cicd flow

I've worked on various Jenkins pipelines to streamline CI/CD processes within our organization. Given the different range of applications, I've created CI/CD pipelines to suit the specific needs of each application. These pipelines incorporate build tools such as Maven, Sonar, Docker, Tomcat and others, ensuring seamless integration and deployment workflows.

CI process — stages

Check out the source code in the Jenkins workspace.
Perform the Sonar scan; if the scan result is successful, the build will proceed with other activities in the job; otherwise, abort the job.
Create the binaries (war, docker image, .exe) according to the build tools used.
Publish the binaries (war, docker image, .exe) to the JFrog Artifactory.

Once these activities are completed, the CI part is complete and the CD part will start. The CI job will initiate the CD job from the post-build section, triggering the CD job with parameters.

CD job for deploying to Kubernetes clusters

Checkout the Git repository that contains the manifest file.
Update the manifest file with the latest image tag.
Login to the Kubernetes cluster with an IAM user.
Deploy the application using kubectl commands on the cluster.
Verify the deployment.
If deployment fails:
- Check application logs and try to fix the issue.
- If unable to fix, roll back to the previous version.

CD job for deploying to Tomcat (Ansible playbook tasks)

The Ansible playbook contains the following tasks:

Download the binaries to the Tomcat server and extract them.
Stop the Tomcat service.
Take a backup of existing binaries and configuration files.
Copy the latest binaries, configuration files and dependencies to the targeted path.
Start the Tomcat service and verify the deployment.
If deployment fails:
- Examine application logs to identify and address issues.
- If possible, fix the problem; otherwise, roll back to the previous version.

Kubernetes deployment steps

Jenkinsfile to define a pipeline for deploying a Spring Boot application to an EKS cluster using Jenkins.

The pipeline should include the following high-level steps:

Checkout the Git repository
Build a JAR
Build a Docker image
Push the image to ECR
Integrate Jenkins with the EKS cluster
Deploy the app to EKS

To use this in Jenkins, select “Pipeline script” under the pipeline section and specify the necessary steps.

Jenkinsfile

If you look in detail, the pipeline contains five stages. The following stepper breaks down each stage and its content.

Checkout

Retrieves code from a Git repository.
Specifies the repository URL and branch (example uses main).
Code is checked out to the Jenkins workspace for subsequent stages.

Maven Build (Build Jar)

Cleans previous build artifacts:
- sh 'mvn clean'
Builds the JAR:
- sh 'mvn package'
Produces an executable JAR used later in the pipeline.

Note: JARs may be rebuilt when code changes or for new releases.

Docker Image Build

Builds a Docker image using the Dockerfile in the project:
- sh 'docker build -t <IMAGE_NAME> .'
The -t option names the image; the build context is the current directory.

Push Docker Image to ECR

Authenticate and push the image to Amazon ECR using the AWS CLI:
- aws ecr get-login-password --region <AWS_REGION> | docker login --username AWS --password-stdin <ECR_REGISTRY_ID>
- docker tag <IMAGE_NAME>:latest <ECR_REGISTRY_ID>/<IMAGE_NAME>:latest
- docker push <ECR_REGISTRY_ID>/<IMAGE_NAME>:latest
Uses AWS credentials configured in Jenkins (e.g., withAWS block).

Integrate Jenkins with EKS and Deploy

Update kubeconfig to connect to the EKS cluster:
- sh 'aws eks update-kubeconfig --name <EKS_CLUSTER_NAME> --region <AWS_REGION>'
Deploy resources to the cluster:
- sh "kubectl apply -f <K8S_DEPLOY_FILE>.yaml"
Uses Jenkins’ AWS integration to run the commands securely.

Trigger the pipeline

Start the pipeline by clicking “Build Now” in the Jenkins Dashboard.

Monitor the pipeline

Monitor pipeline progress and view build logs to identify issues.

Interact with a cluster from terminal

Retrieve the status of an EKS cluster:

aws eks describe-cluster --region <region-name> --name <cluster-name> --query cluster.status

Update the kubeconfig file

The kubeconfig file manages communication between kubectl and the cluster. Update it with:

aws eks --region <region-name> update-kubeconfig --name <cluster-name>

Retrieve data from the cluster

Common kubectl commands:

kubectl get nodes kubectl get pods kubectl get services kubectl get deployments

Expose the service

To make a service accessible outside the cluster, expose it as a LoadBalancer. If your service is not accessible yet, change the service type to LoadBalancer before deploying.

Service type LoadBalancer

Change your Service type to LoadBalancer before deploying to make it accessible from the internet.

Get the external IP

Run:

kubectl get svc

This will list services and include the external IP assigned to LoadBalancer-type services.

Example

Open a web browser and enter: : — ensure the port is open and accessible.

Allow the required ports

Configure the security group associated with the worker nodes in the EKS cluster to allow incoming traffic on the port used by the service.

Previousbuild triggers Nextdisable jenkins security

hashtagCI process — stages

hashtagCD job for deploying to Kubernetes clusters

hashtagCD job for deploying to Tomcat (Ansible playbook tasks)

hashtagKubernetes deployment steps

hashtagCheckout

hashtagMaven Build (Build Jar)

hashtagDocker Image Build

hashtagPush Docker Image to ECR

hashtagIntegrate Jenkins with EKS and Deploy

hashtagTrigger the pipeline

hashtagMonitor the pipeline

hashtagInteract with a cluster from terminal

hashtagUpdate the kubeconfig file

hashtagRetrieve data from the cluster

hashtagExpose the service

hashtagService type LoadBalancer

hashtagGet the external IP

hashtagExample

hashtagAllow the required ports