Now you have run the application, or you have scaled your application into a multi environment having dozens of microservices, a Kubernetes cluster, an API, back-end server, just a sophisticated ecosystem for your SaaS application. Plus, you might have a web development team distributed in Mexico, US, Asia.
How are you going to make synergy across all these assets, the environments without errors, no downtime and with high quality?. And for that, you need a solution which is deploy a CI CD Pipeline.
CI CD Pipeline for SaaS applications
The CI CD stack that we are going to cover are Amazon CodePipeline, Amazon CodeCommit, Amazon CodeBuild, DevSecOps, Kubernetes with Amazon EKS, Docker and a Java application.
To give you some context we have Kubernetes, we’ll be using a microservice architecture with Docker and Amazon EKS. But before beginning with the developer journey, how all this CI CD is a structure or goes across this architecture?.
Well, I would like to explain the difference between all these three services.
If we begin with Amazon CodePipeline, which is the CI CD tool or orchestrator from Amazon to automate the step for releasing software and it’s composed on Amazon CodeCommit and Amazon CodeBuild which in the left side we have CodeCommit and it’s a source control system similar to GitHub, Bitbucket, GitLab, etc. It’s just a regular git repository, but it gives you scalability, redundancy and it’s and is a managed service from Amazon.
Then in the right side of this service, which is Amazon CodeBuild, obviously it helps you create bills, create artifacts and build the code that you might have in your repo, containers, etc.
In order to orchestrate the CI CD process, you need two files. One is the deployment yml and the buildspec.yml, which needs to be specified in Amazon CodePipeline. These two files need to be specified in Amazon CodeCommit before starting the build process. Don’t forget that, it’s very, very important.
So now that you’re ready to build your code, your image, you need to execute the buildspec.yml, which it’s in the deployment manifest coming from the CodeCommit source repository and this file has a few steps as you can notice. It begins with the install step which obviously you can here install any dependencies, frameworks, libraries.
For example, if you are using Python, you could specify the version and framework of Python, which in this case would be the jungle, or in our case, is a Java application. Well, you might specify a JJK framework and a library.
After that, you jump to the next step which is the prebuild, usually before building, before building the image.
It’s a good practice in fintech application, banking, healthcare, that you could run at a static code analysis CSA from Vera code or Snyk.
Then we are using DevSecOps when you are embedding your security in a CI CD pipeline. After getting a successful analysis from the security side in this step, well, you can now build the image.
As a next step, we go to the build stage, which comes all the testing like UI testing, integration testing, security testing, test just the container, the image. And if everything goes as moly, then you can push the image to Amazon ECR, or just after finishing this process you push the image to Amazon is ECR.
So the last stage, which is the post-build process. Well, after all these steps, if you got success in all of them, from checking dependencies, running security testing, build an image, testing the image and the container which is in the image, well, now it’s time to update the Kubernetes cluster.
So is time, in this case, to run a few steps to deploy or update the EKS cluster. Either using deployment or rolling updates deployment.
So just don’t forget that if you have any trouble on these stages, you could use the hand of Amazon Cloudwatch, which you can review the locks or troubleshoot any bill or contain deployment.
And lastly, don’t forget that EKS clusters need to be updated with the latest container image previously cooked. Also, something to remember that these procedures can be done using other tools like Jenkins, Gitlab, CircleCI, it doesn’t matter, the process is similar, just what it changes is the tool, the cloud native tools to agnostic tools of what I just described it.
And if you need a hand, just give us a call, our nearshore DevOps engineers have done several times, we are experts supporting this type of pipeline, so don’t hesitate to contact us.
So, any thoughts, this CI CD pipeline architecture should give you a great start on how to create an enterprise CI CD pipeline using Kubernetes, Docker, AWS CodePipeline and the AWS cloud native tools.
Now, to find out more about how ClickIT helps SaaS Enterprises run and develop DevOps practices in the cloud or just curious about hiring a nearshore Software Developer in your same timezone, please check out our website at clickittech.com.