diff --git a/.gitignore b/.gitignore
index 0eff0c1b..66f2aa12 100755
--- a/.gitignore
+++ b/.gitignore
@@ -77,8 +77,10 @@ Thumbs.db
mongodb/
terraform/.terraform/*
-terraform/terra-key.pub
-terraform/terra-key
+terraform/new-keypair.pub
+terraform/new-keypair
+terraform/new-keypair.pem
+terraform/new-keypair.pem.pub
terraform/terraform.tfstate*
terraform/.terraform.lock.hcl
terraform/.terraform/modules/*
@@ -91,7 +93,9 @@ terraform.tfstate
terraform.tfstate.backup
terraform/terraform.tfstate
terraform/terraform.tfstate.backup
-terra-key.pub
-terra-key
+new-keypair.pub
+new-keypair
+new-keypair.pem
+new-keypair.pem.pub
terraform/apps/helm-values/.*
diff --git a/Jenkinsfile b/Jenkinsfile
index d5106d88..f94ef246 100644
--- a/Jenkinsfile
+++ b/Jenkinsfile
@@ -5,11 +5,11 @@ pipeline {
environment {
// Update the main app image name to match the deployment file
- DOCKER_IMAGE_NAME = 'laxg66/easyshop-app'
- DOCKER_MIGRATION_IMAGE_NAME = 'laxg66/easyshop-migration'
+ DOCKER_IMAGE_NAME = 'efritznel/easyshop-app'
+ DOCKER_MIGRATION_IMAGE_NAME = 'efritznel/easyshop-migration'
DOCKER_IMAGE_TAG = "${BUILD_NUMBER}"
GITHUB_CREDENTIALS = credentials('github-credentials')
- GIT_BRANCH = "master"
+ GIT_BRANCH = "main"
}
stages {
@@ -24,7 +24,7 @@ pipeline {
stage('Clone Repository') {
steps {
script {
- clone("https://github.com/lax66/tws-e-commerce-app_hackathon.git","master")
+ clone("https://github.com/efritznel/3tier-webapp-eks.git","main")
}
}
}
@@ -115,7 +115,7 @@ pipeline {
manifestsPath: 'kubernetes',
gitCredentials: 'github-credentials',
gitUserName: 'Jenkins CI',
- gitUserEmail: 'misc.lucky66@gmail.com'
+ gitUserEmail: 'efritznel@gmail.com'
)
}
}
diff --git a/README.md b/README.md
index d085eb42..dea11330 100644
--- a/README.md
+++ b/README.md
@@ -101,19 +101,19 @@ sudo ./aws/install
1. **Clone the Repository:**
First, clone this repo to your local machine:
```bash
-git clone https://github.com/LondheShubham153/tws-e-commerce-app.git
+git clone https://github.com/efritznel/3tier-webapp-eks.git
cd terraform
```
2. **Generate SSH Key Pair:**
Create a new SSH key to access your EC2 instance:
```bash
-ssh-keygen -f terra-key
+ssh-keygen -f new-keypair
```
This will prompt you to create a new key file named terra-key.
3. **Private key permission:** Change your private key permission:
```bash
-chmod 400 terra-key
+chmod 400 new-keypair
```
4. **Initialize Terraform:**
@@ -136,7 +136,7 @@ terraform apply
7. **Access Your EC2 Instance;**
After deployment, grab the public IP of your EC2 instance from the output or AWS Console, then connect using SSH:
```bash
-ssh -i terra-key ubuntu@
+ssh -i new-keypair ubuntu@
```
8. **Update your kubeconfig:**
wherever you want to access your eks wheather it is yur local machine or bastion server this command will help you to interact with your eks.
@@ -148,7 +148,7 @@ aws configure
```
```bash
-aws eks --region eu-west-1 update-kubeconfig --name tws-eks-cluster
+aws eks --region us-east-1 update-kubeconfig --name ithomelab-eks-cluster
```
9. **Check your cluster:**
```bash
@@ -215,7 +215,7 @@ sudo systemctl status jenkins
> - **Add a New Shared Library:**
> - **Name:** Shared
> - **Default Version:** main
-> - **Project Repository URL:** `https://github.com/ - **Project Repository URL:** `https://github.com/efritznel/jenkins-shared-libraries`.
>
> [Notes:]
> Make sure the repo contains a proper directory structure eq: vars/
@@ -229,7 +229,7 @@ sudo systemctl status jenkins
> > In **General**
> > - **Description:** EasyShop
> > - **Check the box:** `GitHub project`
-> > - **GitHub Repo URL:** `https://github.com/
+> > - **GitHub Repo URL:** `https://github.com/efritznel/3tier-webapp-eks`
>
> > In **Trigger**
> > - **Check the box:**`GitHub hook trigger for GITScm polling`
@@ -237,7 +237,7 @@ sudo systemctl status jenkins
> > In **Pipeline**
> > - **Definition:** `Pipeline script from SCM`
> > - **SCM:** `Git`
-> > - **Repository URL:** `https://github.com/
+> > - **Repository URL:** `https://github.com/efritznel/3tier-webapp-eks`
> > - **Credentials:** `github-credentials`
> > - **Branch:** master
> > - **Script Path:** `Jenkinsfile`
@@ -283,7 +283,7 @@ Add your Access Key and Secret Key when prompted.
**9. Update Kubeconfig for EKS**
Run the following important command:
```bash
-aws eks update-kubeconfig --region eu-west-1 --name tws-eks-cluster
+aws eks update-kubeconfig --region us-east-1 --name ithomelab-eks-cluster
```
* This command maps your EKS cluster with your Bastion server.
* It helps to communicate with EKS components.
@@ -335,7 +335,7 @@ server:
alb.ingress.kubernetes.io/backend-protocol: HTTP
alb.ingress.kubernetes.io/listen-ports: '[{"HTTP":80}, {"HTTPS":443}]'
alb.ingress.kubernetes.io/ssl-redirect: '443'
- hostname: argocd.devopsdock.site
+ hostname: argocd.fritzhomelab.com
aws:
serviceType: ClusterIP # <- Used with target-type: ip
backendProtocolVersion: GRPC
@@ -344,7 +344,7 @@ server:
```
helm upgrade my-argo-cd argo/argo-cd -n argocd -f my-values.yaml
```
-5. add the record in route53 “argocd.devopsdock.site” with load balancer dns.
+5. add the record in route53 “argocd.fritzhomelab.com” with load balancer dns.
6. access it in browser.
@@ -398,7 +398,7 @@ annotations:
kubernetes.io/ingress.class: alb
```
-- **add record to route 53 “easyshop.devopsdock.site”**
+- **add record to route 53 “easyshop.fritzhomelab.com”**
- **Access your site now.**
@@ -450,7 +450,7 @@ annotations:
alb.ingress.kubernetes.io/ssl-redirect: '443'
hosts:
- - grafana.devopsdock.site
+ - grafana.fritzhomelab.com
```
**Prometheus:**
@@ -469,7 +469,7 @@ annotations:
hosts:
- - prometheus.devopsdock.site
+ - prometheus.fritzhomelab.com
paths:
- /
pathType: Prefix
@@ -486,7 +486,7 @@ annotations:
alb.ingress.kubernetes.io/ssl-redirect: '443'
hosts:
- - alertmanager.devopsdock.site
+ - alertmanager.fritzhomelab.com
paths:
- /
pathType: Prefix
@@ -677,7 +677,7 @@ ingress:
# kubernetes.io/ingress.class: nginx
# kubernetes.io/tls-acme: "true"
hosts:
- - host: logs-kibana.devopsdock.site
+ - host: logs-kibana.fritzhomelab.com
paths:
- path: /
```
@@ -712,42 +712,42 @@ filebeatConfig:
upgrade filebeat helm chart and check in kibana’s UI if the app logs are streaming.
## **Congratulations!**
-
+
---
### 📌 Architecture Diagram
-
+
---
-### 📌 ArgoCD
-
+### 📌 ArgoCD Login
+
---
-### 📌 Capture
-
+### 📌 ArgoCD Deployment
+
---
### 📌 AlertManager
-
+
---
-### 📌 Grafana Dashboard
-
+### 📌 Grafana login
+
---
-### 📌 Kibana Logs View
-
+### 📌 Grafana Dashboard
+
---
### 📌 Prometheus Dashboard
-
+
+
-### WO! ooo!!! ...Your project is now deployed.
diff --git a/images/Alertmanager login.GIF b/images/Alertmanager login.GIF
new file mode 100644
index 00000000..dee88f37
Binary files /dev/null and b/images/Alertmanager login.GIF differ
diff --git a/images/Microservices.gif b/images/Microservices.gif
new file mode 100644
index 00000000..fac80285
Binary files /dev/null and b/images/Microservices.gif differ
diff --git a/images/Website.GIF b/images/Website.GIF
new file mode 100644
index 00000000..08bef02a
Binary files /dev/null and b/images/Website.GIF differ
diff --git a/images/argocd-deployment.GIF b/images/argocd-deployment.GIF
new file mode 100644
index 00000000..ff46cb25
Binary files /dev/null and b/images/argocd-deployment.GIF differ
diff --git a/images/argocd.GIF b/images/argocd.GIF
new file mode 100644
index 00000000..9a46a4cc
Binary files /dev/null and b/images/argocd.GIF differ
diff --git a/images/grafana dashboard.GIF b/images/grafana dashboard.GIF
new file mode 100644
index 00000000..0e13ad56
Binary files /dev/null and b/images/grafana dashboard.GIF differ
diff --git a/images/grafana login.GIF b/images/grafana login.GIF
new file mode 100644
index 00000000..5da57d1c
Binary files /dev/null and b/images/grafana login.GIF differ
diff --git a/images/prometheus login.GIF b/images/prometheus login.GIF
new file mode 100644
index 00000000..95da069e
Binary files /dev/null and b/images/prometheus login.GIF differ
diff --git a/kubernetes/04-configmap.yaml b/kubernetes/04-configmap.yaml
index 942fffa9..894b989a 100644
--- a/kubernetes/04-configmap.yaml
+++ b/kubernetes/04-configmap.yaml
@@ -6,7 +6,7 @@ metadata:
data:
MONGODB_URI: "mongodb://mongodb-service:27017/easyshop"
NODE_ENV: "production"
- NEXT_PUBLIC_API_URL: "https://easyshop.devopsdock.site/api"
- NEXTAUTH_URL: "https://easyshop.devopsdock.site/"
+ NEXT_PUBLIC_API_URL: "https://easyshop.fritzhomelab.com/api"
+ NEXTAUTH_URL: "https://easyshop.fritzhomelab.com/"
NEXTAUTH_SECRET: "HmaFjYZ2jbUK7Ef+wZrBiJei4ZNGBAJ5IdiOGAyQegw="
JWT_SECRET: "e5e425764a34a2117ec2028bd53d6f1388e7b90aeae9fa7735f2469ea3a6cc8c"
diff --git a/kubernetes/10-ingress.yaml b/kubernetes/10-ingress.yaml
index 77875f8a..b82b63ee 100644
--- a/kubernetes/10-ingress.yaml
+++ b/kubernetes/10-ingress.yaml
@@ -2,19 +2,16 @@ apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: easyshop-ingress
- namespace: easyshop
annotations:
- alb.ingress.kubernetes.io/group.name: easyshop-app-lb
alb.ingress.kubernetes.io/scheme: internet-facing
- alb.ingress.kubernetes.io/certificate-arn: arn:aws:acm:us-east-1:876997124628:certificate/3fcfd586-3638-4997-9073-95d43d155430
alb.ingress.kubernetes.io/target-type: ip
- alb.ingress.kubernetes.io/backend-protocol: HTTP
- alb.ingress.kubernetes.io/listen-ports: '[{"HTTP":80}, {"HTTPS":443}]'
+ alb.ingress.kubernetes.io/listen-ports: '[{"HTTP":80},{"HTTPS":443}]'
alb.ingress.kubernetes.io/ssl-redirect: '443'
- kubernetes.io/ingress.class: alb
+ alb.ingress.kubernetes.io/certificate-arn: arn:aws:acm:us-east-1:153435306748:certificate/45da4535-0a31-4861-88a8-32d440a725e2
spec:
+ ingressClassName: alb
rules:
- - host: easyshop.devopsdock.site
+ - host: easyshop.fritzhomelab.com
http:
paths:
- path: /
@@ -25,3 +22,4 @@ spec:
port:
number: 80
+
diff --git a/kubernetes/12-migration-job.yaml b/kubernetes/12-migration-job.yaml
index e5bbc906..213bbb40 100644
--- a/kubernetes/12-migration-job.yaml
+++ b/kubernetes/12-migration-job.yaml
@@ -8,7 +8,7 @@ spec:
spec:
containers:
- name: migration
- image: trainwithshubham/easyshop-migration:1
+ image: efritznel/easyshop-migration:4
imagePullPolicy: Always
env:
- name: MONGODB_URI
diff --git a/terraform/bastion_ec2.tf b/terraform/bastion_ec2.tf
index 865b939c..3a975358 100644
--- a/terraform/bastion_ec2.tf
+++ b/terraform/bastion_ec2.tf
@@ -34,7 +34,7 @@ resource "aws_security_group" "allow_user_bastion" {
resource "aws_instance" "bastion_host" {
ami = data.aws_ami.os_image.id
instance_type = var.instance_type
- key_name = aws_key_pair.deployer.key_name
+ key_name = aws_key_pair.new_keypair.key_name
vpc_security_group_ids = [aws_security_group.allow_user_bastion.id]
subnet_id = module.vpc.public_subnets[0]
user_data = file("${path.module}/bastion_user_data.sh")
diff --git a/terraform/ec2.tf b/terraform/ec2.tf
index b597aa7a..bb96e0fb 100644
--- a/terraform/ec2.tf
+++ b/terraform/ec2.tf
@@ -11,11 +11,23 @@ data "aws_ami" "os_image" {
}
}
-resource "aws_key_pair" "deployer" {
- key_name = "terra-automate-key"
- public_key = file("terra-key.pub")
+resource "tls_private_key" "new_keypair" {
+ algorithm = "ED25519"
}
+resource "aws_key_pair" "new_keypair" {
+ key_name = "new-keypair"
+ public_key = tls_private_key.new_keypair.public_key_openssh
+}
+
+resource "local_file" "new_keypair_pem" {
+ filename = "${path.module}/keys/new-keypair.pem"
+ content = tls_private_key.new_keypair.private_key_openssh
+ file_permission = "0600"
+}
+
+
+
resource "aws_security_group" "allow_user_to_connect" {
name = "allow TLS"
description = "Allow user to connect"
@@ -53,7 +65,7 @@ resource "aws_security_group" "allow_user_to_connect" {
resource "aws_instance" "testinstance" {
ami = data.aws_ami.os_image.id
instance_type = var.instance_type
- key_name = aws_key_pair.deployer.key_name
+ key_name = aws_key_pair.new_keypair.key_name
vpc_security_group_ids = [aws_security_group.allow_user_to_connect.id]
subnet_id = module.vpc.public_subnets[0]
user_data = file("${path.module}/install_tools.sh")
diff --git a/terraform/eks.tf b/terraform/eks.tf
index 1055cc03..75f8301b 100644
--- a/terraform/eks.tf
+++ b/terraform/eks.tf
@@ -31,7 +31,7 @@ module "eks" {
access_entries = {
# One access entry with a policy associated
example = {
- principal_arn = "arn:aws:iam::876997124628:user/terraform"
+ principal_arn = "arn:aws:iam::153435306748:user/ithomelabadmin"
policy_associations = {
example = {
@@ -90,16 +90,16 @@ module "eks" {
tws-demo-ng = {
min_size = 1
max_size = 3
- desired_size = 1
+ desired_size = 3
instance_types = ["t3.large"]
- capacity_type = "SPOT"
+ capacity_type = "SPOT"
disk_size = 35
use_custom_launch_template = false # Important to apply disk size!
remote_access = {
- ec2_ssh_key = resource.aws_key_pair.deployer.key_name
+ ec2_ssh_key = resource.aws_key_pair.new_keypair.key_name
source_security_group_ids = [aws_security_group.node_group_remote_access.id]
}
diff --git a/terraform/new-keypair b/terraform/new-keypair
new file mode 100644
index 00000000..2b91088e
--- /dev/null
+++ b/terraform/new-keypair
@@ -0,0 +1,7 @@
+-----BEGIN OPENSSH PRIVATE KEY-----
+b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW
+QyNTUxOQAAACCaHX6stdlzC+kpY5ZdfI7/ohHE4AX4Pf4SuNXieQR+bQAAAJjESnJ2xEpy
+dgAAAAtzc2gtZWQyNTUxOQAAACCaHX6stdlzC+kpY5ZdfI7/ohHE4AX4Pf4SuNXieQR+bQ
+AAAECArPjSBKhAp8khSxlpd6SyxzR2xW4UROjLXlEM2t3pcJodfqy12XML6Sljll18jv+i
+EcTgBfg9/hK41eJ5BH5tAAAAEmZldGllbm5lQElUSE9NRUxBQgECAw==
+-----END OPENSSH PRIVATE KEY-----
diff --git a/terraform/new-keypair.pub b/terraform/new-keypair.pub
new file mode 100644
index 00000000..f23aa5cc
--- /dev/null
+++ b/terraform/new-keypair.pub
@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJodfqy12XML6Sljll18jv+iEcTgBfg9/hK41eJ5BH5t fetienne@ITHOMELAB
diff --git a/terraform/provider.tf b/terraform/provider.tf
index e0f633a2..41bfc47f 100644
--- a/terraform/provider.tf
+++ b/terraform/provider.tf
@@ -1,11 +1,11 @@
locals {
- region = "eu-west-1"
- name = "tws-eks-cluster"
+ region = "us-east-1"
+ name = "ithomelab-eks-cluster"
vpc_cidr = "10.0.0.0/16"
- azs = ["eu-west-1a", "eu-west-1b"]
- public_subnets = ["10.0.1.0/24", "10.0.2.0/24"]
- private_subnets = ["10.0.3.0/24", "10.0.4.0/24"]
+ azs = ["us-east-1a", "us-east-1b"]
+ public_subnets = ["10.0.0.0/24", "10.0.1.0/24"]
+ private_subnets = ["10.0.2.0/24", "10.0.3.0/24"]
tags = {
example = local.name
@@ -18,3 +18,20 @@ provider "aws" {
region = local.region
}
+
+terraform {
+ required_providers {
+ aws = {
+ source = "hashicorp/aws"
+ version = "~> 5.0"
+ }
+ tls = {
+ source = "hashicorp/tls"
+ version = "~> 4.0"
+ }
+ local = {
+ source = "hashicorp/local"
+ version = "~> 2.0"
+ }
+ }
+}
diff --git a/terraform/terraform.tf b/terraform/terraform.tf
index db323056..37141c15 100644
--- a/terraform/terraform.tf
+++ b/terraform/terraform.tf
@@ -1,8 +1,9 @@
+# store the terraform state file in s3
terraform {
backend "s3" {
- bucket = "terraform-s3-backend-tws-hackathon"
- key = "backend-locking"
- region = "eu-west-1"
- use_lockfile = true
+ bucket = "eks-project-homelab-backend-bucket004"
+ key = "vpc-terraform-github-action.tfstate"
+ region = "us-east-1"
+ encrypt = true
}
}
\ No newline at end of file