├── appspec.yml
├── docker-compose.yml
├── env
│   └── ...
├── nginx
│   ├── Dockerfile
│   └── ...
├── nodeauth
│   ├── Dockerfile
│   └── ...
├── nodeupload
│   ├── Dockerfile
│   └── ...
└── scripts
    └── ...

Note: The exposed PORT should be different for different services

Now, we need to setup nginx as our API gateway

For that we need the **_nginx/Dockerfile_** and nginx configuration files

and the **_nginx.conf_** file is as follows

Now, we have our three containers ready, we just need a docker-compose file to start them all with a single command.

**_docker-compose.yml_**

Viola! You got all your containers ready, now you just need to deploy those to the server. Package ’em all up and push to a git repository of your choice.

I used an AWS EC2 instance to deploy.

Go to your AWS EC2 Console and start up a new instance. I used a t2.micro instance with ubuntu:20.04 image, (as it is covered under the free tier).

SSH into your EC2 instance, and clone the repository that you just made onto the machine using git clone <repo-link> .

Now, you need to install docker on your instance sudo snap install docker .

Once you have cloned the repo onto the machine and installed the dependencies, it’s time to build and start the docker containers. Well, that’s where containerizing everything helps, you only need to run one command to run everything.

sudo docker-compose up --build

Make sure you have changed the directory into your cloned repository

You got it done! Now you just need to set the ANAME for your domain and you can make requests to your domain.

But wait…

The requests are only going to http instead of https . You need to set up https for your domain now.

In order to setup https for our server, we need to generate an SSL certificate. We can always do that stuff manually, but that’s no good when there are other people who have done this stuff for you.

I used staticfloat/nginx-certbot docker image to do this stuff for me.

We need to listen on PORT 443 for https instead of PORT 80 in case of http , and specify sslcertificate, sslcertificate_key in your **_nginx.conf_**.

And your **nginx/Dockerfile** changes to…

You also need to make changes in the **docker-compose.yml** to map the letsencrypt/ directory of your container to that of your host machine.

You are all done! Just push these changes to your git repository, and pull them on your instance.

Configure the security group for your instance and enable HTTPS.

Now, all you gotta do is run sudo docker-compose up --build and you should get services running on https .

But think about it…

Do you really want to pull every change that you make on your service manually and restart the service again? No, right?

Neither do I, that’s why I set up CI/CD pipelines to deploy and restart the services automatically every time a new commit is pushed to the git repo.

Let’s get to that stuff in PART 2….

Read Next:

• PART 2: Setting up CI/CD Pipeline for a Monolithic Service
• PART 3: How I designed a CI/CD setup for a Microservice Architecture at zero cost

• PART 1: How I designed and deployed a scalable microservice architecture with limited resources

As mentioned in the last part, we have already setup and deployed our three services, but we don’t want to keep pulling the changes every time we make a small change in the codebase, that’s why we need to setup our CI/CD Pipeline.

Let’s get started…

Let’s first treat all our services as Monolithic, and deploy them to the instance.

Create IAM Roles for CodeDeploy and EC2 Instance.

• Go to IAM → Roles in your AWS Console
• Create an IAM Role with AmazonEC2RoleforAWSCodeDeploy and AutoScalingNotificationAccessRole policies.
• Let’s name this IAM Role as CodeDeployInstanceRole
• Create another IAM Role with AWSCodeDeployRole policy.
• Let’s name this one as CodeDeployServiceRole

Configure EC2 Instance for the application

Make sure you already have an instance running.

You just gotta modify the tags to let the CodeDeploy Agent know which instances to deploy the code on.

• Let’s put two tags: env: production and name: my-application

Create S3 Bucket for application revision

This bucket will be used to store our revised application before it is deployed to the instance.

Note: Creating this bucket is necessary if you want to add some files to the codebase that you couldn’t store in the Github repository, such as _.env_ files.

If you don’t have any such thing, then you can skip this step.

• You may name the bucket whatever you like.
• Make sure Block all public access option is checked.

Configure CodeDeploy

• Navigate to CodeDeploy in AWS Management Console.
• Create an application and give it a name.
• Under Compute Platform choose EC2/On-premises
• Create Application.

• After creating the application, create a deployment group
• Name it whatever you’d like, and under Service Role choose CodeDeployServiceRole.

• Under Deployment Type choose In-place.
• For Environment Configuration choose Amazon EC2 instances and specify the tags that we specified previously for our instances: env: production and name: my-application
• For Deployment Settings choose CodeDeployDefault.OneAtATime.

• Deselect Enable Load Balancing
• Create Deployment Group.

Phew, we are done with setting up on the AWS side, now let’s get to the good stuff.

Setting up on the Code Repository Side

Create an appspec.yml file, and place it in the root of the directory.

Let’s setup our CI workflow now. I am using Github Actions for my CI/CD setup.

Create a .github/workflow/deploy.yml file

Note: In the _Configure Secrets_ step, we are fetching our secrets from a AWS S3 Bucket where we have stored to _.env_ files, as those can not be stored on the Github repository.

If you don’t have any secrets to configure, you can deploy directly from Github repository. Instead _s3-location_, you'd need to specify _github-location_: reference

Now, we just have to configure AWS Credentials that we used above.

Setting up CodeDeploy IAM User

• Go to IAM -> Users in your AWS Console.
• Create a new IAM User, let’s name it CodeDeployUser, and give it Programmatic Access

• We need 2 sets of permissions: AmazonS3FullAccess and AWSCodeDeployDeployerAccess

• Create the user, and save the user’s credentials ACCESS_KEY_ID and SECRET_ACCESS_KEY

Set those secrets in your Github Repository and you are all good to go!

Great! now, every push you do to your repository will be deployed to your EC2 instance.

But, wait. If you push to your repository after modifying just one of the services, all of them need to be restarted, that’s not how a Microservice Architecture works.

We need to decouple all our services from each other for all of them to operate separately.

Let’s get to that stuff in PART 3…

Read Next:

• PART 3: How I designed a CI/CD setup for a Microservice Architecture at zero cost

• PART 1: How I designed and deployed a scalable microservice architecture with limited resources
• PART 2: Setting up CI/CD Pipeline for a Monolithic Service

In the last part we set up our pipeline for a Monolithic Architecture, but that’s not what I promised in the first part of the series.

Let’s get going…

Off to decoupling our services, so that they can live freely once again.

Well, that’s easy. Create a separate repository for each service, copy the workflow files to each of them. You are done! Ok, bye.

No, definitely not.

You can use that setup if all you have to do is run unit tests, but what about integration testing. Can’t do that on the production instance, and you are a struggling startup; you don’t have enough resources to spin up more instances just to run integration tests.

Well?

Ok, we will be putting each service in its own separate remote repository, but we will have one parent repository that refers to all the services’ repositories.

Let’s get started with git submodules…

Git Submodules are a way of adding a git repository inside a git repository. All submodules point to a commit in the remote repository.

The original intention behind git submodules was to keep a copy of a certain commit (or release) locally on which our project might depend.

You just need to run:

git submodule add <my-remote> <optional-path>

However, we need them to keep up-to-date with our services’ repository, that’s why it’s a good thing that we can make them point to a certain branch instead too.

git config -f .gitmodules submodule.<submodule-name>.branch <branch-name>

Now, you can keep all your submodules up-to-date with just one command

git submodule update --remote

Now, that git submodules are out of the way, let’s get to the actual “good” stuff.

Ok, let’s talk about the actual workflow that I follow:

• Each service’s repository contains its unit test
• After a commit is pushed to the service’s repository, it runs its unit tests.
• If all the unit test pass, then we commit it to the parent repository.

_<submodule>/.github/workflows/test-and-push.yml_

• The parent repo lists the submodules where the changes were made since the last push and only deploys those services again.

<parent-repo>/.github/workflows/deploy.yml

This way all the other services keep running without any disturbance, while one of the service is updated.

<parent-repo>/scripts/deploy.sh

I also created separate Deployment Groups for each service of the name: _<service-name>-prod_, i.e. for _nodeauth_ service, I created a _nodeauth-prod_ deployment group, with rest of the configuration same as we did in the previous part.

We also do need to modify the appspec.yml and our scripts.

• Since each service is a separate deployment, we need to put the appspec.yml in each service's repository.

• Since we have decoupled all the services from each other, we no longer run them using sudo docker-compose up, each service has to be started individually.

<submodule>/scripts/start_app.sh

• I wrote a bit complex script so that we can use the same set of scripts in all our services instead of writing them again and again as new services are added.
• The scripts can also be added as a git submodule to all the services’ repositories, which makes it easier to maintain (but they weren’t in my setup at the moment of writing this blog).
• init.sh contains code to install docker on the instance (if not already present).
• cleanup.sh contains code to remove the previous unused containers.

That’s it. You are finally done. You’ve got your own weird-ass setup to test and deploy a Microservice Architecture at zero cost. You can also keep the previous docker-compose.yml to maintain a local development setup.

The single instance’s cost is covered under AWS free-tier.

disclaimer: Yes, there is probably a better way of doing this. I hope there is.

You can download Git through here.

Git v/s GitHub/GitLab:

A lot of people get confused between Git and GitHub. So, Git is the version control system that manages the different versions of the files while GitHub is a platform (website) where you can host your remote repositories. There are multiple hosting platforms available like GitHub, GitLab, BitBucket, etc that can be used to host your remote repository, GitHub is just one of them. Using GitHub is not at all necessary to use Git. Git can also be used to maintain records of your personal work on your own PC.

Some Basic Terminologies:

Repository: The folder of the project.

Remote Repository: The project folder that is available online.

Cloning: Downloading the code from the remote repository.

Forking: means copying the repository in your account, so you can make some changes into it.

Commit: It’s like a checkpoint which you can go back to when you screw up.

Branches: Suppose you are working on a feature in the project, while your partner decides to work on another feature in the same project, so he can make a new branch in the project and work separately without disrupting the other person’s work, and they can merge the two branches together when both are done.

Push: Making the changes onto the remote repository after you have modified the code on the local repository.

Pull: Making the changes onto the local repository (the one that is present on your PC, not online) from the remote repository after someone else pushed some changes onto the remote repository.

Pull Request: Asking the owner the original repository to merge your changes into their repository. (You can make a pull request on GitHub [called Merge Request on GitLab] after you have done some changes in your forked repository or on some other branch in the same repository)

Git Command Line:

Command Line Interface is the environment where you can interact with your PC only using the textual commands (that is, without the use of mouse). You need to memorise the commands (or look them up every time) in order to use the command line properly. There is a list of some basic Git commands below that will help you get started, and here’s a link to a Git cheat sheet.

It is not at all necessary to use Git Command Line Interface (CLI) with Git. You can also use Git Graphical User Interface (GUI) to use all the Git features (no one uses that, though).

You can also use other GUIs like GitHub Desktop to use Git features.

Most Basic Commands:

git clone [url]: Downloads the local from the remote repository (only to be used when starting a project)

git init: Initializes the git repository (A repository has to be initialized as a git repository before it can start tracking the changes).

git remote add [remote-name] [remote-url]: remote-name is the name by which you refer the remote repository URL (like the URL of the GitHub/Gitlab repository)

git add [file-name]: adds the files to the staging area (git does not commit all the files every time. Unlike some other version control tools, only the ones that are added to the staging area)

git commit -m “[message]”: commits the added files

git push [remote-name] [branch-name]: pushes the files onto the remote repository.

git fetch [remote-name]: downloads the files from the remote repository.

git merge [branch-name]: merges the current local branch with the specified branch-name.

git pull [remote-name] [branch-name]: basically fetching and merging in one command.

git checkout [branch-name]: to go to the specified branch