In this tutorial series we are going to deploy a microservice to the Amazon Web Services Cloud with one click. In order to do so, we are going to set up our AWS Account and configure CodeCommit, S3, SNS/SQS and ECR to fit our requirements. Then we are going to use the microservice provided by Spring's Spring Boot Docker example and modify Amazon's Reference Architecture for CloudFormation to deploy our service. To connect Jenkins to AWS we are going to use different plugins that act as interfaces. Finally, we are going to write a Declarative Pipeline that checks out our code from CodeCommit, builds it, tests it and deploys it to CloudFormation using the modified reference architecture.
In this tutorial we will be using eu-central-1 as our preferred region. All links in the tutorial point to this region.
Navigate to the IAM Menu (https://console.aws.amazon.com/iam/home) and create a new user for Jenkins.
Select the checkbox for Programmatic access
Assign the AdministratorAccess policy to the Jenkins user. This allows us to use all resources that we need.
Otherwise, we would need to add the following policies to Jenkins
Access Key and Secret Key
After we have created the users Access Key, the associated Secret Key will be shown.
Download the .csv containing the Access Key and Secret Key.
! IMPORTANT: The Secret Key will not be shown beyond this point. If you forget to note it down you will have to generate a new one for the user. !
To use the AWS CodeCommit Repository that we will create later on, we will need credentials to access it. Go to the Jenkins User Security credentials and click the Generate button under "HTTPS Git credentials for AWS CodeCommit"
Download the .csv containing the CodeCommit credentials.
! IMPORTANT: The Password will not be shown beyond this point. If you forget to note it down you will have to reset the password or generate new credentials for the user. !
The AWS CLI is necessary to execute AWS specific commands that are not available through plugins.
Download the installer and run it on your Windows machine. It should install the AWS CLI making it available in Command Prompt (cmd) and Powershell.
Configure CLI: Run aws configure with Jenkins Access/Secret Key (https://docs.aws.amazon.com/cli/latest/userguide/cli-chap-getting-started.html#cli-quick-configuration)
To configure the AWS CLI, open cmd or powershell and enter aws configure. Enter your data as shown below:
C:\Users\exampleuser> aws configureAWS Access Key ID [None]: AKIAIOSFODNN7EXAMPLEAWSSecret Access Key [None]: wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY Default region name [None]: eu-central-1 Default output format [None]: json
Copy the generated .aws folder located at C:\Users\\.aws to the home directory of the SYSTEM user C:\Windows\System32\config\systemprofile (Jenkins runs on SYSTEM User)
Jenkins should now be able to run AWS CLI commands.
AWS CodeCommit is a version control service hosted by Amazon Web Services that you can use to privately store and manage assets (such as documents, source code, and binary files) in the cloud.
We will use it to commit the source code and the CloudFormation configuration.
Steps to create a new repository: https://eu-central-1.console.aws.amazon.com/codecommit/home?region=eu-central-1
In order that Jenkins triggers a build on git push, Jenkins listens to a queue which gets notified through an SNS Topic.
Git Push → (Push Trigger) → Sends Message to Topic (SNS) → Directs Message to Subscribers (Queue, SQS) → Jenkins (SQS Listener)
1) Create SNS Topic: https://eu-central-1.console.aws.amazon.com/sns/v2/home?region=eu-central-1#/topics
Steps to create a new topic:
2) Create CodeCommit Trigger (on push to existing branches) linking to SNS Topic
Steps to create a push trigger:
Steps to create a new queue:
4) Subscribe Queue to SNS Topic: https://eu-central-1.console.aws.amazon.com/sqs/home?region=eu-central-1
Steps to subscribe your queue to a topic:
We will use the S3 bucket to store our built .jar files and CloudFormation Templates, so that the AWS CloudFormation can access them.
Steps to create a new S3 Bucket:
! The bucket name must be unique across all existing bucket names in Amazon S3 !
We use ECS to run our application. In order to do so, we need to initially create an ECR where we can upload our docker images.
Create a new repository: