Part 1 - Hands-On: Deploy a Microservice to AWS with one click

Prerequisites

• Java 8
• Maven
• Git
• Docker for Windows (Windows 10)
• Jenkins
• AWS Account

Amazon Web Services (AWS)

In this tutorial we will be using eu-central-1 as our preferred region. All links in the tutorial point to this region.

Identity and Access Management (IAM)

Creating a Jenkins user in AWS

Navigate to the IAM Menu (https://console.aws.amazon.com/iam/home) and create a new user for Jenkins.
Select the checkbox for Programmatic access

Adding Permissions

Assign the AdministratorAccess policy to the Jenkins user. This allows us to use all resources that we need.
Otherwise, we would need to add the following policies to Jenkins

• AmazonEC2FullAccess
• AmazonEC2ContainerServiceFullAccess
• AmazonEC2ContainerRegistryFullAccess
• AmazonSQSFullAccess
• AmazonS3FullAccess
• AWSCodeCommitReadOnly
• Custom policy that allows us to create, delete and assign roles for all resources

Access Key and Secret Key

After we have created the users Access Key, the associated Secret Key will be shown.
Download the .csv containing the Access Key and Secret Key.

! IMPORTANT: The Secret Key will not be shown beyond this point. If you forget to note it down you will have to generate a new one for the user. !

CodeCommit Access

To use the AWS CodeCommit Repository that we will create later on, we will need credentials to access it. Go to the Jenkins User Security credentials and click the Generate button under "HTTPS Git credentials for AWS CodeCommit"

Download the .csv containing the CodeCommit credentials.

! IMPORTANT: The Password will not be shown beyond this point. If you forget to note it down you will have to reset the password or generate new credentials for the user. !

AWS Command Line Interface (AWS CLI)

The AWS CLI is necessary to execute AWS specific commands that are not available through plugins.

Installing the AWS CLI for a user

https://docs.aws.amazon.com/cli/latest/userguide/awscli-install-windows.html#install-msi-on-windows
Download the installer and run it on your Windows machine. It should install the AWS CLI making it available in Command Prompt (cmd) and Powershell.

Configuring the AWS CLI

Configure CLI: Run aws configure with Jenkins Access/Secret Key (https://docs.aws.amazon.com/cli/latest/userguide/cli-chap-getting-started.html#cli-quick-configuration)

To configure the AWS CLI, open cmd or powershell and enter aws configure. Enter your data as shown below:

Commandprompt (cmd)

C:\Users\exampleuser>
aws configureAWS
Access Key ID [None]: AKIAIOSFODNN7EXAMPLEAWSSecret
Access Key [None]: wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
Default region name [None]: eu-central-1
Default output format [None]: json

Copying the AWS CLI to the SYSTEM user

Copy the generated .aws folder located at C:\Users\\.aws to the home directory of the SYSTEM user C:\Windows\System32\config\systemprofile (Jenkins runs on SYSTEM User)

Jenkins should now be able to run AWS CLI commands.

CodeCommit

AWS CodeCommit is a version control service hosted by Amazon Web Services that you can use to privately store and manage assets (such as documents, source code, and binary files) in the cloud.

We will use it to commit the source code and the CloudFormation configuration.

Creating a CodeCommit Repository

Steps to create a new repository: https://eu-central-1.console.aws.amazon.com/codecommit/home?region=eu-central-1

• Click on Create Repository
• Set a name
• Set a description (optional)
• Click on Create
• Click on Skip

Simple Notification Service (SNS) and Simple Queue Service (SQS)

In order that Jenkins triggers a build on git push, Jenkins listens to a queue which gets notified through an SNS Topic.

Git Push → (Push Trigger) → Sends Message to Topic (SNS) → Directs Message to Subscribers (Queue, SQS) → Jenkins (SQS Listener)

1) Create SNS Topic: https://eu-central-1.console.aws.amazon.com/sns/v2/home?region=eu-central-1#/topics

Steps to create a new topic:

• Navigate to SNS
• Click on Create new topic
• Set a topic name
• Set a display name (optional)
• Click on Create topic

2) Create CodeCommit Trigger (on push to existing branches) linking to SNS Topic

Steps to create a push trigger:

• Navigate to the CodeCommit repository
• Go to Settings
• Go to the tab Triggers
• Click on Create Trigger
• Set a trigger name
• Select Push to existing branch as event
• Make sure Send to expects Amazon SNS
• Select the previously created SNS Topic

3) Create SQS: https://eu-central-1.console.aws.amazon.com/sqs/home?region=eu-central-1

Steps to create a new queue:

• Navigate to SQS
• Click on Create New Queue
• Set a name
• Click on Create Queue

4) Subscribe Queue to SNS Topic: https://eu-central-1.console.aws.amazon.com/sqs/home?region=eu-central-1

Steps to subscribe your queue to a topic:

• Select your queue in the list
• Click on Queue Actions
• Click on Subscribe Queue to SNS Topic
• Select the topic from the dropdown menu
• Click on Subscribe

S3 Bucket

We will use the S3 bucket to store our built .jar files and CloudFormation Templates, so that the AWS CloudFormation can access them.

Creating an S3 Bucket

https://s3.console.aws.amazon.com/s3/home?region=eu-central-1

Steps to create a new S3 Bucket:

• Click on Create Bucket
• Set a name
• Click on Create

! The bucket name must be unique across all existing bucket names in Amazon S3 !

Elastic Container Repository

We use ECS to run our application. In order to do so, we need to initially create an ECR where we can upload our docker images.

Create a new repository:

• Navigate to Elastic Container Services
• Click on Repositories
• Click on Create repository
• Set a name: springio/gs-spring-boot-docker
• Click on Next step
• Click on Done

The URI that will be needed later can be seen in either the list view of all repositories or the detail view.

Stay tuned for Part 2 of the Hands-On series: Java Application and CloudFormation Templates - coming soon.