code changes

Author: Sandip Das

buildspec_eks.yml

@@ -43,5 +43,5 @@ phases:
       - echo Pushing the Docker image...
       - docker push $AWS_ACCOUNT_ID.dkr.ecr.$AWS_DEFAULT_REGION.amazonaws.com/$IMAGE_REPO_NAME:$IMAGE_TAG
       - echo Push the latest image to cluster
-      - kubectl apply -f k8s/deployment/deployment.yaml
-      - kubectl rollout restart -f k8s/deployment/deployment.yaml
+      - kubectl apply -f eks_cicd/deployment.yaml
+      - kubectl rollout restart -f eks_cicd/deployment.yaml

eks_cicd/cluster.yaml

@@ -0,0 +1,14 @@
+apiVersion: eksctl.io/v1alpha5
+kind: ClusterConfig
+
+metadata:
+  name: cicd-demo #cluster name
+  region: us-west-2 #desired region
+
+nodeGroups:
+  - name: ng-1 #cluster node group name
+    instanceType: t2.medium #desired instance type
+    desiredCapacity: 3 #desired nodes count / capacity
+    ssh:
+      allow: false # if true - will use ~/.ssh/id_rsa.pub as the default ssh key
+      #publicKeyPath: ~/.ssh/ec2_id_rsa.pub #you can specify the public key path likr this as well

eks_cicd/deployment.yaml

@@ -0,0 +1,25 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  labels:
+    app.kubernetes.io/name: cicd-demo
+    app.kubernetes.io/instance: cicd-demo-instance
+    app.kubernetes.io/version: '1.0.0'
+    app.kubernetes.io/managed-by: kubectl
+  name: cicd-demo-deployment
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: cicd-demo
+  template:
+    metadata:
+      labels:
+        app: cicd-demo
+    spec:
+      containers:
+        - image: 120717539064.dkr.ecr.us-west-2.amazonaws.com/cicd-demo:latest
+          imagePullPolicy: Always
+          name: cicd-demo
+          ports:
+            - containerPort: 3000

eks_cicd/prereqs.sh

@@ -0,0 +1,63 @@
+#!/usr/bin/env bash
+
+# This script will install EKS prerequisites on Amazon Linux or Amazon Linux 2
+# * kubectl
+# * aws-iam-authenticator
+# * AWS CLI
+
+set -e
+
+mkdir -p $HOME/bin
+echo 'export PATH=$HOME/bin:$PATH' >>~/.bashrc
+
+# Install kubectl, if absent
+if ! type kubectl >/dev/null 2>&1; then
+	curl -o "kubectl https://amazon-eks.s3-us-west-2.amazonaws.com/1.10.3/2018-07-26/bin/$(uname -s)/amd64/kubectl"
+	chmod +x ./kubectl
+	cp ./kubectl $HOME/bin/kubectl && export PATH=$HOME/bin:$PATH
+	echo 'kubectl installed'
+else
+	echo 'kubectl already installed'
+fi
+
+# aws-iam-authenticator
+if ! type aws-iam-authenticator >/dev/null 2>&1; then
+	curl -o aws-iam-authenticator "https://amazon-eks.s3-us-west-2.amazonaws.com/1.10.3/2018-07-26/bin/$(uname -s)/amd64/aws-iam-authenticator"
+	chmod +x ./aws-iam-authenticator
+	cp ./aws-iam-authenticator $HOME/bin/aws-iam-authenticator && export PATH=$HOME/bin:$PATH
+	echo 'aws-iam-authenticator installed'
+else
+	echo 'aws-iam-authenticator already installed'
+fi
+
+# AWS CLI
+if ! type aws >/dev/null 2>&1; then
+	curl -o awscli-bundle.zip https://s3.amazonaws.com/aws-cli/awscli-bundle.zip
+	unzip awscli-bundle.zip
+	./awscli-bundle/install -b $HOME/bin/aws
+	echo 'AWS CLI installed'
+else
+	echo 'AWS CLI already installed'
+fi
+
+# eksctl
+if ! type eksctl >/dev/null 2>&1; then
+	curl --silent --location "https://github.com/weaveworks/eksctl/releases/download/latest_release/eksctl_$(uname -s)_amd64.tar.gz" | tar xz -C /tmp
+	mv /tmp/eksctl $HOME/bin
+	echo 'eksctl installed'
+else
+	echo 'eksctl already installed'
+fi
+
+# kubectx/kubens
+if ! type kubectx >/dev/null 2>&1; then
+	git clone https://github.com/ahmetb/kubectx /opt/kubectx
+	ln -s /opt/kubectx/kubectx /usr/local/bin/kubectx
+	ln -s /opt/kubectx/kubens /usr/local/bin/kubens
+	echo 'kubectx installed'
+else
+	echo 'kubectx already installed'
+fi
+
+# Test if AWS credentials exist
+aws sts get-caller-identity

eks_cicd/service.yaml

@@ -0,0 +1,18 @@
+apiVersion: v1
+kind: Service
+metadata:
+  labels:
+    app.kubernetes.io/name: cicd-demo
+    app.kubernetes.io/instance: cicd-demo-instance
+    app.kubernetes.io/version: "1.0.0"
+    app.kubernetes.io/component: backend
+    app.kubernetes.io/managed-by: kubectl
+  name: cicd-demo
+spec:
+  selector:
+    app: cicd-demo
+  type: LoadBalancer
+  ports:
+   -  protocol: TCP
+      port: 80
+      targetPort: 3000

index.js

@@ -5,7 +5,7 @@ const config = require('config')
 console.log(config);
 
 app.get('/', (req, res) => {
-  res.send('Sample App V2!')
+  res.send('CICD App V1!')
 })
 
 app.get('/status', (req, res) => {

k8s/deployment/deployment.yaml

@@ -2,24 +2,24 @@ apiVersion: apps/v1
 kind: Deployment
 metadata:
   labels:
-    app.kubernetes.io/name: sample-demo
-    app.kubernetes.io/instance: sample-demo-instance
+    app.kubernetes.io/name: cicd-demo
+    app.kubernetes.io/instance: cicd-demo-instance
     app.kubernetes.io/version: '1.0.0'
     app.kubernetes.io/managed-by: kubectl
-  name: sample-demo-deployment
+  name: cicd-demo-deployment
 spec:
   replicas: 1
   selector:
     matchLabels:
-      app: sample-demo
+      app: cicd-demo
   template:
     metadata:
       labels:
-        app: sample-demo
+        app: cicd-demo
     spec:
       containers:
-        - image: 120717539064.dkr.ecr.us-west-2.amazonaws.com/sample-demo-app:latest
+        - image: 120717539064.dkr.ecr.us-west-2.amazonaws.com/cicd-demo:latest
           imagePullPolicy: Always
-          name: sample-demo
+          name: cicd-demo
           ports:
             - containerPort: 3000

k8s/deployment/service.yaml

@@ -2,15 +2,15 @@ apiVersion: v1
 kind: Service
 metadata:
   labels:
-    app.kubernetes.io/name: sample-demo
-    app.kubernetes.io/instance: sample-demo-instance
+    app.kubernetes.io/name: cicd-demo
+    app.kubernetes.io/instance: cicd-demo-instance
     app.kubernetes.io/version: "1.0.0"
     app.kubernetes.io/component: backend
     app.kubernetes.io/managed-by: kubectl
-  name: sample-demo
+  name: cicd-demo
 spec:
   selector:
-    app: sample-demo
+    app: cicd-demo
   type: LoadBalancer
   ports:
    -  protocol: TCP

k8s/rbac/aws-auth.yaml

@@ -1,44 +1,16 @@
 apiVersion: v1
 data:
   mapRoles: |
-    - rolearn: arn:aws:iam::120717539064:role/service-role/codebuild-samplecicddemo-service-role
+    - rolearn: arn:aws:iam::120717539064:role/NodeInstanceRole
       username: system:node:{{EC2PrivateDNSName}}
       groups:
-        - system:bootstrappers
-        - system:nodes
-        - system:masters
-  mapUsers: |
-    []
+      - system:bootstrappers
+      - system:nodes      
+    - rolearn: arn:aws:iam::120717539064:role/codebuild-samplecicddemo-service-role
+      username: codebuild-samplecicddemo-service-role
+      groups:
+        - system:masters        
 kind: ConfigMap
 metadata:
-  annotations:
-    kubectl.kubernetes.io/last-applied-configuration: |
-      {"apiVersion":"v1","data":{"mapRoles":"- rolearn: arn:aws:iam::120717539064:role/service-role/codebuild-samplecicddemo-service-role\n  username: system:node:{{EC2PrivateDNSName}}\n  groups:\n    - system:bootstrappers\n    - system:nodes\n"},"kind":"ConfigMap","metadata":{"annotations":{},"name":"aws-auth","namespace":"kube-system"}}
-  creationTimestamp: "2021-04-25T21:17:41Z"
-  managedFields:
-  - apiVersion: v1
-    fieldsType: FieldsV1
-    fieldsV1:
-      f:data:
-        .: {}
-        f:mapUsers: {}
-    manager: eksctl
-    operation: Update
-    time: "2021-04-25T21:17:41Z"
-  - apiVersion: v1
-    fieldsType: FieldsV1
-    fieldsV1:
-      f:data:
-        f:mapRoles: {}
-      f:metadata:
-        f:annotations:
-          .: {}
-          f:kubectl.kubernetes.io/last-applied-configuration: {}
-    manager: kubectl
-    operation: Update
-    time: "2021-04-27T04:26:27Z"
   name: aws-auth
-  namespace: kube-system
-  resourceVersion: "327185"
-  selfLink: /api/v1/namespaces/kube-system/configmaps/aws-auth
-  uid: a67fcc4b-f7f8-4796-9c1a-1e5f72ca1657
+  namespace: kube-system