Setting up bank application using Docker

Project Spring boot Banking application using Docker

• To build java we requested jar file which is build will the help of maven tool (Apache maven - open source).

• Shout-out to GoldenCat - YT (Source code) -Developer

• GitHub repo
  github.com/DevMadhup/Springboot-BankApp

• Setup the requirement for Docker project

• Hands-on

1. Launch EC2 Instance

   1. Recommended is t2.Medium or Can try with t2.micro

   2. Select key-pair, Allow Network - ssh, http & https

   3. Storage 10 GB

   4. git clone

      github.com/LondheShubham153/Springboot-BankApp.git

2. removing pre-requisites - Dockerfile, docker-compose.yml cmd
   rm -v Dockerfile, docker-compose.yml

   1. README.md from where we get to know what to build. mvnw, mvnw.cmd - These maven files. pom.yaml - Must have file for maven app. In src - where the source code is available and there are 2 directories, One test directory - Test cases are present, Other main directory - all main code is present

   2. First we maven base image i.e., G: maven base image openjdk

3. Let write Dockerfile

   1. For maven we ask maven version for developer

    vim Dockerfile
    #----------- Stage 1 -----------
    FROM maven:3.8.3-openjdk-17       
    WORKDIR /app
    COPY . /app
    RUN mvn clean install -DskipTests=true
    EXPOSE 8080
    CMD ["java","-jar","/bankapp.jar"]

Explanation

    #----------- Stage 1 ----------- 
    # It put the base Image where maven and jdk is pre-installed 
    #which the runs the Instance
    FROM maven:3.8.3-openjdk-17 

    # It is working dir. app where all the code will stored.     
    WORKDIR /app

    # Copy everything the code from localhost(m/c) to /app(container) 
    COPY . /app

    #Build the app to generate jar file of app and clean used to clean all previous dependencies. 
    #Tester has not written the test cases so we skipping it.
    RUN mvn clean install -DskipTests=true

    #Generally, docker run on port 8080 and maps with the host.
    EXPOSE 8080

    #To run the jar i.e., excute the jar file using java command -jar flag
    #(to specify we are executing a jar file), cmd comments to run.
    CMD ["java","-jar","/bankapp.jar"]

1. In General Q/A, About jar file

   app.py - Source code,

   python app.py - will compile, interpreter and execute

   In case of java - First code will compile and execute (through jar file i.e., whenever changes in jar file we need to execute it)

   Tomcat - It's server and size of base image is large.

   port 8080 runs on Apache Tomcat server

   mvn clean install

   Interview Question. Diff. b/w CMD and ENTRY POINT

   CMD default parameter that can override from Docker CLI whereas ENTRYPOINT cannot.
   If suppose Dev. says that he requires only bankapp.jar to be run that we use entrypoint. We can access it from /app.

2. Installing and build docker file

4.  sudo apt-get update
    sudo apt-get install docker.io -y
    sudo usermod -aG docker $USER && newgrp docker # Refreshing docker group
    docker ps 
    docker build -t bankapp .
    docker images
   

   Docker file is required but we noticed one thing i.e, Size of Docker is large i.e, around 800MB. In order to reduce its size, it we need to write multistage docker file

5. Write Docker file and build it.

vim Dockerfile

1.  #----------- Stage 1 ----------- 
    FROM maven:3.8.3-openjdk-17 AS builder     
    WORKDIR /app
    COPY . /app
    RUN mvn clean install -DskipTests=true
   
    #----------- Stage 2 --------------
    FROM openjdk:17-alpine
    WORKDIR /app
    COPY --from=builder /app/target/*.jar /app/target/bankapp.jar
    EXPOSE 8080
   
    ENTRYPOINT ["java","-jar","/app/target/bankapp.jar"]
   

docker build -t bankapp-mini .

• Created 2 image of docker image. As maven is required only upto mvn install. So, reduced from 785 MB to 378 MB.

• To create database container
  github.com/LondheShubham153/Springboot-BankApp/blob/DevOps/src/main/resources/application.properties
  MySql database name will take from application.properties file in spring.datasource.url variable database name is written.

  • 
      docker run -d --name mysql -e MYSQL_DATAABASE=bankappdb -e MYSQL_ROOT_PAPASSWORD=Test@123 mysql
    

    Here -e -> Environment variable, And environment variable is defined in application.properties file to use it we need write in Upper case(i.e, MYSQL_DATBASE)

    Changes of crashing down the container as both are running separately.

  •   docker ps -a 
      docker logs bankapp-mini:latest(status Id)
      docker stop mysql
      docker rm mysql && docker rm bankapp
    

  • To create docker network

      docker network create -d bridge bankapp
      # -d bridge is created by default even if it not provided.
      # Run MYSQL container and -itd exec in detach mode
      docker run -itd --name mysql -e MYSQL_ROOT_PASSWORD=Test@123 -e MYSQL_DATABASE=BankDB --network=bankapp mysql
      # Run Application container
      docker run -itd --name Bankapp -e SPRING_DATASOURCE_USERNAME="root" -e SPRING_DATABASE_URL="jdbc:mysql://mysql:3306/Bankappdb?useSSL=false&serverTimezone=UTC" -e SPRING_DATASOURCE_PASSWORD="Test@123" --network=bankapp -p 8080:8080 bankapp-mini:latest
      docker logs bankapp-mini
    

    Now enable traffic for port 8080 -> Select Instance -> Security -> Edit Inbound -> Add rule -> Custom TCP, 8080, Anywhere 0.0.0.0/0 -> Save rules

  • EC2 > Security Groups > sg-..

    Copy public ip > In browser http://<public-ip>:8080

• Let's make Docker compose

  • Image can get by 2 ways

    • Dokerfile

    • DockerHub

• 1. In Docker Hub

     1. Setting / Personal access tokens / New acces token

        1. Access token description: bankapp

        2. Access permissions: Read, Write, Delete

        3. Generate

     2. Goto Instance EC2

1. docker login or docker login -u usernaeme

   1. username, password -> PAT

2. docker images

1.  #To rename docker image bankapp-mini 
    docker images
    docker image tag bankapp-mini springboot-bankapp:latest
    docker images
    docker image tag springboot-bankapp kiranchavan/springboot-bankapp:latest
    docker images #To verify
    docker push kiranchavan/springboot-bankapp #Push to docker hub
    docker stop BankApp mysql && docker rm BankApp mysql
   

   Note: Replace kiranchavan with your username

2. With this now my image is publicly available through which I can build docker compose whenever needed.

1.  vim docker-compose.yml
   

    veriosn: "3.8"
    services:
      mysql:
        container_name: mysql
        image: mysql:latest
        ports:
          -3306:3306
        environment:
          MYSQL_ROOT_PASSWORD: Test@123
          MYSQL_DATABASE: BankDB
        networks:
          - bankapp
        volumes:
          - mysql-data:/var/lib/mysql
        healthcheck:
          test: ["CMD","mysqladmin","ping","-h","localhost","-uroot","-pTest@123"]
          interval: 10s
          timeout: 5s
          retries: 5
          start_period: 60s
        restart: always    

      bankapp:
        container_name: bankapp
        image: kiranchavan/springboot-bankapp:latest
        ports:
          - 8080:8080
        environment:
          SPRING_DATASOURCE_USERNAME: root
          SPRING_DATABASE_URL="jdbc:mysql://mysql:3306/BankDB?useSSL=false&allowPublicKeyRetrieval=true&serverTimezone=UTC"
          SPRING_DATASOURCE_PASSWORD: Test@123
        networks:
          - bankapp
        depends_on:
          - mysql
        restart: always 


    volumes:
      mysql-data:


    networks:
      bankapp:

docker rmi -f $(docker images -aq)
#To remove all images at once.
docker images
sudo apt-get install docker-compose-v2
clear
docker compse up
ctrl + c # To stop

restart: always -> Helps in restart the service automatically when its stopped.

copy public ip and paste in browser

docker compose up -d # To run in background 
docker ps 
docker exec -it mysql(Container id) bash
#In bash 
mysql -u root -p
Test@123 #password
use BankDB
show tables;
select * from account;
selct * from transcation; #This shows data presisted

Docker Scout

(Advanced image analysis)

In desktop version.

It checks the code vulnerable. Malicious code i.e, in mysql, login exemption.

docker pull kiranchavan/springboot-bankapp:latest
docker scout quickview kiranchavan/springboot-bankapp:latest
docker scout cves kiranchavan/springboot-bankapp:latest # Gives complete report

Share the docker scout report with DevSecop Team and Developer Team to check the vulnerability.
SonarQube Checks the code quality. Docker scout checks which is already existing code.
Trivy is alternatives of Docker scout. Trivy also scans File system.
distroless images is used by Google and Shubham bhai which is secure.

cd Documents
mkdir docker-init-tut
docker init
#use up or down arrow keys to navigate, Let select .net and enter.
#Give name:simple-dot-net-app
#version: 8.0
#port: 8080
dokcer build -t simple-dot-net-app .
#These are boiler plate code
# Works well in small code like java, python.

G: latest version of .net, port of .net

Note: These are available in Desktop session

To optimize, enhanced security and production version

Prompt: Act as senior Devops Engineer and optimized the dockerfile to be production ready and using best practices. The input to you is a docker file

The output should be a production-grade dockerfile

1. Can you do the same with docker compose and paste docker compose file

How to write in Resume

Title, Description and Impact

Title: Deployment of a Multi-Tier Banking application on AWS or

CI/CD deployment of Multi-Tier Banking app on AWS

Descriptioin: Used Docker, Spring boot, java, Maven,etc.

Impact: End-to-End Multi-Tier appln using Docker and Docker compose reduced image size by 60%, Improved security using scout, using docker compose appln is up and down in single click, volume presistent

Yahoo!!! Completed...