Deploy a CI/CD pipeline for Java microservices on Amazon ECS
Created by Vijay Thompson (AWS) and Sankar Sangubotla (AWS)
Environment: PoC or pilot | Technologies: DevOps; Containers & microservices | AWS services: AWS CodeBuild; Amazon EC2 Container Registry; Amazon ECS; AWS Fargate; AWS CodePipeline |
Summary
This pattern guides you through the steps for deploying a continuous integration and continuous delivery (CI/CD) pipeline for Java microservices on an existing Amazon Elastic Container Service (Amazon ECS) cluster by using AWS CodeBuild. When the developer commits the changes, the CI/CD pipeline is initiated and the build process starts in CodeBuild. When the build is complete, the artifact is pushed to Amazon Elastic Container Registry (Amazon ECR) and the latest build from Amazon ECR is picked up and pushed to the Amazon ECS service.
Prerequisites and limitations
Prerequisites
An existing Java microservices application running on Amazon ECS
Familiarity with AWS CodeBuild and AWS CodePipeline
Architecture
Source technology stack
Java microservices running on Amazon ECS
Code repository in Amazon ECR
AWS Fargate
Source architecture
Target technology stack
Amazon ECR
Amazon ECS
AWS Fargate
AWS CodePipeline
AWS CodeBuild
Target architecture
Automation and scale
CodeBuild buildspec.yml
file:
version: 0.2 phases: pre_build: commands: - echo Logging in to Amazon ECR... - aws --version - $(aws ecr get-login --region $AWS_DEFAULT_REGION --no-include-email) - REPOSITORY_URI=$AWS_ACCOUNT_ID.dkr.ecr.$AWS_DEFAULT_REGION.amazonaws.com/$IMAGE_REPO - COMMIT_HASH=$(echo $CODEBUILD_RESOLVED_SOURCE_VERSION | cut -c 1-7) - IMAGE_TAG=build-$(echo $CODEBUILD_BUILD_ID | awk -F":" '{print $2}') build: commands: - echo Build started on `date` - echo building the Jar file - mvn clean install - echo Building the Docker image... - docker build -t $REPOSITORY_URI:$BUILD_TAG . - docker tag $REPOSITORY_URI:$BUILD_TAG $REPOSITORY_URI:$IMAGE_TAG post_build: commands: - echo Build completed on `date` - echo Pushing the Docker images... - docker push $REPOSITORY_URI:$BUILD_TAG - docker push $REPOSITORY_URI:$IMAGE_TAG - echo Writing image definitions file... - printf '[{"name":"%s","imageUri":"%s"}]' $DOCKER_CONTAINER_NAME $REPOSITORY_URI:$IMAGE_TAG > imagedefinitions.json - cat imagedefinitions.json artifacts: files: - imagedefinitions.json - target/DockerDemo.jar
Tools
AWS services
AWS CodeBuild is a fully managed build service that helps you compile source code, run unit tests, and produce artifacts that are ready to deploy. AWS CodeBuild scales continuously and processes multiple builds concurrently, so your builds are not left in the queue.
AWS CodePipeline helps you quickly model and configure the different stages of a software release and automate the steps required to release software changes continuously. You can integrate AWS CodePipeline with third-party services like GitHub, or use an AWS services such as AWS CodeCommit or Amazon ECR.
Amazon Elastic Container Registry (Amazon ECR) is a fully managed registry that makes it easy for developers to store, manage, and deploy Docker container images. Amazon ECR is integrated with Amazon ECS to simplify your development-to-production workflow. Amazon ECR hosts your images in a highly available and scalable architecture so you can deploy containers for your applications reliably. Integration with AWS Identity and Access Management (IAM) provides resource-level control of each repository.
Amazon Elastic Container Service (Amazon ECS) highly scalable, high-performance container orchestration service that supports Docker containers and allows you to easily run and scale containerized applications on AWS. Amazon ECS eliminates the need for you to install and operate your own container orchestration software, manage and scale a cluster of virtual machines, or schedule containers on those virtual machines.
AWS Fargate is a compute engine for Amazon ECS that allows you to run containers without having to manage servers or clusters. With AWS Fargate, you no longer have to provision, configure, and scale clusters of virtual machines to run containers. This removes the need to choose server types, decide when to scale your clusters, or optimize cluster packing.
Other tools
Docker
is a platform that lets you build, test, and deliver applications in packages called containers. Git
is a distributed version-control system for tracking changes in source code during software development. It is designed for coordinating work among programmers, but it can be used to track changes in any set of files. Its goals include speed, data integrity, and support for distributed, non-linear workflows. You can also use AWS CodeCommit as an alternative to Git.
Epics
Task | Description | Skills required |
---|---|---|
Create a CodeBuild build project. | In the AWS CodeBuild console | App developer, AWS systems administrator |
Select the source. | This pattern uses Git for the code repository, so choose GitHub from the list of available options. Choose a public repository or from your GitHub account. | App developer, AWS systems administrator |
Select a repository. | Select the repository from which you want to build the code. | App developer, AWS systems administrator |
Select the environment. | You can select from a list of managed images or opt for a custom image using Docker. This pattern uses the following managed image:
| App developer, AWS systems administrator |
Choose a service role. | You can create a service role or select from a list of existing roles. | App developer, AWS systems administrator |
Add environment variables. | In the Additional configuration section, configure the following environment variables:
These variables are placeholders in the | App developer, AWS systems administrator |
Create a buildspec file. | You can create a | App developer, AWS systems administrator |
Configure the project for artifacts. | (Optional) Configure the build project for artifacts, if required. | App developer, AWS systems administrator |
Configure Amazon CloudWatch Logs. | (Optional) Configure Amazon CloudWatch Logs for the build project, if required. This step is optional but recommended. | App developer, AWS systems administrator |
Configure Amazon S3 logs. | (Optional) Configure Amazon Simple Storage Service (Amazon S3) logs for the build project, if you want to store the logs. | App developer, AWS systems administrator |
Task | Description | Skills required |
---|---|---|
Create a pipeline. | On the AWS CodePipeline console | App developer, AWS systems administrator |
Select a service role. | Create a service role or select from the list of existing service roles. If you are creating a service role, provide a name for the role and select the option for CodePipeline to create the role. | App developer, AWS systems administrator |
Choose an artifact store. | In Advanced settings, if you want Amazon S3 to create a bucket and store the artifacts in it, use the default location for the artifact store. Or, select a custom location and specify an existing bucket. You can also choose to encrypt the artifact by using an encryption key. | App developer, AWS systems administrator |
Specify the source provider. | For Source provider, choose GitHub (Version 2). | App developer, AWS systems administrator |
Select the repository and branch of the code. | If you are not logged in, provide the connection details to connect to GitHub, and then select the repository name and branch name. | App developer, AWS systems administrator |
Change detection options. | Choose Start the pipeline on source code change and move to the next page. | App developer, AWS systems administrator |
Select a build provider. | For Build provider, choose AWS CodeBuild, and then provide the AWS Region and project name details for the build project. For Build type, choose Single build. | App developer, AWS systems administrator |
Choose a deploy provider. | For Deploy provider, choose Amazon ECS. Choose the cluster name, the service name, the image definitions file, if any, and a deployment timeout value, if required. Choose Create pipeline. | App developer, AWS systems administrator |