Deploy a CI/CD pipeline for Java microservices on Amazon ECS

Created by Vijay Thompson (AWS) and Sankar Sangubotla (AWS)

Environment: PoC or pilot

Technologies: DevOps; Containers & microservices

AWS services: AWS CodeBuild; Amazon EC2 Container Registry; Amazon ECS; AWS Fargate; AWS CodePipeline

Summary

This pattern guides you through the steps for deploying a continuous integration and continuous delivery (CI/CD) pipeline for Java microservices on an existing Amazon Elastic Container Service (Amazon ECS) cluster by using AWS CodeBuild. When the developer commits the changes, the CI/CD pipeline is initiated and the build process starts in CodeBuild. When the build is complete, the artifact is pushed to Amazon Elastic Container Registry (Amazon ECR) and the latest build from Amazon ECR is picked up and pushed to the Amazon ECS service.

Prerequisites and limitations

Prerequisites

• An existing Java microservices application running on Amazon ECS

• Familiarity with AWS CodeBuild and AWS CodePipeline

Architecture

Source technology stack

• Java microservices running on Amazon ECS

• Code repository in Amazon ECR

• AWS Fargate

Source architecture

Target technology stack

• Amazon ECR

• Amazon ECS

• AWS Fargate

• AWS CodePipeline

• AWS CodeBuild

Target architecture

Automation and scale

CodeBuild buildspec.yml file:

version: 0.2

phases:
  pre_build:
    commands:
      - echo Logging in to Amazon ECR...
      - aws --version
      - $(aws ecr get-login --region $AWS_DEFAULT_REGION --no-include-email)
      - REPOSITORY_URI=$AWS_ACCOUNT_ID.dkr.ecr.$AWS_DEFAULT_REGION.amazonaws.com/$IMAGE_REPO
      - COMMIT_HASH=$(echo $CODEBUILD_RESOLVED_SOURCE_VERSION | cut -c 1-7)
      - IMAGE_TAG=build-$(echo $CODEBUILD_BUILD_ID | awk -F":" '{print $2}')
  build:
    commands:
      - echo Build started on `date`
      - echo building the Jar file
      - mvn clean install
      - echo Building the Docker image...
      - docker build -t $REPOSITORY_URI:$BUILD_TAG .
      - docker tag $REPOSITORY_URI:$BUILD_TAG $REPOSITORY_URI:$IMAGE_TAG
  post_build:
    commands:
      - echo Build completed on `date`
      - echo Pushing the Docker images...
      - docker push $REPOSITORY_URI:$BUILD_TAG
      - docker push $REPOSITORY_URI:$IMAGE_TAG
      - echo Writing image definitions file...
      - printf '[{"name":"%s","imageUri":"%s"}]' $DOCKER_CONTAINER_NAME $REPOSITORY_URI:$IMAGE_TAG > imagedefinitions.json
      - cat imagedefinitions.json 
artifacts:
    files: 
     - imagedefinitions.json
     - target/DockerDemo.jar

Tools

AWS services

• AWS CodeBuild is a fully managed build service that helps you compile source code, run unit tests, and produce artifacts that are ready to deploy. AWS CodeBuild scales continuously and processes multiple builds concurrently, so your builds are not left in the queue.

• AWS CodePipeline helps you quickly model and configure the different stages of a software release and automate the steps required to release software changes continuously. You can integrate AWS CodePipeline with third-party services like GitHub, or use an AWS services such as AWS CodeCommit or Amazon ECR.

• Amazon Elastic Container Registry (Amazon ECR) is a fully managed registry that makes it easy for developers to store, manage, and deploy Docker container images. Amazon ECR is integrated with Amazon ECS to simplify your development-to-production workflow. Amazon ECR hosts your images in a highly available and scalable architecture so you can deploy containers for your applications reliably. Integration with AWS Identity and Access Management (IAM) provides resource-level control of each repository.

• Amazon Elastic Container Service (Amazon ECS) highly scalable, high-performance container orchestration service that supports Docker containers and allows you to easily run and scale containerized applications on AWS. Amazon ECS eliminates the need for you to install and operate your own container orchestration software, manage and scale a cluster of virtual machines, or schedule containers on those virtual machines.

• AWS Fargate is a compute engine for Amazon ECS that allows you to run containers without having to manage servers or clusters. With AWS Fargate, you no longer have to provision, configure, and scale clusters of virtual machines to run containers. This removes the need to choose server types, decide when to scale your clusters, or optimize cluster packing.

Other tools

• Docker is a platform that lets you build, test, and deliver applications in packages called containers.

• Git is a distributed version-control system for tracking changes in source code during software development. It is designed for coordinating work among programmers, but it can be used to track changes in any set of files. Its goals include speed, data integrity, and support for distributed, non-linear workflows. You can also use AWS CodeCommit as an alternative to Git.

Epics

Set up the build project in AWS CodeBuild

Task	Description	Skills required
Create a CodeBuild build project.	In the AWS CodeBuild console, create a build project, and specify its name.	App developer, AWS systems administrator
Select the source.	This pattern uses Git for the code repository, so choose GitHub from the list of available options. Choose a public repository or from your GitHub account.	App developer, AWS systems administrator
Select a repository.	Select the repository from which you want to build the code.	App developer, AWS systems administrator
Select the environment.	You can select from a list of managed images or opt for a custom image using Docker. This pattern uses the following managed image: Amazon Linux 2 Runtime: Standard Image version 1.0	App developer, AWS systems administrator
Choose a service role.	You can create a service role or select from a list of existing roles.	App developer, AWS systems administrator
Add environment variables.	In the Additional configuration section, configure the following environment variables: AWS_DEFAULT_REGION for the default AWS Region AWS_ACCOUNT_ID for the user account number IMAGE_REPO for the Amazon ECR private repository BUILD_TAG for the version of the build (latest build is the value for this variable) DOCKER_CONTAINER_NAME for the name of the container in the task These variables are placeholders in the buildspec.yml file and will be replaced with their respective values.	App developer, AWS systems administrator
Create a buildspec file.	You can create a buildspec.yml file at the same location as pom.xml and add the configuration that is provided in this pattern, or use the online buildspec editor and add the configuration. Configure the environmental variables with the appropriate values by following the steps provided.	App developer, AWS systems administrator
Configure the project for artifacts.	(Optional) Configure the build project for artifacts, if required.	App developer, AWS systems administrator
Configure Amazon CloudWatch Logs.	(Optional) Configure Amazon CloudWatch Logs for the build project, if required. This step is optional but recommended.	App developer, AWS systems administrator
Configure Amazon S3 logs.	(Optional) Configure Amazon Simple Storage Service (Amazon S3) logs for the build project, if you want to store the logs.	App developer, AWS systems administrator

Configure the pipeline in AWS CodePipeline

Task	Description	Skills required
Create a pipeline.	On the AWS CodePipeline console, create a pipeline and specify its name. For more information about creating a pipeline, see the AWS CodePipeline documentation.	App developer, AWS systems administrator
Select a service role.	Create a service role or select from the list of existing service roles. If you are creating a service role, provide a name for the role and select the option for CodePipeline to create the role.	App developer, AWS systems administrator
Choose an artifact store.	In Advanced settings, if you want Amazon S3 to create a bucket and store the artifacts in it, use the default location for the artifact store. Or, select a custom location and specify an existing bucket. You can also choose to encrypt the artifact by using an encryption key.	App developer, AWS systems administrator
Specify the source provider.	For Source provider, choose GitHub (Version 2).	App developer, AWS systems administrator
Select the repository and branch of the code.	If you are not logged in, provide the connection details to connect to GitHub, and then select the repository name and branch name.	App developer, AWS systems administrator
Change detection options.	Choose Start the pipeline on source code change and move to the next page.	App developer, AWS systems administrator
Select a build provider.	For Build provider, choose AWS CodeBuild, and then provide the AWS Region and project name details for the build project. For Build type, choose Single build.	App developer, AWS systems administrator
Choose a deploy provider.	For Deploy provider, choose Amazon ECS. Choose the cluster name, the service name, the image definitions file, if any, and a deployment timeout value, if required. Choose Create pipeline.	App developer, AWS systems administrator

Related resources

• AWS ECS documentation

• AWS ECR documentation

• AWS CodeBuild documentation

• AWS CodeCommit documentation

• AWS CodePipeline documentation

• Build a Continuous Delivery Pipeline for Your Container Images with Amazon ECR as Source (blog post)