microservice deployment using terraform

Author: Nidhi Gupta

.github/workflows/client_build.yaml

@@ -59,6 +59,44 @@ jobs:
           docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG .
           docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG
           echo "::set-output name=image::$ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG"
+  terraform:
+    needs: build
+    name:  Terraform Deployment
+    runs-on: [ ubuntu-latest ]
+    defaults:
+      run:
+        working-directory: ./microservices/HelloWorldClient/terraform
+    strategy:
+      max-parallel: 1
+    env:
+      aws_secret_access_key: ${{ secrets.AWS_ACCESS_KEY_ID }}
+      aws_access_key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+    steps:
+    - uses: actions/checkout@v3
+    - name: Configure AWS credentials
+      uses: aws-actions/configure-aws-credentials@v1
+      with:
+        aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
+        aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+        aws-region: us-east-1
+    - uses: hashicorp/setup-terraform@v1
+      with:
+          terraform_wrapper: false
+    - name: Terraform Init
+      id: init
+      run: |
+        rm -rf .terraform
+        terraform init
+    - name: Terraform Plan
+      id: plan
+      run: |
+        terraform plan
+    - name: Terraform apply
+      if: github.ref == 'refs/heads/main'
+      id: apply
+      run: |
+        terraform apply --auto-approve=true
+
 
 
 

.github/workflows/world_build.yaml

@@ -59,6 +59,44 @@ jobs:
           docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG .
           docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG
           echo "::set-output name=image::$ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG"
+  terraform:
+    needs: build
+    name:  Terraform Deployment
+    runs-on: [ ubuntu-latest ]
+    defaults:
+      run:
+        working-directory: ./microservices/WorldService/terraform
+    strategy:
+      max-parallel: 1
+    env:
+      aws_secret_access_key: ${{ secrets.AWS_ACCESS_KEY_ID }}
+      aws_access_key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+    steps:
+    - uses: actions/checkout@v3
+    - name: Configure AWS credentials
+      uses: aws-actions/configure-aws-credentials@v1
+      with:
+        aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
+        aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+        aws-region: us-east-1
+    - uses: hashicorp/setup-terraform@v1
+      with:
+          terraform_wrapper: false
+    - name: Terraform Init
+      id: init
+      run: |
+        rm -rf .terraform
+        terraform init
+    - name: Terraform Plan
+      id: plan
+      run: |
+        terraform plan
+    - name: Terraform apply
+      if: github.ref == 'refs/heads/main'
+      id: apply
+      run: |
+        terraform apply --auto-approve=true
+
 
 
 

microservices/HelloWorldClient/terraform/data.tf

@@ -0,0 +1,7 @@
+data "aws_eks_cluster" "cluster" {
+  name = "eks-1"  # Change this to your EKS cluster name
+}
+
+data "aws_eks_cluster_auth" "cluster" {
+  name = data.aws_eks_cluster.cluster.name
+}

microservices/HelloWorldClient/terraform/main.tf

@@ -0,0 +1,11 @@
+resource "helm_release" "myapp" {
+  name       = "client-svc"
+  repository = "https://devops4solutions.github.io/springboot-helm-chart/" # Using the published Helm repo
+  chart      = "springboot"
+  namespace  = "app1"  # Change as per your setup
+  version    = "0.1.5"    # Use the correct version from index.yaml
+  create_namespace = "true"
+  values = [
+    file("${path.module}/values_client.yaml")  # Optional: Use custom values file
+  ]
+}

microservices/HelloWorldClient/terraform/providers.tf

@@ -0,0 +1,33 @@
+provider "aws" {
+  region = "us-east-1"
+  
+}
+
+provider "helm" {
+  kubernetes {
+    host                   = data.aws_eks_cluster.cluster.endpoint
+    token                  = data.aws_eks_cluster_auth.cluster.token
+    cluster_ca_certificate = base64decode(data.aws_eks_cluster.cluster.certificate_authority[0].data)
+  }
+}
+
+
+
+terraform {
+  required_providers {
+    helm = {
+      source = "hashicorp/helm"
+          version = "2.17.0" 
+    }
+    kubectl = {
+      source = "bnu0/kubectl"
+      version = "0.27.0"
+    }
+  }
+
+  backend "s3" {
+    region = "us-east-1"
+    bucket = "devops4solutions-terraform"
+    key    = "eks/clientservice.tfstate"
+  }
+}

microservices/HelloWorldClient/terraform/values_client.yaml

@@ -0,0 +1,43 @@
+replicaCount: 1
+image:
+  repository: public.ecr.aws/w0f5g4k6/client-svc
+  pullPolicy: IfNotPresent
+  tag: ""
+service:
+  type: ClusterIP
+  name: client
+  port: 80
+ingress:
+  enabled: true
+  className: "alb"
+  annotations:
+    alb.ingress.kubernetes.io/scheme: internet-facing
+    alb.ingress.kubernetes.io/target-type: ip
+    alb.ingress.kubernetes.io/healthcheck-path: /
+    alb.ingress.kubernetes.io/group.name: myapp
+  hosts:
+    - host: client.com
+      paths:
+        - path: /
+          pathType: Prefix  #  - secretName: chart-example-tls
+livenessProbe:
+  httpGet:
+    path: /
+    port: http
+readinessProbe:
+  httpGet:
+    path: /
+    port: http
+env:
+  HELLO_SERVICE_URL: "http://hello.default.svc.cluster.local"
+  WORLD_SERVICE_URL: "http://world.default.svc.cluster.local"
+serviceAccount:
+  create: true
+  automount: true
+  annotations: {}
+  name: ""
+autoscaling:
+  enabled: false
+  minReplicas: 1
+  maxReplicas: 100
+  targetCPUUtilizationPercentage: 80

microservices/WorldService/terraform/data.tf

@@ -0,0 +1,7 @@
+data "aws_eks_cluster" "cluster" {
+  name = "eks-1"  # Change this to your EKS cluster name
+}
+
+data "aws_eks_cluster_auth" "cluster" {
+  name = data.aws_eks_cluster.cluster.name
+}

microservices/WorldService/terraform/main.tf

@@ -0,0 +1,11 @@
+resource "helm_release" "myapp" {
+  name       = "world-svc"
+  repository = "https://devops4solutions.github.io/springboot-helm-chart/" # Using the published Helm repo
+  chart      = "springboot"
+  namespace  = "app1"  # Change as per your setup
+  version    = "0.1.5"    # Use the correct version from index.yaml
+  create_namespace = "true"
+  values = [
+    file("${path.module}/values_world.yaml")  # Optional: Use custom values file
+  ]
+}

microservices/WorldService/terraform/providers.tf

@@ -0,0 +1,33 @@
+provider "aws" {
+  region = "us-east-1"
+  
+}
+
+provider "helm" {
+  kubernetes {
+    host                   = data.aws_eks_cluster.cluster.endpoint
+    token                  = data.aws_eks_cluster_auth.cluster.token
+    cluster_ca_certificate = base64decode(data.aws_eks_cluster.cluster.certificate_authority[0].data)
+  }
+}
+
+
+
+terraform {
+  required_providers {
+    helm = {
+      source = "hashicorp/helm"
+          version = "2.17.0" 
+    }
+    kubectl = {
+      source = "bnu0/kubectl"
+      version = "0.27.0"
+    }
+  }
+
+  backend "s3" {
+    region = "us-east-1"
+    bucket = "devops4solutions-terraform"
+    key    = "eks/worldservice.tfstate"
+  }
+}

microservices/WorldService/terraform/values_world.yaml

@@ -0,0 +1,40 @@
+replicaCount: 1
+image:
+  repository: public.ecr.aws/w0f5g4k6/world-svc
+  pullPolicy: IfNotPresent
+service:
+  type: ClusterIP
+  port: 80
+  name: world
+ingress:
+  enabled: true
+  className: "alb"
+  annotations:
+    alb.ingress.kubernetes.io/scheme: internet-facing
+    alb.ingress.kubernetes.io/target-type: ip
+    alb.ingress.kubernetes.io/healthcheck-path: /world
+    alb.ingress.kubernetes.io/group.name: myapp
+  hosts:
+    - host: world.com
+      paths:
+        - path: /world
+          pathType: Prefix
+livenessProbe:
+  httpGet:
+    path: /world
+    port: http
+readinessProbe:
+  httpGet:
+    path: /world
+    port: http
+serviceAccount:
+  create: true
+  automount: true
+  annotations: {}
+  name: ""
+autoscaling:
+  enabled: false
+  minReplicas: 1
+  maxReplicas: 100
+  targetCPUUtilizationPercentage: 80
+