Skip to main content

Deploying Jersey-Jetty Based Webservice

tip

We take an opinionated webservice deployment, which goes without SSL, because backend API should site behind a proxy or gateway. In addition, webservice executables are assumed to be in WAR format and is ready before preceding in this section (neither Packer nor Terraform environment packages up source code to WAR for the sake of simplicity)

Getting hashicorp-aws Source Code

git clone https://github.com/QubitPi/hashicorp-aws.git

From this point on, we assume the current directory is the directory containing the checked-out hashicorp-aws folder

Defining Packer Variables

Create a HashiCorp Packer variable values file named "aws-ws.auto.pkrvars.hcl" under hashicorp-aws/hashicorp/webservice/images/aws directory, depending on the deployment mode, with the following contents:

ami_region    = "my-aws-region"
ami_name      = "my-webservice"
instance_type = "<one of t2.micro/t2.small/t2.medium/t2.large/t2.xlarge/t2.2xlarge>"
war_source    = "my-webservice-1.0.war"
filebeat_path = "filebeat.yml"

  • ami_region is the region where webservice AMI will be published to. The published image will be private

  • ami_name is the name of the resulting AMI that will appear when managing AMIs in the AWS console or via APIs. This can be the same across builds, because hashicorp-aws will deregister the old AMI with the same name and replace it with the current built one

  • instance_type is the EC2 instance type to use while building the AMI, such as t2.small.

  • war_source is the absolute path or the path relative to hashicorp-aws/hashicorp/webservice/images/basic of the webservice WAR file we are going to deploy

  • filebeat_path is the absolute path or the path relative to hashicorp-aws/hashicorp/webservice/images/aws of the filebeat config file if the webservice is sending logs to ELK

    tip

    It is very important to connect webservice to an external logging & auditing service like ELK, because once webservice is deployed as an immutable infrastructure, it is completely sealed in a sense that no one can SSH into it. This means logs or other metrics are not available unless they are send to an external logging & auditing service such as ELK. Our HACP offers out-of-the box deployment of ELK and allow the webservice to automatically connect to it to send logs and metrics, which gives us a lot better experience on working with webservice logging & auditing.

Building AMI Image

cd hashicorp-aws

cp hashicorp/common/images/aws/aws-builder.pkr.hcl hashicorp/webservice/images/aws
cp hashicorp/common/images/aws/aws-packer.pkr.hcl hashicorp/webservice/images/aws

cd hashicorp/webservice/images/aws
packer init .
packer validate .
packer build .
note

EBS volumes during build time will automatically be removed

This will take a while and to save time, we can leave it here and proceed immediately to the next step.

Defining Terraform Variables

Create a HashiCorp Terraform variable values file named "aws-ws.auto.tfvars" under one of the subdirectory of hashicorp-aws/hashicorp/webservice/instances/aws, depending on the deployment mode, with the following contents:

aws_ec2_region = "my-aws-region"
ami_name          = "my-webservice"
instance_type     = "<one of t2.micro/t2.small/t2.medium/t2.large/t2.xlarge/t2.2xlarge>"
ec2_instance_name = "My Webservice"
security_groups   = ["My Webservice"]
  • aws_ec2_region is the EC2 runtime region
  • ami_name is the name of the published AMI; it must be the same as the ami_name in Packer variable file
  • instance_type is the AWS EC2 instance type used for deployed infrastructure
  • ec2_instance_name is the deployed EC2 name as appeared in the instance list of AWS console; it can be arbitrary
  • security_groups is the list of AWS Security Group names to associate with (yes, not ID, but name...)

Deploying to EC2

caution

Depending on the AMI and EC2 configs, please be aware AWS credit charges shall incur after the following commands execute

When AMI image finishes building, we can go ahead to deploy that image as an EC2 instance:

cd ../../instances/aws

cp ../../../common/instances/aws/aws-ec2.tf .
cp ../../../common/instances/aws/aws-terraform.tf .

terraform init
terraform validate
terraform apply -auto-approve

Deployment via Screwdriver CD

hashicorp-aws supports deployment using Screwdriver CD. Please check it out.

Deployment via GitHub Actions

hashicorp-aws also supports deployment using GitHub Actions

Deployment via HACP

tip

Please try our HACP platform to deploy a Webservice instance. It gives us one-click experience that helps us stand up a webservice in a minute.

Troubleshooting

AWS

The Webservice was Running Properly Right After Deployment, but NOT After a While with "503 Service Unavailable"

This could be the resource starvation on EC2 instance. Please try using a bigger EC2 sizes. For example, bumping t2.micro to t2.medium. hashicorp-aws currently supports t2.x sizes, i.e. one of the following sizes can be selected:

  • t2.micro
  • t2.small
  • t2.medium
  • t2.large
  • t2.xlarge
  • t2.2xlarge

To modify the size, set the value of instance_type in both aws-ws.pkrvars.hcl and aws-ws.tfvars. For example:

instance_type       = "t2.medium"