2025-02-07

In this guide, we’ll walk through setting up a robust CI/CD pipeline using Jenkins, ArgoCD, and Kubernetes. This pipeline integrates security, monitoring, and automation to ensure seamless deployments. Below are the steps and commands to implement this pipeline.

Step 1: Setting Up Jenkins for CI/CD Workflows

Jenkins is the backbone of the CI/CD pipeline. Install Jenkins and configure it to automate your build and test processes.

<h1>Install Jenkins on Ubuntu</h1>

sudo apt update
sudo apt install openjdk-11-jdk -y
wget -q -O - https://pkg.jenkins.io/debian/jenkins.io.key | sudo apt-key add -
sudo sh -c 'echo deb http://pkg.jenkins.io/debian-stable binary/ > /etc/apt/sources.list.d/jenkins.list'
sudo apt update
sudo apt install jenkins -y
sudo systemctl start jenkins
sudo systemctl enable jenkins

Step 2: Deploying ArgoCD for GitOps

ArgoCD is a declarative GitOps tool that automates Kubernetes deployments. Install ArgoCD and sync your application manifests from a Git repository.

<h1>Install ArgoCD on Kubernetes</h1>

kubectl create namespace argocd
kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml

<h1>Access ArgoCD UI</h1>

kubectl patch svc argocd-server -n argocd -p '{"spec": {"type": "LoadBalancer"}}'

Step 3: Integrating Security with SonarQube and Trivy

Ensure code quality and security by integrating SonarQube for static code analysis and Trivy for vulnerability scanning.

<h1>Install Trivy for vulnerability scanning</h1>

sudo apt-get install wget apt-transport-https gnupg lsb-release -y
wget -qO - https://aquasecurity.github.io/trivy-repo/deb/public.key | sudo apt-key add -
echo deb https://aquasecurity.github.io/trivy-repo/deb $(lsb_release -sc) main | sudo tee -a /etc/apt/sources.list.d/trivy.list
sudo apt-get update
sudo apt-get install trivy -y

<h1>Scan a Docker image with Trivy</h1>

trivy image <your-docker-image>

Step 4: Creating an AWS EKS Cluster with Terraform
Use Terraform to provision an AWS EKS cluster for deploying your applications.

[hcl]

main.tf

provider “aws” {
region = “us-west-2”
}

module “eks” {
source = “terraform-aws-modules/eks/aws”
cluster_name = “my-eks-cluster”
cluster_version = “1.21”
subnets = [“subnet-abcde012”, “subnet-bcde012a”]
vpc_id = “vpc-abcde012”

worker_groups = [
{
instance_type = “t2.medium”
asg_max_size = 3
}
]
}
[/hcl]

Step 5: Monitoring with Prometheus and Grafana

Set up Prometheus and Grafana for real-time monitoring of your Kubernetes cluster.

<h1>Install Prometheus and Grafana using Helm</h1>

helm repo add prometheus-community https://prometheus-community.github.io/helm-charts
helm repo update
helm install prometheus prometheus-community/prometheus
helm install grafana grafana/grafana

Step 6: Automated Email Notifications

Configure Jenkins to send email notifications for pipeline updates.

// Jenkinsfile
pipeline {
agent any
stages {
stage('Build') {
steps {
echo 'Building...'
}
}
stage('Test') {
steps {
echo 'Testing...'
}
}
}
post {
success {
mail to: '[email protected]', subject: 'Pipeline Success', body: 'The pipeline succeeded!'
}
failure {
mail to: '[email protected]', subject: 'Pipeline Failed', body: 'The pipeline failed!'
}
}
}

What Undercode Say

Implementing a CI/CD pipeline with Jenkins, ArgoCD, and Kubernetes is a game-changer for modern DevOps practices. Here are some additional Linux and IT commands to enhance your pipeline:

1. Kubectl Cheat Sheet:

kubectl get pods -n <namespace>
kubectl describe pod <pod-name>
kubectl logs <pod-name>

2. Linux System Monitoring:

top
htop
df -h
free -m

3. Docker Commands:

docker build -t <image-name> .
docker push <image-name>
docker-compose up -d

4. Terraform Commands:

terraform init
terraform plan
terraform apply
terraform destroy

5. Prometheus Query Examples:

[promql]
rate(http_requests_total[5m])
up{job=”kubernetes-nodes”}
[/promql]

6. Grafana Dashboard Setup:

• Import dashboards using JSON files.
• Use Prometheus as the data source.

7. Security Best Practices:

• Regularly update your Kubernetes cluster.
• Use network policies to restrict pod communication.
• Enable RBAC for fine-grained access control.

8. Useful URLs:

• Jenkins Documentation
• ArgoCD Documentation
• Kubernetes Documentation
• Terraform AWS EKS Module

By combining these tools and commands, you can build a secure, scalable, and automated CI/CD pipeline that adheres to DevOps best practices. Happy coding! 🚀

References:

Hackers Feeds, Undercode AI