modified terraform files

.gitignore

@@ -77,8 +77,10 @@ Thumbs.db
 mongodb/
 
 terraform/.terraform/*
-terraform/terra-key.pub
-terraform/terra-key
+terraform/new-keypair.pub
+terraform/new-keypair
+terraform/new-keypair.pem
+terraform/new-keypair.pem.pub
 terraform/terraform.tfstate*
 terraform/.terraform.lock.hcl
 terraform/.terraform/modules/*
@@ -91,7 +93,9 @@ terraform.tfstate
 terraform.tfstate.backup
 terraform/terraform.tfstate
 terraform/terraform.tfstate.backup
-terra-key.pub
-terra-key
+new-keypair.pub
+new-keypair
+new-keypair.pem
+new-keypair.pem.pub
 terraform/apps/helm-values/.*
 

Jenkinsfile

@@ -5,11 +5,11 @@ pipeline {
 
     environment {
         // Update the main app image name to match the deployment file
-        DOCKER_IMAGE_NAME = 'laxg66/easyshop-app'
-        DOCKER_MIGRATION_IMAGE_NAME = 'laxg66/easyshop-migration'
+        DOCKER_IMAGE_NAME = 'efritznel/easyshop-app'
+        DOCKER_MIGRATION_IMAGE_NAME = 'efritznel/easyshop-migration'
         DOCKER_IMAGE_TAG = "${BUILD_NUMBER}"
         GITHUB_CREDENTIALS = credentials('github-credentials')
-        GIT_BRANCH = "master"
+        GIT_BRANCH = "main"
     }
 
     stages {
@@ -24,7 +24,7 @@ pipeline {
         stage('Clone Repository') {
             steps {
                 script {
-                    clone("https://github.com/lax66/tws-e-commerce-app_hackathon.git","master")
+                    clone("https://github.com/efritznel/3tier-webapp-eks.git","main")
                 }
             }
         }
@@ -115,7 +115,7 @@ pipeline {
                         manifestsPath: 'kubernetes',
                         gitCredentials: 'github-credentials',
                         gitUserName: 'Jenkins CI',
-                        gitUserEmail: 'misc.lucky66@gmail.com'
+                        gitUserEmail: 'efritznel@gmail.com'
                     )
                 }
             }

README.md

@@ -101,19 +101,19 @@ sudo ./aws/install
 1. **Clone the Repository:**
 First, clone this repo to your local machine:<br/>
 ```bash
-git clone https://github.com/LondheShubham153/tws-e-commerce-app.git
+git clone https://github.com/efritznel/3tier-webapp-eks.git
 cd terraform
 ```
 2. **Generate SSH Key Pair:**
 Create a new SSH key to access your EC2 instance:
 ```bash
-ssh-keygen -f terra-key
+ssh-keygen -f new-keypair
 ```
 This will prompt you to create a new key file named terra-key.
 
 3. **Private key permission:** Change your private key permission:
 ```bash
-chmod 400 terra-key
+chmod 400 new-keypair
 ```
 
 4. **Initialize Terraform:**
@@ -136,7 +136,7 @@ terraform apply
 7. **Access Your EC2 Instance;** <br/>
 After deployment, grab the public IP of your EC2 instance from the output or AWS Console, then connect using SSH:
 ```bash
-ssh -i terra-key ubuntu@<public-ip>
+ssh -i new-keypair ubuntu@<public-ip>
 ```
 8. **Update your kubeconfig:**
 wherever you want to access your eks wheather it is yur local machine or bastion server this command will help you to interact with your eks.
@@ -148,7 +148,7 @@ aws configure
 ```
 
 ```bash
-aws eks --region eu-west-1 update-kubeconfig --name tws-eks-cluster
+aws eks --region us-east-1 update-kubeconfig --name ithomelab-eks-cluster
 ```
 9. **Check your cluster:**
 ```bash
@@ -215,7 +215,7 @@ sudo systemctl status jenkins
 > - **Add a New Shared Library:** 
 > - **Name:** Shared
 > - **Default Version:** main
-> - **Project Repository URL:** `https://github.com/<your user-name/jenkins-shared-libraries`.
+> - **Project Repository URL:** `https://github.com/efritznel/jenkins-shared-libraries`.
 >
 > [Notes:] 
 > Make sure the repo contains a proper directory structure eq: vars/<br/>
@@ -229,15 +229,15 @@ sudo systemctl status jenkins
 > > In **General**<br/>
 > > - **Description:** EasyShop<br/>
 > > - **Check the box:** `GitHub project`<br/>
-> > - **GitHub Repo URL:** `https://github.com/<your user-name/tws-e-commerce-app`<br/>
+> > - **GitHub Repo URL:** `https://github.com/efritznel/3tier-webapp-eks`<br/>
 >
 > > In **Trigger**<br/>
 > > - **Check the box:**`GitHub hook trigger for GITScm polling`<br/>
 >
 > > In **Pipeline**<br/>
 > > - **Definition:** `Pipeline script from SCM`<br/>
 > > - **SCM:** `Git`<br/>
-> > - **Repository URL:** `https://github.com/<your user-name/tws-e-commerce-app`<br/>
+> > - **Repository URL:** `https://github.com/efritznel/3tier-webapp-eks`<br/>
 > > - **Credentials:** `github-credentials`<br/>
 > > - **Branch:** master<br/>
 > > - **Script Path:** `Jenkinsfile`<br/>
@@ -283,7 +283,7 @@ Add your Access Key and Secret Key when prompted.
 **9. Update Kubeconfig for EKS**<br/>
 Run the following important command:
 ```bash
-aws eks update-kubeconfig --region eu-west-1 --name tws-eks-cluster
+aws eks update-kubeconfig --region us-east-1 --name ithomelab-eks-cluster
 ```
 * This command maps your EKS cluster with your Bastion server.
 * It helps to communicate with EKS components.
@@ -335,7 +335,7 @@ server:
       alb.ingress.kubernetes.io/backend-protocol: HTTP
       alb.ingress.kubernetes.io/listen-ports: '[{"HTTP":80}, {"HTTPS":443}]'
       alb.ingress.kubernetes.io/ssl-redirect: '443'
-    hostname: argocd.devopsdock.site
+    hostname: argocd.fritzhomelab.com
     aws:
       serviceType: ClusterIP # <- Used with target-type: ip
       backendProtocolVersion: GRPC
@@ -344,7 +344,7 @@ server:
 ```
 helm upgrade my-argo-cd argo/argo-cd -n argocd -f my-values.yaml
 ```
-5. add the record in route53 “argocd.devopsdock.site” with load balancer dns.
+5. add the record in route53 “argocd.fritzhomelab.com” with load balancer dns.
 
 6. access it in browser.
 
@@ -398,7 +398,7 @@ annotations:
     kubernetes.io/ingress.class: alb
 ```
 
-- **add record to route 53 “easyshop.devopsdock.site”**
+- **add record to route 53 “easyshop.fritzhomelab.com”**
 
 - **Access your site now.**
 
@@ -450,7 +450,7 @@ annotations:
       alb.ingress.kubernetes.io/ssl-redirect: '443'
 
     hosts:
-      - grafana.devopsdock.site
+      - grafana.fritzhomelab.com
 ```
 
 **Prometheus:** 
@@ -469,7 +469,7 @@ annotations:
 
 
     hosts: 
-      - prometheus.devopsdock.site
+      - prometheus.fritzhomelab.com
         paths:
         - /
         pathType: Prefix
@@ -486,7 +486,7 @@ annotations:
       alb.ingress.kubernetes.io/ssl-redirect: '443'
 
     hosts: 
-      - alertmanager.devopsdock.site
+      - alertmanager.fritzhomelab.com
     paths:
     - /
     pathType: Prefix
@@ -677,7 +677,7 @@ ingress:
   # kubernetes.io/ingress.class: nginx
   # kubernetes.io/tls-acme: "true"
   hosts:
-    - host: logs-kibana.devopsdock.site
+    - host: logs-kibana.fritzhomelab.com
       paths:
         - path: /
 ```
@@ -712,42 +712,42 @@ filebeatConfig:
 upgrade filebeat helm chart and check in kibana’s UI if the app logs are streaming.
 
 ## **Congratulations!** <br/>
-![EasyShop Website Screenshot](./public/easyshop.JPG)
+![Project Image](https://github.com/efritznel/3tier-webapp-eks/blob/main/images/Website.GIF)
 
 ---
 
 ### 📌 Architecture Diagram
-![Diagram](./public/diagram-export.JPG)
+![Project Image](https://github.com/efritznel/3tier-webapp-eks/blob/main/images/Microservices.gif)
 
 ---
 
-### 📌 ArgoCD
-![ArgoCD](./public/Argocd.JPG)
+### 📌 ArgoCD Login
+![Project Image](https://github.com/efritznel/3tier-webapp-eks/blob/main/images/argocd.GIF)
 
 ---
 
-### 📌 Capture
-![Capture](./public/Capture.JPG)
+### 📌 ArgoCD Deployment
+![Project Image](https://github.com/efritznel/3tier-webapp-eks/blob/main/images/argocd-deployment.GIF)
 
 ---
 
 ### 📌 AlertManager
-![AlertManager](./public/alertManager.JPG)
+![Project Image](https://github.com/efritznel/3tier-webapp-eks/blob/main/images/Alertmanager%20login.GIF)
 
 
 ---
 
-### 📌 Grafana Dashboard
-![Grafana](./public/grafana.JPG)
+### 📌 Grafana login
+![Project Image](https://github.com/efritznel/3tier-webapp-eks/blob/main/images/grafana%20login.GIF)
 
 ---
 
-### 📌 Kibana Logs View
-![Kibana](./public/kibana.JPG)
+### 📌 Grafana Dashboard
+![Project Image](https://github.com/efritznel/3tier-webapp-eks/blob/main/images/grafana%20dashboard.GIF)
 
 ---
 
 ### 📌 Prometheus Dashboard
-![Prometheus](./public/prometheus.JPG)
+![Project Image](https://github.com/efritznel/3tier-webapp-eks/blob/main/images/prometheus%20login.GIF)
+
 
-### WO! ooo!!! ...Your project is now deployed.

kubernetes/04-configmap.yaml

@@ -6,7 +6,7 @@ metadata:
 data:
   MONGODB_URI: "mongodb://mongodb-service:27017/easyshop"
   NODE_ENV: "production"
-  NEXT_PUBLIC_API_URL: "https://easyshop.devopsdock.site/api"
-  NEXTAUTH_URL: "https://easyshop.devopsdock.site/"
+  NEXT_PUBLIC_API_URL: "https://easyshop.fritzhomelab.com/api"
+  NEXTAUTH_URL: "https://easyshop.fritzhomelab.com/"
   NEXTAUTH_SECRET: "HmaFjYZ2jbUK7Ef+wZrBiJei4ZNGBAJ5IdiOGAyQegw="
   JWT_SECRET: "e5e425764a34a2117ec2028bd53d6f1388e7b90aeae9fa7735f2469ea3a6cc8c"

kubernetes/10-ingress.yaml

@@ -2,19 +2,16 @@ apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
   name: easyshop-ingress
-  namespace: easyshop
   annotations:
-    alb.ingress.kubernetes.io/group.name: easyshop-app-lb
     alb.ingress.kubernetes.io/scheme: internet-facing
-    alb.ingress.kubernetes.io/certificate-arn: arn:aws:acm:us-east-1:876997124628:certificate/3fcfd586-3638-4997-9073-95d43d155430
     alb.ingress.kubernetes.io/target-type: ip
-    alb.ingress.kubernetes.io/backend-protocol: HTTP
-    alb.ingress.kubernetes.io/listen-ports: '[{"HTTP":80}, {"HTTPS":443}]'
+    alb.ingress.kubernetes.io/listen-ports: '[{"HTTP":80},{"HTTPS":443}]'
     alb.ingress.kubernetes.io/ssl-redirect: '443'
-    kubernetes.io/ingress.class: alb
+    alb.ingress.kubernetes.io/certificate-arn: arn:aws:acm:us-east-1:153435306748:certificate/45da4535-0a31-4861-88a8-32d440a725e2
 spec:
+  ingressClassName: alb
   rules:
-  - host: easyshop.devopsdock.site
+  - host: easyshop.fritzhomelab.com
     http:
       paths:
       - path: /
@@ -25,3 +22,4 @@ spec:
             port:
               number: 80
 
+

kubernetes/12-migration-job.yaml

@@ -8,7 +8,7 @@ spec:
     spec:
       containers:
       - name: migration
-        image: trainwithshubham/easyshop-migration:1
+        image: efritznel/easyshop-migration:4
         imagePullPolicy: Always
         env:
         - name: MONGODB_URI

terraform/bastion_ec2.tf

@@ -34,7 +34,7 @@ resource "aws_security_group" "allow_user_bastion" {
 resource "aws_instance" "bastion_host" {
   ami                    = data.aws_ami.os_image.id
   instance_type          = var.instance_type
-  key_name               = aws_key_pair.deployer.key_name
+  key_name               = aws_key_pair.new_keypair.key_name
   vpc_security_group_ids = [aws_security_group.allow_user_bastion.id]
   subnet_id              = module.vpc.public_subnets[0]
   user_data              = file("${path.module}/bastion_user_data.sh")

terraform/ec2.tf

@@ -11,11 +11,23 @@ data "aws_ami" "os_image" {
   }
 }
 
-resource "aws_key_pair" "deployer" {
-  key_name   = "terra-automate-key"
-  public_key = file("terra-key.pub")
+resource "tls_private_key" "new_keypair" {
+  algorithm = "ED25519"
 }
 
+resource "aws_key_pair" "new_keypair" {
+  key_name   = "new-keypair"
+  public_key = tls_private_key.new_keypair.public_key_openssh
+}
+
+resource "local_file" "new_keypair_pem" {
+  filename        = "${path.module}/keys/new-keypair.pem"
+  content         = tls_private_key.new_keypair.private_key_openssh
+  file_permission = "0600"
+}
+
+
+
 resource "aws_security_group" "allow_user_to_connect" {
   name        = "allow TLS"
   description = "Allow user to connect"
@@ -53,7 +65,7 @@ resource "aws_security_group" "allow_user_to_connect" {
 resource "aws_instance" "testinstance" {
   ami                    = data.aws_ami.os_image.id
   instance_type          = var.instance_type
-  key_name               = aws_key_pair.deployer.key_name
+  key_name               = aws_key_pair.new_keypair.key_name
   vpc_security_group_ids = [aws_security_group.allow_user_to_connect.id]
   subnet_id              = module.vpc.public_subnets[0]
   user_data              = file("${path.module}/install_tools.sh")

terraform/eks.tf

@@ -31,7 +31,7 @@ module "eks" {
   access_entries = {
     # One access entry with a policy associated
     example = {
-      principal_arn = "arn:aws:iam::876997124628:user/terraform"
+      principal_arn = "arn:aws:iam::153435306748:user/ithomelabadmin"
 
       policy_associations = {
         example = {
@@ -90,16 +90,16 @@ module "eks" {
     tws-demo-ng = {
       min_size     = 1
       max_size     = 3
-      desired_size = 1
+      desired_size = 3
 
       instance_types = ["t3.large"]
-      capacity_type  = "SPOT"
+      capacity_type = "SPOT"
 
       disk_size                  = 35
       use_custom_launch_template = false # Important to apply disk size!
 
       remote_access = {
-        ec2_ssh_key               = resource.aws_key_pair.deployer.key_name
+        ec2_ssh_key               = resource.aws_key_pair.new_keypair.key_name
         source_security_group_ids = [aws_security_group.node_group_remote_access.id]
       }
 

terraform/new-keypair

@@ -0,0 +1,7 @@
+-----BEGIN OPENSSH PRIVATE KEY-----
+b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW
+QyNTUxOQAAACCaHX6stdlzC+kpY5ZdfI7/ohHE4AX4Pf4SuNXieQR+bQAAAJjESnJ2xEpy
+dgAAAAtzc2gtZWQyNTUxOQAAACCaHX6stdlzC+kpY5ZdfI7/ohHE4AX4Pf4SuNXieQR+bQ
+AAAECArPjSBKhAp8khSxlpd6SyxzR2xW4UROjLXlEM2t3pcJodfqy12XML6Sljll18jv+i
+EcTgBfg9/hK41eJ5BH5tAAAAEmZldGllbm5lQElUSE9NRUxBQgECAw==
+-----END OPENSSH PRIVATE KEY-----

terraform/new-keypair.pub

@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJodfqy12XML6Sljll18jv+iEcTgBfg9/hK41eJ5BH5t fetienne@ITHOMELAB