Phase 3

STREAMLINING CONTAINERIZED APPLICATION DEPLOYMENT ON IBM CLOUD

KUBERNETES USING CONTAINER REGISTRY

PHASE 3- SOLUTION DEVELOPMENT AND TESTING

College Name: Shridevi Institutes of Engineering & Technology

Members:

• Name: Bimmi Kumari

CAN ID Number: CAN_33749104

• Name: Kishor N
CAN ID Number: CAN_33717615

• Name: Henjesh K O
CAN ID Number: CAN_33716460

• Name: Abhinav Devaraj T R

CAN ID Number: CAN_33716092

SOLUTION DEVELOPMENT:

Setting up IBM Cloud Environment and Configuring Necessary Tools

Step 1: Create an IBM Cloud Account

IBM Cloud Account Details


Full Name: Bimmi Kumari


Email: [email protected]


Username: Bimmi Kumari


Account Type: Personal

DEVOPS ENGINEER
 Phase 3


Billing Account: using feature-code

IBM Cloud Account ID: 8a4e35c671064604a56ac66de17fb9a1

Step 2: Install Required Tools Locally

1. Install Minikube


Installation Command:

https://storage.googleapis.com/minikube/releases/latest/minikube-installer.exe

Dummy Installation Path:

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kubernetes


Verify Installation:

minikube version


Expected Output:

minikube version:

v1.30.1 2.


Installation Command:

curl -LO "https://dl.k8s.io/release/v1.27.0/bin/windows/amd64/kubectl.exe"


Dummy Installation Path:
C:\Users\ProgramData\kubectl\kubectl.exe


Verify Installation:

kubectl version --client


Output:

Client Version: v1.27.0 Install kubectl

3. Install Docker

DEVOPS ENGINEER
 Phase 3


Download URL:
Docker Desktop for Windows


Dummy Installation Path:
C:\Program Files\Docker\Docker.exe


Verify Installation:

docker --version


Output:

Docker version 24.0.5, build abc123xyz

Step 3: Set Up IBM Cloud Container Registry

2. Create a Namespace for Your Container Images


Command to Create Namespace :

ibmcloud cr namespace-add niranjan


Output:

Creating namespace 'niranjan'...

OK

Namespace 'niranjan' created successfully.

3. Enable Image Vulnerability Scanning


Command to Enable Image Vulnerability Scanning:

ibmcloud cr vulnerability-scan-enable --namespace niranjan


Output:

Vulnerability scanning is now enabled for the ‘niranjan’ namespace.

DEVOPS ENGINEER
 Phase 3

Implementing Containerization and Pushing to IBM Cloud Container Registry

Step 1: Dockerize the Application

1. Create Dockerfiles

Frontend Dockerfile (/public/Dockerfile):

FROM node:16-alpine

WORKDIR /app

COPY . .

RUN npm install

EXPOSE 3000

CMD ["npm", "start"]

Backend Dockerfile (/server/Dockerfile):

FROM node:16-alpine

WORKDIR /app

COPY . .

RUN npm install

EXPOSE 5000

CMD ["node", "server.js"]

2. Build Docker Images

docker build -t frontend-app:1.0 ./public

docker build -t backend-app:1.0 ./server

Step 2: Push Docker Images to IBM Cloud Container Registry

1. Tag the Images

DEVOPS ENGINEER
 Phase 3

docker tag frontend-app:1.0 <region>.icr.io/<namespace>/frontend-app:1.0 docker

tag backend-app:1.0 <region>.icr.io/<namespace>/backend-app:1.0

2. Log in to IBM Cloud Container Registry

ibmcloud cr login

3. Push the Images

docker push <region>.icr.io/<namespace>/frontend-app:1.0

docker push <region>.icr.io/<namespace>/backend-app:1.0

SECTION 2: TESTING THE SOLUTION

Step 1: Set Up Minikube and Deploy Applications

1. Start Minikube

minikube start

2. Create Kubernetes Deployment and Service YAML

Files Frontend Deployment (frontend-

deployment.yaml):

apiVersion: apps/v1

kind: Deployment

metadata:

name: frontend-deployment

spec:

replicas: 3 selector:

matchLabels:

DEVOPS ENGINEER
 Phase 3

app: frontend

template:

metadata:

labels:

app: frontend

spec:

containers:

- name: frontend

image: <region>.icr.io/<namespace>/frontend-app:1.0

ports:

- containerPort: 3000

---

apiVersion: v1

kind: Service

metadata:

name: frontend-service

spec:

type: NodePort

selector:

app: frontend

ports:

- port: 3000

targetPort: 3000

DEVOPS ENGINEER
 Phase 3

Backend Deployment (backend-deployment.yaml):

apiVersion:

apps/v1 kind:

Deployment

metadata:

name: backend-deployment

spec:

replicas: 2

selector:

matchLabels:

app: backend

template:

metadata:

labels:

app: backend

spec:

containers:

- name: backend

image: <region>.icr.io/<namespace>/backend-app:1.0

ports:

- containerPort: 5000

---

apiVersion: v1

kind: Service

DEVOPS ENGINEER
 Phase 3

metadata:

name: backend-service

spec:

type: NodePort

selector:

app: backend

ports:

- port: 5000

targetPort: 5000

3. Apply YAML Files

kubectl apply -f frontend-deployment.yaml

kubectl apply -f backend-deployment.yaml

Step 2: Verify Deployments

1. Check Running Pods

kubectl get pods

2. Check Services

kubectl get svc

3. Access Applications


Use Minikube service IP or tunnel to expose services:

o
To access the frontend

service: minikube service frontend-service

--url

o
To access the backend service:

DEVOPS ENGINEER
 Phase 3

minikube service backend-service --url

Step 3: Testing CI/CD Integration

1. Set Up GitHub Actions with a CI/CD Pipeline YAML File


Example GitHub Actions YAML:

name: CI/CD Pipeline

on:

push:

branches:

- main

jobs:

build:

runs-on: ubuntu-latest

steps:

- name: Checkout code

uses:

actions/checkout@v2

- name: Set up Docker Buildx

uses: docker/setup-buildx-action@v1

DEVOPS ENGINEER
 Phase 3

- name: Log in to IBM

Cloud run: |

ibmcloud login --apikey ${{ secrets.IBM_CLOUD_API_KEY }} -r us-south

- name: Build and push Docker

images run: |

docker build -t <region>.icr.io/<namespace>/frontend-app:1.0 ./frontend

docker push <region>.icr.io/<namespace>/frontend-app:1.0

docker build -t <region>.icr.io/<namespace>/backend-app:1.0 ./backend

docker push <region>.icr.io/<namespace>/backend-app:1.0

- name: Deploy to

Kubernetes run: |

kubectl apply -f frontend-

deployment.yaml kubectl apply -f

backend-deployment.yaml

2. Automate Build, Test, and Deployment Stages Using Minikube and IBM Cloud CLI


Set up continuous build and deploy steps to trigger automatically when pushing changes
to GitHub.

Step 4: Conduct Stress and Load Testing

1. Use Tools Like Apache JMeter or Postman


For JMeter:

o
Create a test plan with multiple threads (users).

DEVOPS ENGINEER
 Phase 3

o
Configure the HTTP requests to test your API endpoints.

o
Run the test and observe results like response times and throughput.


For Postman:

o
Create a collection for testing your APIs.

o
Use the built-in "Runner" feature to run the collection with multiple iterations.

o
Export the test results for analysis.

2. Monitor Performance Using Minikube’s Dashboard or Tools Like Grafana


For Minikube Dashboard:

minikube dashboard

SECTION 3:

1. Enable Autoscaling for Minikube Clusters (using Kubernetes Horizontal Pod

Autoscaler) Steps:

1. Ensure Minikube Cluster is Running: Ensure you have a Minikube cluster running and
that your deployments are configured properly.

sh CopyEdit

minikube start

2. Enable Metrics Server: To enable autoscaling, you'll need the Metrics Server, which
provides resource usage data (CPU and memory) for autoscaling.

o
Install Metrics Server:

sh CopyEdit

DEVOPS ENGINEER
 Phase 3

kubectl apply -f https://github.com/kubernetes-sigs/metrics- server/releases/download/v0.5.0/

components.yaml

3. Create a Horizontal Pod Autoscaler (HPA): Set up an HPA for your applications
(e.g., frontend or backend) to automatically scale the number of pods based on CPU
usage.

o
Example HPA for frontend deployment (frontend-hpa.yaml):

yaml

CopyEdit

apiVersion: autoscaling/v2

kind: HorizontalPodAutoscaler

metadata:

name: frontend-hpa

spec:

scaleTargetRef:

apiVersion:

apps/v1 kind:

Deployment

name: frontend-deployment

minReplicas: 2

maxReplicas: 10

metrics:

- type:

Resource

resource:

name: cpu

target:

type: Utilization

DEVOPS ENGINEER
 Phase 3

averageUtilization: 50

4. Apply the Horizontal Pod Autoscaler:

sh

CopyEdit

kubectl apply -f frontend-hpa.yaml

kubectl apply -f backend-

hpa.yaml

5. Monitor Autoscaling: You can monitor the scaling behavior by checking the HPA status:

sh

CopyEdit

kubectl get hpa

2. Integrate Advanced CI/CD Pipelines with Jenkins or Tekton

Pipelines Jenkins Pipeline Integration:

1. Install Jenkins on Minikube:

o
Start a Jenkins instance within Minikube using the Kubernetes plugin or deploy it
with Helm:

sh

CopyEdit

helm install jenkins stable/jenkins --namespace jenkins

2. Create a Jenkins Pipeline:

o
In Jenkins, set up a pipeline to automate the build, test, and deployment process.

o
Example Jenkinsfile:

groovy

DEVOPS ENGINEER
 Phase 3

CopyEdit

pipeline

agent any

stages {

stage('Build Docker Images')

{ steps

{ scrip

t{

sh 'docker build -t <region>.icr.io/<namespace>/frontend-app:1.0

./frontend' sh 'docker build -t <region>.icr.io/<namespace>/backend-

app:1.0 ./backend'

stage('Push Images to IBM Cloud')

{ steps

{ scrip

t{

sh 'docker push <region>.icr.io/<namespace>/frontend-app:1.0'

sh 'docker push <region>.icr.io/<namespace>/backend-app:1.0'

stage('Deploy to Kubernetes')
DEVOPS ENGINEER
 Phase 3

{ steps {

DEVOPS ENGINEER
 Phase 3

script {

sh 'kubectl apply -f frontend-deployment.yaml'

sh 'kubectl apply -f backend-deployment.yaml'

3. Automate Build and Deployment:

o
Trigger Jenkins builds on commits or pull requests.

o
Integrate automated tests to ensure quality and reliability before deployment.

Tekton Pipelines Integration:

1. Install Tekton Pipelines:

o
Install Tekton on your Kubernetes cluster:

sh

CopyEdit

kubectl apply --filename https://storage.googleapis.com/tekton-releases/pipeline/latest/release.yaml

2. Create a Tekton Pipeline:

o
Define the pipeline resources (such as Docker images and Git repositories) and
steps (build, push, deploy).

o
Example Tekton pipeline:

yaml

CopyEdit

DEVOPS ENGINEER
 Phase 3

apiVersion: tekton.dev/v1beta1

kind: Pipeline

metadata:

name: ci-pipeline

spec:

resources:

- name: git-repo

type: git

tasks:

- name: build-and-push

taskRef:

name: build-and-push-task

resources:

inputs:

- name: git-repo

resource: git-repo

3. Automate Deployment:

o
Trigger Tekton pipelines based on GitHub commits or other Git events.

3. Add Automated Vulnerability Scanning During the CI/CD

Process Steps to Integrate Vulnerability Scanning:

1. Integrate IBM Cloud Vulnerability Advisor:

DEVOPS ENGINEER
 Phase 3

o
IBM Cloud offers a Vulnerability Advisor to automatically scan Docker images
for vulnerabilities.

o
Configure your pipeline to trigger image scans using the IBM Cloud
Vulnerability Advisor during the build or push process.

2. Configure Image Scanning in CI/CD Pipeline:

o
Example of adding IBM Cloud vulnerability scanning within a Jenkins pipeline:

pipeline {

agent

any

stage
s
{

stage('Build Docker Images')

{ steps

{ scrip

t{

sh 'docker build -t <region>.icr.io/<namespace>/frontend-app:1.0 ./frontend' sh

'docker build -t <region>.icr.io/<namespace>/backend-app:1.0 ./backend'

stage('Scan for Vulnerabilities')

{ steps

{ scrip

t{

sh 'ibmcloud cr vulnerability-scan <region>.icr.io/<namespace>/frontend-app:1.0' sh

'ibmcloud cr vulnerability-scan <region>.icr.io/<namespace>/backend-app:1.0'

DEVOPS ENGINEER
 Phase 3

DEVOPS ENGINEER
 Phase 3

stage('Push Images to IBM Cloud')

{ steps

{ scrip

t{

sh 'docker push <region>.icr.io/<namespace>/frontend-app:1.0'

sh 'docker push <region>.icr.io/<namespace>/backend-app:1.0'

stage('Deploy to Kubernetes')

{ steps

{ scrip

t{

sh 'kubectl apply -f frontend-deployment.yaml'

sh 'kubectl apply -f backend-deployment.yaml'

3. Integrate Other Tools:

o
Use Clair, Anchore, or Trivy for additional vulnerability scanning. Configure your
CI/CD pipeline to use these tools by scanning Docker images before they are
pushed to the registry.

DEVOPS ENGINEER
 Phase 3

o
Example with Trivy:

trivy image <region>.icr.io/<namespace>/frontend-app:1.0 trivy

image <region>.icr.io/<namespace>/backend-app:1.0

DEVOPS ENGINEER