provide the GitHub repository URL again go to your GitHub take this you this is a public repo right here but here you have to select branches Main instead of Master and Jenkins file is into the current along with the current file right along with the com.xml current directory let's click on apply then save and let's build it okay because see you don't need to give it this git checkout again because while configuring only you are giving the repository URL right so you don't need to give that since we have done the git checkout our main motto is To variabilize The git checkout thanks right like the branch or the GitHub URL we are using that should be variable so that it can be reusable right so for that case we have to create Jenkins shared Library hope you are already aware of the said Library folder structure that I have shown you so it is quite simple this is the directory I have created into my local it will have different folders like resources source and the variable folder but as of now as I told I will be using just this verse folder this is more important to keep okay inside this wire folder we will have our different different groovy script groovy script for each and every stages as I told as of now we will have for our git checkout stage right so let's make it variables first before variabilizing it let's just do one thing let me show you how we can configure this okay once you have prepared this Jenkins shared Library you have to push it to the GitHub right this is the repository I have created this is a public wrapper you can also make use of it by just calling the function okay and here I have my wires folder and which is having git checkout groovy okay I will explain you this dot groovy thing don't worry about that but let me first quickly configure it you have to take the GitHub HTTP URL just go to Jenkins just go to dashboard manage inkins and here just go to configure system and search for Global Global pipeline libraries you will get something like this okay here you have to pass the name of the Jenkins share Library which can be anything okay because this is important in the sense because whenever you will try to import this Jenkins Library you have to provide this way okay here you have to provide in which branch your files are so for me the files are in main branch right so that is why I have given here let you just leave those all checked option you don't have to worry about that here there are many retrieval methods like modern or Legacy we will be going for modern here here you have to provide your project repository in our case what is the project repository so you will have this freshly okay I have already done some Hands-On over it that is why you can see this so just replace with your GitHub URL not this fine this since this is a public repository so we don't have to configure our GitHub username and personal access token right once it is done you just have to hit on apply save this is this was our first step all right now go let's go to our Jenkins uh okay so this is where our Jenkins file was right first step would be after configuration you have to variabilize this right so how we will variabilize this thing okay now we will variable this thing for that what you have to do you just have to go here and you have to write simple groovy script all right so I have written simple grovy script see the naming convention you are giving here that is going to be very very important so get check out right this is the name of the function we will call okay it is going to take variable in form of map this is the syntax I have generated using the Jenkins Center generator here you can see in the branches section I am fetching this is the map and this is the object from the map I am fetching the branch first and the GitHub URL I am fetching right so these two thing we need to pass right in form of map correct so now here what we have to do let's variabilize this so first of first of all how we will call it so to call it what we have to do here to call that what we have to do we have to call the particular function right you saw right what was the name of the function so the name of the function is going to be git checkout here right git checkout the same name you will call here like this get checkout and hope you remember we have passed two variable there like the GitHub repo and the URL get a branch on the URL right so let's pass it and the git checkout we have to pass the branch name same variable name we have declared there also so in my case it is Main and what else URL right what is going what is going to be the URL your GitHub URL GitHub URL for what your Java application so let me take it let me go here into double quotes let's pass it all right so now this is the function name this is the function name git checkout and branch and URL are the two variables so this is the function name and branch and URL are the two variables right and this is the map okay how we are calling whenever you will call this git checkout in the git checkout whenever you will pass like this variable right you will get two so once we have modified our code right once we will push it to the GitHub and let's trigger our Jenkins pipeline now so it got failed let's check what is the issue no such TSL method get checked out so what could be the reason because there is no such method added so whenever we have written this Jenkins file right we have not yet imported our library correct so we have to we need to import that Library first right then only you will be able to access so for that what you have to do what what name you given let me check it again let's go to configure system that is why I told you the naming is going to be important here so this is the name my shared Library this is what I will be using into my Jenkins file we need to import it so how we will import this Library you have to call this Library function library inside this bracket just provide the name and here you have to provide this symbol so this is how we import our library and once we will import this Library here Library we will get to know about this function right let's just go ahead and let's just try now it should work if now I will try to trigger the pipeline let's see if it is goes well all right so now it is able to understand the name of the method correct so now what is the next step so like this we will be mod we will be modifying our Jenkins file so let's make it more let's add more stages as well get checkout is done and try to implement it with me then only you would be able it would be able to help you otherwise you will just keep on watching unit test Maven unit test using mavendrite and here inside the steps now it will get changed right script inside the script we need to import the method right so now we have to again prepare a method right so this is the first time guys that is why we are writing and we are modifying our shared library right once that is done you just have to call it correct so this is how it's been developed so once git checkout is done let's create one more method that method name is going to be our mvn test or anything you can give but the extension should be matching here simply we have to write this call how simple it is guys def call then sh whatever cell script command you are giving into your pipeline now you will be giving here right Maven test correct make sure about the name of the function you are declaring now how you will call it how you will call it simply you will just call the mvn test that's it guys that's it right whenever any other person also from different project they want to utilize our shared Library they will just call this function simply now once you have done it let's read on the pipeline it may fail because in our system Maven is missing I have not yet installed so no such digital method we haven't test found among this okay why because we have written right we have written but not yet opposed to the GitHub so that is why it is unable to call it let's Commit This and push it okay and one more thing we will it will be using Maven so let's just install the one as well so you just have to go to my GitHub repo where you will get all the links to install I already told installation script let's check do we have anything for maven okay because we are executing onto the Jenkins server right so Jenkins server should be capable of running this whole thing so that is why we are installing this let's wait for a moment until this is done okay so Maven has been installed now we can trigger our Jenkins pipeline we are ready with the shared Library we are ready with the Jenkins Stitch and we are ready with the memory installation let's build this all right so let's check the logs it started compiling our Java application sort of it is for the first time so that is why it takes so much time to download all the libraries and dependencies for the next time you will do it is going to be smoother okay so it is succeed guys right so now in the same way you just start adding more stages right now once Maven testing is done what we will do we will do 11 integration testing correct so how you will do that mvn any name you can give dot groovy what is the command for this call in the same way we will create this method and here we will provide the command that is mbn verify and we have done the unit test case already once this is done our first task is to commit this get that get commit let's follow the best practices as well main done now we will go back here and we will try to create one more stage that is for my integration test integration test maven and here what was the name of the shared Library copy that just replace here once this is done let's just push it get out get commit mvn test stage added get push once this is done let's just build this so this time it should not take 23 seconds right all right so integration test Maven has been started now so for that in the same way we have done for git checkout you can add location of the test cases where you have kept it right for because I am having a simple code that is why I have kept it more simpler so that you can understand right so now once integration is done what is the next stage we will do we will let's do one thing let's make our Jenkins file uh more you know we will add some more parameter here so that it will look good parameters and here we will try to add choice so basically we are going to deploy our application right either create or destroy my application mainly it will create or destroy our parts right so let's name it what name I want to provide here action Let's Take Action okay to restart after that we will have choices in the choices we will have two things as I told either create or or you have to pass in this way then only you will get the drop down okay you will get these two options create and delete and here let's add some description description and what is the description we will add choose create or foreign okay and how we will make how we will you know this is one of the inter favorite interview question how you can make your stages conditional conditional in the sense based on this Choice user stress particular stage should get executed how we will do that you have to add when block okay we have condition when when and inside the oven this is this comes under calibrases okay you have to make use of expression and what is the expression so since this is a since this is a parameter right param dot what the name of the variable params.action if equal equals to what two option right create then only this particular block should get executed right but here you will get the complete real-time Hands-On okay no need to do any such courses this my YouTube channel is enough for these all things so in the same way for unit testimony when also when we will create then only Jenkins should go through these all stages right why for destroy we will again go we will do unit test integration test right so that is why I am choosing integration okay this is done this is done right we have added conditional now after that what we will do we will go for static code analysis okay so how we can configure it first we have to configure the static code analysis into Jenkins right we have to make the bridge between the Jenkins to sonar cube right then only Jenkins will send all the code to the sonar Cube so narcube will perform all the operations right it will show you the number of number of lines of code how many bug counts are there how many code coverage means how many lines of code has been reused not reused you have just duplicated the code right so let's just configure the sonar Cube just go to manage in case again whatever plugins you have installed and you want to configure you have to go to configured system right before that what you have to do you have to go to manage plugins and you have to install all the plugins for sonarq make sure you have done that why because I have already installed those things let's check okay what are the plugins I have installed this sonar get it plugin so not keep generic coverage sonar Cube scanner for Jenkins okay you have to along with these three you have to install quality gate so make the note of it and just install these five plugins right once you will install what you will get you will get its uh you know functionality where like configuration into manage Jenkins configure system and when you will come down here let's check for sonar sonar keep servant so this is already been done so for me let me do one thing let me clear it off and do it for you okay so you will get something like this first you have to do you have to make sure you are you have checked this option you have to add sonar Cube name something like sonar API what is the server URL just go to sonar Cube this is for one of the my previous project so don't worry about that let's take the URL of the sonar Cube on which your sonar cube is up and running okay and see attention here many people do what they just keep this last one okay because it is already shown here you don't need to keep anything any slash here right so make sure otherwise you will get error okay so just keep in mind you don't have to provide this last slash okay because I in the beginning phase I have struggle with a simple thing I have spent two three days with this for the simple thing right once this is done you have to provide service server authentication token so this way this is not going to work here guys just apply save and then come back again managementkins configure systems let's go for sonar okay now see it will work right and now you would be needing a token correct you would be needing a token in order to authenticate correct so how we will how we will get that just select as text okay here I will give sonar API itself okay this is wrong place it is also sonar API this is already in use right so I think it is present into my credential that is why so let me remove that for you or let's do one thing let's uh so not API is here right so let me create one more choose secret text let's create the token first go to the sonar Cube dashboard go to Administration and go to this security go to users and here you can see already a token is here right Jenkins token I have already added let me revoke this and create one more for you you just have to provide the name here generate it get the token and copy it somewhere okay once this is done just hit on done and just come back to Jenkins and here it's in the secret paste it sonar Cube API let's take the same name as a description here edit never choose it make sure you are choosing as well by default it doesn't take it just save it once this is done what is the next step just let's try to generate some Syntax for this click on Pipeline syntax search here quality gate status sorry static code analysis so okay okay for that you don't need right directly do one thing let's just go to your genuine shared Library first and here you have to write a groovy first we want to do what static code analysis right static code static code analysis dot groovy again you just use Define the method and here you have to provide the command of that right so that is simple we are using in many of the project and we can clean package then sonar plugin of Maven to sonar Cube done done guys static code okay let me rename it static code analysis let me take the name as well done and the same we have to call it here as well right so before that let's push this changes push once this is done we have to create a stitch because after once your quality gate status check will be passed then only you have to then only you have to do compile the code right you will get the build okay ideally it should be after static code analysis and your quality get status check so let's create one more stage here static code static analysis sonar Cube and here we have to call the function correct let's check the name of the function correct let's paste it and let's run the static code analysis git commit right let's just push it once this is done we will build our job so it has it's been filled why because when something wrong with this one oh okay we are using curly brushes only inspected a stitch at line 14 okay what is at line 14. okay okay so this is what we done the mistake it should come into Stage right I have kept it outside of a stitch so along with the coding we are doing little troubleshooting as well right have fun get push now let's try to rebuild build the job again it failed at check no such property which property all right I think we haven't passed the value rate either create or destroy that is why it happened let's just build now so for the first time in order to reflect your parameters you have to make the changes no such parameters for param okay parameters and then choice name actions here it will be choices itself and description okay okay sorry it is not param it is params okay it should be params dot action hopefully this time it should work once this is done let's build with parameter just select this and let's wait for the code compilation so unit test started now so our static code analysis has been started here it failed not authorized okay not authorized analyzing this project requires Authentication so why it happened in order to authenticate right in order to authenticate we need to add the with credential section correct so I think that we have have missed it let's go to our static code analysis it is not like using Jenkins groovy we are doing that right so it should authenticate with the sonarq first then only it would be able to run this right so let's go to here you will get something with sonar Cube environment this is the one and here you choose our authentication token generate this ticket now go back to our Jenkins Library right and here let's close it inside this and one more thing one more thing command is going to be same no doubt right but the credential you are passing here that should be different for different different environments or different different projects correct so for that what we have to do we have to pass some variable right let's pass some variable credential ID all right I am choosing credential ID and this credential ID I have to use it okay it is already there same name credential ID and we here we have to pass our credential ID that is same all right so using this it will authenticate okay this is what we have generated through the uh Jenkins uh Jenkins Centric generator and this is the value we will receive from our front end front end wins your Jenkins file okay let's try to push it first just keep this thing variable thing in mind we need to modify the Jenkins right Jenkins file let's take the variable and here we have to pass the that credential correct let's make it something more meaningful so not keep credential ID but how we will fetch this on our Cube credential ID from Jenkins so for that what we have to do we have to write this function define this variable equals to whatever the name of the credential what was the name of the credential this is API right so from the Jenkins file itself you can pass it that is why I have variabilized it great so in this way it will try to fetch this this is the name correct and because the syntax is going to be same right syntax is going to be same as we have generated so from the Jenkins file it will receive this name and it will execute this block this is what happening here correct hope you are following me once you have modified this let's try to hit this Jenkins pipeline let's see if it goes well I am choosing the action and let's go for it static code analysis should get started now scroll down I think now it got started and then sonar plugin so it's succeed right so to check it either you can directly click on this okay this is what it has generated now or if you will click on this project it will show you last analysis is done 41 second ago this is the lines of code how much percentage of code application what is the code coverage code smell hotspot vulnerability is on the bug count right now after this we have to do static quality gate status check correct so let's go for it now so let's let's first start with our shared Library so let's create one more shared Library here groovy scripture static code sorry it will be quality gate status Dot do we right let's check the syntax first here here we have to check for wait for Quality get this plugin and here you have to choose the authentication token just hit on generate and this is what we will use so here also you can see it is taking the authentication token right so we have to variabilize this as well copy go back here the method is going to be same let's copy this right and here you have to pass the credential ID that's it great now let's add it commit it and push it let us take the name of the variable copy now let's go back to the Jenkins file our Jenkins file and here let's create one more stage okay static code analysis instead of that it will be quality gate status check right and here we will fetch in the same way credential and the function name is going to be different right quality gate status and this is the variable we will pass it but week sonar Cube and Jenkins work on two-way handshake right but what we have done as of now we have just configured like we have we have configured our Jenkins to authenticate with sonar Cube but while doing quality get status so not Cube also reply back to the Jenkins so for that we have to configure a webho okay once the result is out sonar Cube will trigger Synergy will say to gen can say your quality gate status is okay right so for that you have to go to sonar Cube Administration configure web hooks here I already have let me delete it for you here just name it something Jenkins here you have to provide the URL so here you have to provide the URL of your Jenkins first okay after that if after Jenkins URL make sure you are giving this sonar Cube hyphen we book and don't forget to give this last slash here it is required okay just click on create that's it that's it so did we post our code let me check no let's push it so now when we will try to start our build we could see something static code analysis right after that if static code analysis will be passed then only we will do the maven build right let's wait for a moment until the session so hope this is helping you a lot in this way for different different project they can simply call these all Library how simplified it is right it is started our static code analysis let's check the logs once quality check static code analysis system we will see how sonar cube is returning replying back to the Jenkins about regarding the quality gate status so this is in pending state right and sonar Cube told Jenkins hey quality gate is okay quality gate is okay now you can build it build your code right this is the way it will look like guys right now let's go back and now it has given us a green flag we will start writing our one more groovy that is for Maven build I haven't built Dot improvi and here simply Define call research and win install all right let's push it ambient build now let's call that function into our Jenkins file right so here we can make use of this Maven build and what is the name of the function mvn Maven build right once this is done let's add it push it so this is this all function are getting called due to this Library only right this is how we import the shared Library you can add you can you know you can import multiple libraries if you have okay you can add multiple libraries let's trigger the build then once we will get the artifact we will start writing our Docker build okay Docker build and you know right what is multi-stage Docker file in many of the project we have done before what we have done we were building the generating the artifact dot data file okay and that we were copying to the next stage into the docker file right in multi-stage record file but here what we will do we are already generating right we are already generating the data file and that we will copy you in a single job okay in a single job I will show you how to write the docker file okay so whenever you will click on that particular build number if you will go to the workspaces you will get this link it will show you right it will show you this target folder and the target folder will have after Maven build okay after Maven build you will get something like dot Zar file here okay let let it build so we have ran Maven clean install it will clean all the previous libraries and package which has been used before and we'll try to repackage the jar file where the new libraries and dependencies right so once Maven build will be done you will see some jar file okay as I told you it will package our application it is taking time because we have done the clean right then install okay so build is about to succeed right okay so once it is succeed it has generated some jar file correct let's go back click on this build go to your workspaces click on this go to Target and here you go this is the win rate this is what we will copy to our Docker container right we will be needing Java right Java in order to run this dot jar file so let's start by writing a Docker file first correct so let's go to our Jenkins what is the code this is the code right and here let's try to write a Docker file you can name it anything okay you can name it anything but for the best practices we provide this name from and the base image you have to provide I will be taking open jdk it and jdk Alpine image I will be taking all right and then okay once this is done what we have to do we have to copy we have to copy what our trial file is present into the Target folder right target folder so you have to mention this in the current directory Target folder whatever is starting with DOT is R take it and compute to suppose let's declare a work directory in the container means like see for our for our current location like for our local local machine this is the current directory right Java application Java application in the same way whenever you will open this it will always open this location Java application in the same way I want to create a location like this slash app okay and there you can you have to provide the third file name that file name sorry app Dot sir it will copy there and once it is copied we have to make it executable right there's there is something required in order to run the make the container up and running right so how we execute our Java is our Java hyphen jar and the name of the other side what is the name of the cell this is app dot is that correct all right so this is our Docker file now what we have to do we have to modify our Jenkins file correct so we need to add one more stage here correct for Docker build and stay tuned guys because we are going to see how we can scan the image before pushing it to the docker app or easier so let's do one thing I will be showing you both of the thing how we can push it to the docker Hub as well and how we can use ECR also okay how we can push our image to the easier so let's add one more stage here Ctrl C Ctrl V lockerbilt because see why we do scanning in order to check the vulnerabilities and all right so whatever image you are building using the docker file that should be scanned first then only you you want to store it into your sum of the repository right for Security based practices so docker image build stage correct when expression is create only and here we have to change the name of the function correct so for Docker build we have to create a generation Library file right means groovy so for it will be I will be creating a Docker build dot groovy enter here for so before say first I am going to push this image to the docker Hub then I am going to push the image to the ECR I will show you both of the ways okay at the same time not at the same time once we will do for Docker we will go for easier okay Define call again Define a function and here we will create all the stages like we can write multi stages also multi-line comment not multi stages and here let's start writing our Docker build command what is the docker command Docker build docket image because this is a newer version of the docker right either you can write simply Docker build also that is also going to work and once this is done it should tag it should tag it with some name okay so what name I want to give it it should be tagged with the docker Hub account right of ours what is the name of the docker of account you have Docker hub so make sure you are having a Docker Hub account as a pretty quick site so this is the name of my Docker Hub right decorative account so the same name but for different different people the account name may vary right so this is not a good practice so we need to variabilize this as well so let's do one thing let's pass two values here okay first value will be as a string format project name and second would be string Docker Hub user let's take Hub user itself okay and here I will be tagging my image while building so how I will tag so let's take first we have to while building only we have to tag right you know right why we need to tag the docker image so that it will go and reside into the particular Docker Hub account right so this is just a redirection this dot what is the name of the image right and then Dot correct this is done it will build our image then once it will build our image I want to maintain one version like version 1.0 version 2.0 and apart from that I want to store latest version of that image as well so let's do that let's tag Docker image tag which image you want to tag grab it tag this image to tag this image to this name along with that we should declare one tag also string which image tag you want to pass okay and that tag we will be using here so this is not correct this is the name decorative account project name and the image image tag that's fun to give right after that again I as I said I want to maintain a version of that also right latest version of this image so now instead of image tag I will take let test here all right so make sure we are passing here three variable right so that we need to pass from the look it up sorry our Jenkins right let's go to our Jenkins now on Dr belter dot groovy let's call it docker Docker build and we need to pass three variables here right so how we will pass so let's do one thing let's make three more variables here okay three more parameter I mean okay so it will be a type of string instead of choice I don't want any drop downs okay name let's take image name what image name you want to provide description name of the anything Docker build and I want to pass some default value okay what is the default value will be name it something like Java app only okay and this way I would be needing three all right we have to find three variables hope you remember here we have to define the image type of the tag of the docker build and here we have to define something let's take apple name okay name of the let's say let's say name of the application why we are declaring three variable because we need three variables right we are making it we want to take it as a user input if you are having any doubt just just ping me in the comment section springboard all right we have image name we have image tag we have app name all right so here we need to pass we have to pass those three values okay how we will pass we have to take it directly from the parameters correct so let's take it directly from the parameter section how we will take into this double quotes curly branches dollar curly braces params parents Dot in the same way we would be needing three times right let's take one by one image name image tag and happening image name image tag I am doing it carefully because I don't want to rerun this pipeline again if it fails make sure you are doing this okay image Docker Docker build is started now right so let's see if we have okay let's push this first git add git commit get push done let's do this also get add get commit get push all right so now we don't have any latest image this is uh one day ago it has been pushed okay all right let's just rerun our pipeline now create so because see it it rarely it will not get reflected let's just click on build cancel I think it takes some time to reflect okay now try something wrong let's check default well it is default value right what is the issue default value it should be caps right let's save this file and let's try to push it get push did you mean default value right okay so let's wait this is not going to stop why because I have already you know passed the default value okay so that is why you won't see any drop down but if you will try to build with parameter now for the next time it will show you you can change your image name image tag your application name okay so after just after this Stitch we will do the scanning part right we will do the scanning using trivia trivia is a tool for checking the docker image vulnerabilities okay it will give you a complete scan result where you can check how many high medium and uh how how many high medium vulnerabilities are there all right let's see if our Docker build will be succeed okay this stage started now so it started building it has some error okay so this is the wrong right it is Target not Target let's modify this Dr JT now let's try to push it again sorry get out get commit and get push so let's do one thing in order to save our time what we can do we can we can comment down some of the stages okay let's let's keep the build quality gate status unit test and all I'm going to right so that we can save our time hit commit hit push build it 11 Bill started all right so it's been succeeded you can see okay and Docker image tag hasn't prepared if you want to check you can go to the ec2 if you have the access in real time environment you will not have access to the terminal some other time will be managing this record images so we can see spring boot Java with latest stack and sorry not that one let me check what is the what is the tag we have given springboot hyphen Java Java this is not correct right what I told we have to tag it with the docker Hub account name okay not with this so we need to uh okay spring boot is the application name so let's do one thing let's make it to okay why because image name image tag and app name right and let's if you will go here Hub usage first thing whatever we are passing it is getting assigned here not the third thing as a hub user it here application name is the third thing instead of that let's do one thing docker hub user all right and let's keep our by default user not by default it is the docker have username correct and the same let's assign here now this is looking perfect because for pushing the image you should tag it properly then only it will go and decide to a correct account right here let's happening it will take time to reflect as I told you like now even say we'll do you can see this is getting reflected correct obviously it is now taking correctly right the our Docker of account name the Java app and then the version correct now if you will check here Docker images you will see now it is tagged properly right now let's go ahead and let's just scan our image using trivia how we can do that first thing first step you have to install trivia just go to my GitHub account again go to installation script and here you will search for trivia this is our trivia let's take all the command go to your acetone instance okay trivia.sh here let's execute our cell script so that it will be installed so it's been installed okay so you will get something like this now let's just prepare shared library for the image scanning as well okay now we are here now we have to do Docker image scan right so let's create a file for this Docker image scan to academic scan dot groovy here just call the function it is going to be same because we need those same value only I will show you a Docker image build copy these things go to Docker image scan paste it and these three variables are required why because when you have to provide the name of the image into the tree we command so you have to provide like 3v image and what is the name of the image you want to scan okay so I want to scan the latest image okay and whatever file you are generating name it as scan Dot txt okay once you have generated once you have generated the file just do a cat so that I can see the output right into the Jenkins dashboard all right okay now once this is done let's push first otherwise we will forget again push it all right let's Docker image scan correct now let's come here and let's try to create one more Stitch Docker image scan using trivia these are the values required no cash and change the name of the method correct and these are the three variable which is required now let's push this as well all right once this is pushed let's go to our Jenkins correct so we will see all the scan result onto the Jenkins dashboard itself so that we need to you know we need to patch the docket image so that we can remove the worldnet abilities so that you can do by modifying into your Docker file itself that I am not going to show you or we will cover into if you want to check that you can comment down I will show you in some of the other project so scanning is started it failed okay okay Docker image trivia I think I have given twice okay so this is the one of the best practices okay after writing a Docker file nobody is YouTube is going to show you the real-time things okay just finish this series dedicatedly and it is going to help you to crack any of the interview if you want to see more project like how we can send the email how we can keep send the email how we can store into the Nexus how we can use dot tree how we can use Helm chart just go to my YouTube channel this is a complete package where at the same place you will get everything every devops tool so all right stuck at image build will not take much time I want to show you mainly the tree image scanning part so it started you can see you will get something like this started scanning the vulnerabilities okay you will get some this type of list so that you can share with your devsecops teams or security team who is working on these all things they will they have to make it available for you or if you are handling you have to patch it see what is the reason also this is given you can go to this link so that you can scan you can do the unit remediation for this this is the critical high medium all type of vulnerabilities that shows and total number is 274 for this particular image okay so you can write a cell script particular cell script right if the high high is greater than 10 or if it is greater than uh 5 also or critical So based on that you can you can make a decision right either you should be able to push the image or not okay so that I will show you into my cell scripting video I am planning to uh soon you know launch that okay so this scanning part is done now what is our next thing we have to push the image to the docker Hub and we have to do the docker cleanup as well because once you have pushed to the docker Hub you don't need to you know keep it keep the images into the local because it will make it will unnecessarily take consume your space right okay now we are here so for Docker image scanning right now as I told I will be doing for Docker and the same project only I will show you for ECR also no need to worry about that so Docker build is done let's go for Docker push you would be needing this function again docker image push Dot groovy okay so while pushing you have to authenticate right and the Jenkins you should have some store you should have stored some credential for this okay so go to pipeline syntax generator again now let me show you the credential how I have stored okay just go to dashboard manage and games managed credentials this is my docker okay if you will click on that so like this the idea I have kept it as a Docker and this is the password of my Docker Hub account okay once this is done you have to go to your dashboard you have to go to your job you have to go to your pipeline syntax and then you have to search for with credential option with credentials here here you have to choose your particular Docker one okay secret text right credential is bind credential so it is not showing with credentials okay let me do one thing okay this is the docker image push and here what I will do I have to use with credential okay so let's do one thing let's go to our pipeline syntax generator add credential it is going to be a secret text is give your Docker a password ID is going to be docker so in this way you have to create that secret okay sure why it is not getting here so this is the command of Docker image push so how basically we will generate this so this is quite simple again you have to go to the with credential option okay go to your pipeline syntax here search for with credential with cret with credential and here you have to choose from the bindings this username and password separated and here into the username pass something like use it and password is pass and here I am choosing the credential of the docker app once I will click on this we will get something like this that is going to be exact same okay so we can format it I can form it is written this way correct it this is exact same right so once this is authentication is done with our Docker Hub okay once it will log into the docker it will push our image one image with the tag like version one and another image with the latest tag okay after image scanning this part need to be done so once we have written this let's add it committed push so we need to modify our Jenkins file also so this was all about the docker Hub part I will show you for the HDR as well how we can modify The Groovy script for easier okay so Docker image push for Docker hub all right and these are the three mandatory values will be there itself Docker image change the name of the method here docket image push let's push it to the GitHub okay if all good let's just start end to end this is called the build guys till the time you have so static code analysis is done so now the image has been pushed to the docker Hub let's check was it a day ago so this is our today's Java app right so we will get into it we will see the version which has been pushed today along with the latest version right so now we will do the same thing for ECR okay so build part is done Docker build is done now we will do the same thing for ECR correct so let me create one more Docker file here sorry Jenkins Jenkins file is here what are the things which is going to be common I will create separate file okay I will be creating a separate file for this until Maven build let's take this let's go to Jenkins here paste it close it okay and once this is done what are all the changes we have to do we just have to go to Shared Library first okay till Maven build till Maven build it is going to be same correct it is going to be same but what we have to do we have to make changes for ECR so for that first thing you have to do you have to create a ECR repository elastic container registry first sorry is plastic container registry go to Services click on last container registry and you can see this is the one I will be creating so you can create it by just clicking on this you will just give any name okay you can make the tag imitable if big means if after doing any changes with the same image with the same tag if you will try to push it will not get pushed so make sure based on your requirement you will be choosing as I told you scan on push mechanism is there already on easier great no need to do again image scanning correct you can make use of this by default feature if you will go for easier okay if not then you can do that use you can use make use of trivia or your systick agent system so like this you can create a repository right what is the name of repository this is the name of my Repository so now we will go for Docker file shared Library okay so what is the first change we have to do after Maven build we have Docker build right Docker image build so for that Docker build we have to make the changes accordingly if you don't know how to push an image to the dog easier what you have to do just click on this last is your repo and once you are here just click on view push commands you will get all the details but in our case many people will be using the same shared Library General share Library guys so what what are all the thing we have to make variabilized this reason that may differ for different different people this account ID right and this reason again correct apart from this this repository name that may differ for different different project or person correct means based on the repository name so this is all thing we have to you know make it a variables let's check our Jenkins file status so we missed adding one more stage also let me quickly add it we will do Docker image cleanup also okay once this is done we should not keep into image once you have pushed you should not keep it into the local so you have to do Docker cleanup as well then we will go for ECR part okay these are the three thing would be required docket image Docker image cleanup let's create one more groovy okay and here you would be needing the same details and here you have to pass the value like docker RMI and the image this is the first image and then Docker RMI and this is the second image right so now you should push it let's go to make changes into the Jenkins cell Docker image cleanup is already there all right let's get commit get push okay and let's do one thing this time when we will run we will change the values we want to store the version 2 here okay an image name you can change it spring boot version 2. in the back end let's do one thing let's come back to our task we want to push the images to the easier now right so for that we have to make the changes so going to Docker build going to Docker build what are all the changes we have to do let's check the command of the docker build first onto the ECR so this is the command for Docker build right this is the command for the Docker build so now going to Docker build I will just comment this comment it down Ctrl C all right so in order to build the image what are the things we would be needing right we would be needing this Docker build command let's write multi-stage multi-string cell script commentary and after that we need to tag the image as well let's take it let's take the tagging part paste it in here what are all the things we would be needing we need the Hub user right we would be needing the Hub user apart from that what do we need we need the okay once you have the Hub user what you can do you can just pass the value correct if anywhere else it is let's replace this here also now what account ID right AWS account ID and what else reason correct let's take the AWS account ID and let's start replacing this I think this is only and reason also now it is completely variabilized correct nothing else is left here right it will do what it will it will take three values account ID reason and the Hub user Docker abuser user means your repository name don't get confused with this let me change it for you string ECR repo name all right take the same name correct count ready reason and repo name these three things we would be needing so let's push this okay now we will go to our Jenkins file Jenkins file for ECR right and here we would be we will start adding the new Stitch Ctrl C let's take it from there itself we will modify Docker image build Docker image build but for ECR this is a common process right this is a common process for both okay it is it will also build the image based on the docker file so that there is nothing separate but just for ECR we are we have to make the changes okay what are the three things we would be needing AWS account ID right so we need three parameter now right so AWS account ID name of sorry AWS account ID you have to provide the AWS account ID apart from that reason in which reason your AWS account is and your repo ECR repo name correct name of the ECR this is same I have kept it same this is the name of the reason correct reason of the ECR this is U.S your system and AWS account ID you can take from here let's take it correct so all things are done now we have to call these three values right params. AWS account ID parents Dot reason and ECR repo name that's it guys so it will build our Docker image now what else we have to scan the image right for that also we have to make the changes right so going to Docker image scan you have to comment it down we can make use of the same function because we would be needing these three values Docker image scan got it and I couldn't scan here what is the command for the academic scan docket image trivia image and the name of the image what is the name of the image this is the name of the image right it will start scanning this image and generate a scan Dot txt file and let's try to read it scan Dot txt scan the ECR scan the docker image which is containing the ECR thing no no standard image right with this tag and we are just doing cat so that we can read the file into the Jenkins right apart from that what else guys if Docker image push it so that also we have to make change here so how we will do that for that again we would be needing the same function let's take it copy and let's go back to Docker image push correct and here we have to first before pushing in earlier stage what we were doing we were just authenticating with the docker but to authenticate with the ECR you have to use the command like when you will come to the repo click on view on push command you will get something like this just copy this retrieve and it retrieves an authentication token okay that will help you to authenticate just go back just paste it here and here we have to variabilize it right let's do it for a reason account ID again reason that's it right and once this is done we have to use Docker push which image this image so all the commands you have already got from the ECR there is nothing much we have done correct so now we can add commit and push then we will modify our Jenkins file accordingly this is done now coming to the Jenkins file let's take all these stages okay Docker image scan TV that is fine that is a common stage here Docker image push for easier and Docker image cleaner for ACR okay we have to do cleanup also right apart from that we have to see shared these variable right not these three these inside variables okay for ECR scanning paste it paste it info Docker image cleanup also we will modify these three correct and let's go to the shared Library again this is the share Library where is our Docker image cleanup this is the docker image cleanup we have to do the cleanup for ecrd measure it acid image now so Docker build simply docker RMI and this is the name of the image perfect nothing much right once we have done we are ready to go let's check the Jenkins status so Docker image cleanup it failed maybe we have done the changes right so that is why it was unable to find it okay no worries let's do one thing let's push this new Jenkins file and Jenkins file hyphen Asia right let's create a new pipeline ECR with click on OK and let's provide the so see this is the way this is the way I was talking about suppose for some other code you are going to utilize the same shared libraries right how you will utilize this I have created simply a new pipeline right I haven't done much I have just created a new pipeline all the stages will be same now correct pipeline script from SCM SCM get repository URL and now I will use different Jenkins file Main and Jenkins file hyphen ECR okay apply and Save let's build it for the first time it should fail but I think I have passed the default values so Docker image build started for ECR okay Trivium is scanning started okay it failed why because no such deal method okay no such DSL method Docker image clean up for which stage push to easier build is done Docker image scan pushing part have some issue let me check Docker image push okay okay this need to be fixed reason correct apart from that documents can is find right push and clean up let's let's read in the pipeline again for easier yeah Docker push records exactly one argument but we are passing multiple okay let me quickly change it Docker image push so it is succeed right now we can see a clean pipeline we have right let's go to ECR to check this is our repo and this is having one image with this tag right apart from that all right so this was all about the build right okay and we have seen the same four with our Docker Hub as well Java application now what we will do we will try to execute end to end pipeline right now once we have got the image we will do our CT part deployment pad right let's go ahead and let's just start writing by kubernetes manifest file and using data form we will create our we will create our request cluster with one node group okay so once the CI part is done we are getting started with the cd part where mainly we will be creating like how we can create eks cluster with multiple node group using data form okay and that module is going to be very very Advanced that's what we do into real time uh you know real-time industry so for that you know I have added this eks module so if you don't know how to write this data from module just go and watch my data from playlist there is a complete industry level project already given into my uh YouTube playlist so that you can refer there it is going to help you a lot after this your terraform uh like your overall terraform will be done if you will just watch my complete data from Project okay so let us get into the project so here I have added the cks module inside that you can see there is config folder and there is modules folder and after that I have main.tf provided.ta variable.tfn version dot TF okay so in the config I will be keeping different environmentary file variable files like just now it is it is like dataform.tfr file but for development environment you can create a separate TF War file like dev.tf Word file here and while executing you have to mention the particular TF Ward file right like you can see here this is my eks clustered configuration and this is my e case node configuration and this is these are the default subnet where I am launching my e case cluster and these are the node subnet I have declared okay and this is going to be the name of the cluster and this is going to be the name of sorry this is going to be the name of node group okay okay sorry this cluster this is the node group configuration right so this node group should be launched into this demo cluster that is why I have mentioned it as a key okay so don't get confused I'm just giving you overview for more just watch my data from playlist you will understand in this modules for data from reusability hope you are aware of terraform is popular for code reusability right so here I have this awsc case node group configuration here I am calling this particular resource and mentioning all the required thing attaching all the roles and the policies which is required in order to run it frequently and this is the node group where I am going to create so because this is just a single piece of code like what you do in monolithic code right you just place your resources into one file and run understand in that way only okay and the same we have for eks node group so module part is done now this module we are calling into this main.tf so you can see here I'm calling the source and I am redirecting to that particular folder like into modules dot slash modules and slash AWC case and whatever values I have declared here in the left side you can see and these are the values I am passing from the TF Ward file and the same 40ks node group I am calling the source and here is the most important thing you can see here this is the forage Loop right where I am looping all the things so you know using this code I can create n number of eqs clustered with n number of node group okay so this is very very important data form configuration so I would suggest you go and watch that particular video if you are having any doubts I will push this code as well to the GitHub repository for your references but for understanding you have to watch the playlist okay once this is done first thing is what we have to create the eks cluster right so once this Docker image cleanup is done we have pushed to the ECR now CI part is done we don't need these stages so either we can create a different CD pipeline or we can utilize the same Jenkins pipeline right so here you can see if you will utilize the same some more stages will come here right we can see the blueprint of some more stages but you can refer to uh you know if you can create a different CD pipeline as well so that you can segregate is it well okay but here in this project I will be utilizing the same pipeline in order to create it in order to extend it right so once this is done so we have to modify our Jenkins ECR file right so we will start writing the stage correct so this will be create eks cluster stage okay so here you can go stage create eks cluster with data form okay and here inside this we would be needing steps inside the steps we would be needing a script inside the script we will be writing our all the data from code whatever is necessary to create this all right so for the first time what we will do we will do terraform init and data form plan okay so okay okay so all right so here what are all the command we would be needing first you can see here we have to jump it into this eks module folder right whenever this all Java application will get copied onto is your Jenkins right Jenkins server it will not find the terraform main.tf file why because it is inside the eks module so for that what we have to do we have to generate a syntax generator Syntax for directory so good here it starts for directory and here you have to mention the directory path so for in our case what is the directory e case underscore module keep it properly e case underscore module generate it take this block okay once this is done just come back to this and here paste it let me reframe it all right so now in that directory what we have to do we have to write the multi-stitch cell so how we can write using this three quotes we will enclose all the command within this codes right here what is the what are all the command we have data form in it and then Theta form plan but Theta form plan we can write but you know we want to pass our access key and secret key through Jenkins okay right we don't want to pass hard code this into the code right for different different environment are you going to use the same that will not work correct so for that we have to variabilize this so right now you can see it is taking some random values so better let's clear it off so let's better delete this we don't we don't want to pass any default value here okay apart from that this is the default value right apart from that what do I want I want to deploy into different different reason using the same data form code right so we can verify this as well so you know what we are doing we are variables this where you are variabilizing this all code for Jenkins so that Jenkins can deploy into any reason Jenkins can take pass into the same data form core different AWS account access key and secret key right so the Jenkins will authenticate and deploy the eks cluster in different account also in different reason also so this is very very important right so once you have done that how you will call this how you will call this so first thing would be first thing would be [Music] um so once we have the directory let's go back to that uh Jenkins file and here with the terraform plan we have to pass all the values how we will pass all the values so for that we have to you have to pass as a variable like hyphen where and what is the variable name you have what is the variable name you have access key control C access key equals to so we will pass it as a environment variable before that let's do one thing let's configure the Jenkins access keys and the secret key okay so let me go back to the Jenkins dashboard go to environment variables I mean credentials click on go to dashboard okay sorry manage against and here manage credential and here you can see what I have done I have stored I have stored the access key and the secret key of Jenkins how you can store it so you have to do nothing just go to add credential choose this option secret text one time place the access key and provide some ID and another time place some access secret key right access key and secret key individually I am creating for secret text so same thing you have to do once you will do that you will get something like this right you will get something like this now how you will call this all credential into your Jenkins file right how we will call this so for that what we have to do we have to call these all things as an environment variable here so after parameter here you can call it environment declared some value this key equals to here you have to call this function credentials credential name here access key and Secret key equals to credentials single quotes and then go back to the Jenkins take this name this ID go back again to your correct again go back to the Jenkins take the ID go back to the vs code and paste the ID now this is the value which is stored in which is fetching the credential by this ID and is loading into these variables right now what we have to do we have to go down to go down where we need we would be needing here right access key equals to in this bracket or you don't need this bracket directly just call those access key whichever you have defined up let me do one thing it will be easy for you to differentiate AWS foreign what else we have to pass we have to pass the secret key as well in the same way where not caps iPhone where single quotes take the variable this is the variable right equals to again secret key right again one more thing is reason that also so how where and then single quotes then okay but we are not fetching the reason right you will be thinking I am not fetching the reason so we need to fetch it from where we can see here the reason field is here right so we how we can fetch it from the parameter how let's check if we are fetching somewhere so this is how we can fetch it right params.reason let's take and paste it down is that right and once this is done what we have to do once we have passed the variable we have to pass the TF Word file right hyphen hyphen wire hyphen file equals to dot slash config right see it has to go to this config directory dot slash config slash what is the TFR file name form dot t f words correct in the same way we have to do for terraform apply right so data form apply let's take all the variables again right and this time and this time we have we have to Auto approve it right otherwise what will happen in the Jenkins nobody will approve it and it will get failed Jenkins doesn't pop up here right so for that in order to suppress that thing we will add this right so now it's looks good let's Commit This code and let's try running and get add let's do one thing because we have already done with the CI part right so we don't need to go again with these all steps right so this time I am going to comment this all things what we will need just the git checkout is still required right so that it will fetch the data form code right once this is done save it and then get commit and then get push this is one of the projects you can add into your resume without any second thought okay no need to purchase any premium courses okay let's refresh this hopefully we should be able to get this right now let's go to our Jenkins and try to build it it's hanging okay so this is the user repo name okay because the changes will not get reflected whatever changes we have done now right so let's build this and once this will fail we need to rebuild it unit testing is going on let me check either I have commented that file or not okay okay let me do one thing let me cancel the pipeline foreign get push now hopefully we will be able to get our changes here all things should be commented all right now we can trigger the Jenkins build let's try to build it okay so create dks cluster data form field let's check the errors terraform has been in sliced means it got the directory okay data from plan hyphen I think this is this is causing some issue let's go back to the code save it let's try again add some meaningful commit don't do like me always try to follow the best practices for the time constant I am going with this way build with parameters build it all right here's some measure um something wrong with the code I think here we have missed a code right and here also node subnet IDs okay let's go back to the code data form go to data for and in the node section yeah we have missed it right let's check all is good now correct all looks good let's commit let's push try to build it again if you have any kind of doubt just comment down in the link I would be happy to help you okay so this is working right let's check what is the issue 9 to add zero two change plan is working but Twitter from apply is not working still I still have it added data from apply I think I have removed it but still somehow it left sorry for that get commit get push now this is going to take at least 15 to 20 minutes okay because the code this is a huge setup so just have some peasants thank you and this time it should go through so it is doing data from apply now okay and it has it is failed why because creating IM role entity already exist eks cluster role name with this already exist so we have to change some name because this is already existing or we can we have to remove that name right let me check node IM Rule and eks cluster what is the name in creating I am role eks cluster role name with eks cluster already exist and role name with my node already exist and this is the problem I should have variabilized it but I didn't not I show state for a case and going for node that is the Roll Part this is node group AWS IM role and here node group name okay node group name it is taking the node group name what is the node group name my lets me let me make it in case known the same name node is taking in the same name its role is also taking okay so that is why the issue happened this is not a issue this is just a syntax something we have missed all right let's build it again let's check the console logs initializing the back end data from plan is going on terraform apply all right it started creating okay something wrong cannot create cluster demo because U assist1e the targeted availability Zone does not currently have sufficient capacity so it is saying this cluster in this reason this reason doesn't have enough capacity to run a cluster as of now right so for that what we have to do how we can correlate this how we can correlate this we have to remove the subnet which is present into this USS one e right so let's go to VPC subnet part choose the VPC as of now we have just default to APC right let's go to the code and let's see here first which is the subnet ID which is in your assist one e okay we will remove that subnet use assist one e this is the one right and what is the subnet ID 55 okay let's go back to the code 55 this is the one right let's remove this from here here as well all is good all right let's push the latest changes so this is called this is the thing we are doing that is called troubleshooting guys so how you can you know Rectify your issues whenever it is coming in your way instead of searching and asking with someone these are the literal issues we would be able to troubleshoot as a devops engineer right so terraform plan is done this time it should work hopefully it started creating okay so it is going to take 15 to 20 minutes all right till that time I am going to pause the video okay once this is done we can get started with the next steps all right so our e-case with along with a single node group has been created so let's just go to our dks universe console and verify this let's search for E case go to Cluster and this is the cluster right and if you will go to this compute and here you can see this is the node group right so now let's go ahead and just first thing what we have to do once eks cluster has been created it is not showing the node not sure why okay let's wait for some time okay once now our second task is after eks creation we have to authenticate with that particular e case right in order to connect it because usually you need to connect to that in case cluster you can't you know directly access it like easy to instance so for that there should be a third server second server from where you would be able to access it right so now let's try to connect I will be adding one more stage here connect to eks okay insert this steps inside steps script if you're if you don't know how we can do that what you have to do just go ahead and search for Connect to PKS you will land on the first document aw amazon.com okay this is the last code guys okay so for that what you have to do AWS should be installed onto your ec2 instance okay apart from that you have to check what is the current caller identity you have right the current user or the role rule you are using you can verify the correct credential okay and after that you have to use this you have to update the cube config with that particular user okay well and with the particular cluster name right once this is this is done you would be able to access the cube for Native services I think the document has been updated but that is that is fine that is not the issue all right so for that what you have to do once you have to install the AWS CLI onto your local system okay you have to install AWS CLI on your local system so that you can run the AWS Command right because if you will see the connection was using AWS CLI only let's go back to the docs awsc case right so once you have done the that thing let's you have to set the credential okay so let's come here into the script section let me write notice page multi slang script so this will basically start with AWS so how you will get this option what we are trying to automatically let me tell you so let's see if AWS is not installed into my local let me go to the okay here let's go to the ec2 he said to instances Jenkins try to connect so once you will run this command you are getting something like this right so these thing we are trying to automate right we don't want to use the same access key and the secret key for different different reasons or different different account right so that's what we are trying to automate here so now we will go back here so the command is AWS config configure set and this keyword should be correct AWS access key ID and what is the access key this is the access key take this okay now same thing you have to do for aw please secret access key okay and apart from that we would be needing the reason as well right you saw right the third thing was reason and the fourth thing is the output format either it is Json or something else txt whatever format you want you can provide there okay the third command is set the reason so I will be using the same command here it was configured set reason how we will get the reason from the parameters take the same come here okay and the output is default you can keep it default okay no need to set that if you want you can set in the same way okay and once this is done guys what we have to do we have to authenticate with the kubernetes cluster right so here let's go back connect to ec2 instance and here you have to take this Command right now let's go back to the Jenkins file paste it it will see case reason so what is the reason it should come from the parameter so because we are variabilizing this as well so that if it is present into different different reasons different kubernetes cluster it should utilize that and here how we will pass the keyword cluster name so let's variabilize this as well I think we have not yet done here I want to create one more string I'm in a field where I can pass the variables right here let's name it cluster name of the eks eks cluster right and what is the default name what is the default name you want to provide right now let's keep this as it is as a default name democracy itself if you have multiple cluster multi-cluster then you can pass the same different different name right you can fill the form once this is done you can use this variable or you will use the variable and the same way cluster name plus dynamicals to cluster name with a space and then dollar and then paste it patterns Dot let's take the variable name cluster then right so you can you know utilize the same code for different different e case cluster and which is present in two different different reasons right so let's suppose the core and let's see if we are facing any difficulty to authenticate with the eks cluster so in addition to that next time I will be running Helm chat okay because I have recently launched a playlist separate completely real-time playlist for the kubernetes as well sorry Helm shot so that you can refer using that only you can easily deploy okay you will not get any issue built with parameter and this time it should fail because we are not getting the demo clustered by default it will not get Fair because okay let's see what is the issue update reason parents dot reason update game play update Cube config hyphenation name okay there is extra dollar once this is done let's you can build from here itself [Music] okay we'll look at the parameter this time we will get okay it failed that is why we haven't got the cluster name form here filled here right so this time it should so it is applying it is just it will just refresh because I have already stored the configuration it failed unknown Option demo cluster c l d s t e R1 okay let's check what is the cluster name we have demo cluster one what they already saying hyphen hyphen name and cluster name okay finally I find if a name is required here all right once this is done it's built with parameter this time we will get the option right after this and reason is already there right let's build this let's check the logs so make sure you have installed the cube CTL onto your uh okay string the string sign wrong with this invalid signature option it is n equals to uss1 something unknown error it is so let me tell you what was the issue actually I was facing so in order to remove that issue what I have done just go to ec2 and I have just tried to run my Docker was not running here right when I have done the docker images I was giving this error so in order to remove that error what I have done I have just given the permission and I just ran this Docker images and now it was working okay then I have just restarted my docker once that is done I was able to authenticate you can see I was able to update my cubeconfig file right so just after this what we have to do now we have to apply our kubernetes manifest file here right so we have to add one more stage here right so let's add this stage steps script and here we will start writing our things so what is the first thing so this connect to eks and create eks when we have to do when we will do this when we will do the create we will choose the create right let's do that as well when connect to eks should be done just before the steps always create for the steps for the steps correct and here we will start writing our things like so mainly what I have to do so let's declare a variable first Define apply so first value I will set it as false right and I want to give a input message before that let's do a try catch is okay this is the message you will give if okay then sub message on the button you will get only two way to apply the config if yes if user has given a he want to apply then we will set the value to True correct earlier it was false right some error came catch some error came then we will grab the error and then apply value will be False only by default it is false then again if something got changed again it will be false and I don't want to make the current build as field if a user has denied apply right otherwise you will see the red thing there right so what we will do we will just make it not make it to fail current will this is the Jenkins variable we will set this result as an stable okay we will set the build as unstable and after the catch you if based on the apply apply value either it is true or false we will do everything what like as such it keeps it here so our pipeline is ready but we just need to prepare our you know we have to prepare our our kubernetes manifest file like the deployment and the services that is still missing right so that I am going to write here let's create a deployment file here and this is Java application deployment dot EML and here we will write our manifest file I think I will have already into my look let me grab that and change accordingly this is the deployment.ml file it's copy this and paste it let me explain you as well so this is just a simple basic deployment file right I'm just this is the name I'm giving okay and this is these are my match labels you can see my selector and this is matching right apart from that I am running three replicas and here I am running uh three replicas and this is my container section where I'm giving the name the container to this and here we have to provide the name of the image correct so so we have pushed the image to the ECR right let's go to ECR and take the URI of the image Repository and this is the repo we are using right click on this and take the URI go back to the code and let's replace all right once this is done make sure your container Port is matching with the Target Port of the service okay and here I am exposing the service as a load balancer so we will get a physical load balancer into AWS so that we can access our application all right so let's push the changes I will put this all code to the my GitHub repos for your reference let's try to rebuild the Jenkins pipeline it's all good just setting up the profile okay and now here you will get something like this this is the message right please confirm to deploy an I guess and on the button a button in the sense it will go back here you are getting something like this ready to apply to the config yes if yes then let's check it is succeeded correct once this is succeeded make sure Cube CTL you have installed right then only you would be able to authenticate right okay unable to connect to the server so in order to connect to the server what you have to do go to Jenkins Fire Let's tram the command the name of the cluster is demo demo clustered one and what is the reason yes this one once done let's try to the cubes it will get a here we go right if you will go here if you will go to ec2 install section to check the health status of the application if you scroll down under the load balancer here you can see the load balance that is created just get into this load balancer go to hell check go to instances and currently this is out of service so it takes some time to come up okay no need to worry once it will come into in-service you would be able to access your application okay let's wait for some time our main motto was to how we can dockerize containerize and make our complete application up using gene CI CD right and we have saw the most important part here the major part here that was Jenkins shared Library so hope you have learned a lot today so please like comment and share if you really find my video helpful thank you

Info

Channel: Mr. DevOps

Views: 24,323

Rating: undefined out of 5

Keywords: mrdevops, cicd, jenkins, devopsproject, helm, kubernetes, docker, completedevopsproject, maven, git, github, realtime, jenkinssharedlibrary, eks, aws, training, cloud, devops

Id: g-v9AsubOqY

Channel Id: undefined

Length: 166min 50sec (10010 seconds)

Published: Sat Apr 01 2023