Build a Complete CI/CD Pipeline Using Jenkins on AWS
SURYANSH GUPTATable of contents
Introduction:
In today’s fast-paced software development world, DevOps plays a critical role in automating the build, test, and deployment process. In this blog, I’ll walk you through a complete end-to-end CI/CD pipeline I built using Jenkins on AWS EC2, integrating popular DevOps tools like Git, Maven, SonarQube, Nexus, and Tomcat. This hands-on project not only helped me understand how each tool fits into the software development lifecycle but also gave me real-world experience in deploying a robust and scalable automation pipeline. Whether you're a DevOps beginner or someone brushing up on core concepts, this post will give you a practical view of setting up your own pipeline from scratch.
Tech Stack:
Git: Source code management
Maven: Build tool
SonarQube: Code quality check
Nexus: Artifact storage
Tomcat: Webserver for deployment
Jenkins: CI/CD pipeline
AWS EC2: Hosting all services
Step-by-Step Process to Deploy the Application:
STEP-1: LAUNCH 4 INSTANCES WITH SAME PEM FILE
JENKINS: T2.MICRO
TOMCAT: T2.MICRO
SONAR: T2.MEDIUM (25 GB OF EBS VOLUME)
NEXUS: T2.MEDIUM (25 GB OF EBS VOLUME)
SETUP SERVICES IN THEIR RESPECTIVE SERVERS
STEP-2: refer the below scripts to install Jenkins, Tomcat ,Sonar and Nexus on respective servers.
Jenkins Script
#STEP-1: INSTALLING GIT yum install git -y #STEP-2: GETTING THE REPO (jenkins.io --> download --> redhat) sudo wget -O /etc/yum.repos.d/jenkins.repo \ https://pkg.jenkins.io/redhat-stable/jenkins.repo sudo rpm --import https://pkg.jenkins.io/redhat-stable/jenkins.io-2023.key sudo yum upgrade # Add required dependencies for the jenkins package sudo yum install fontconfig java-21-openjdk sudo yum install jenkins sudo systemctl daemon-reload #STEP-3: DOWNLOAD JAVA17 AND JENKINS yum install java-17-amazon-corretto -y yum install jenkins -y #STEP-4: RESTARTING JENKINS systemctl start jenkins.service systemctl status jenkins.service
Tomcat Script:
#STEP-1: INSTALL JAVA 17 yum install java-17-amazon-corretto -y #STEP-2: DOWNLOAD & EXTRACT TOMCAT wget https://downloads.apache.org/tomcat/tomcat-9/v9.0.104/bin/apache-tomcat-9.0.104.tar.gz tar -zxvf apache-tomcat-9.0.104.tar.gz #STEP-3: CONFIGURE TOMCAT USERS (GUI & SCRIPT ACCESS) sed -i '56 a\<role rolename="manager-gui"/>' conf/tomcat-users.xml sed -i '57 a\<role rolename="manager-script"/>' conf/tomcat-users.xml sed -i '58 a\<user username="tomcat" password="admin@123" roles="manager-gui, manager-script"/>' conf/tomcat-users.xml sed -i '59 a\</tomcat-users>' conf/tomcat-users.xml sed -i '56d' conf/tomcat-users.xml #STEP-4: REMOVE IP RESTRICTIONS FOR MANAGER ACCESS sed -i '21d' webapps/manager/META-INF/context.xml sed -i '22d' webapps/manager/META-INF/context.xml #STEP-5: START TOMCAT SERVER sh bin/startup.sh
Nexus Script:
#STEP-1: INSTALL JAVA 17 yum install java-17-amazon-corretto -y #STEP-2: DOWNLOAD NEXUS AND EXTRACT cd /opt wget https://download.sonatype.com/nexus/3/nexus-unix-x86-64-3.79.0-09.tar.gz tar -zxvf nexus-unix-x86-64-3.79.0-09.tar.gz #STEP-3: CREATE NEXUS USER & SET PERMISSIONS useradd nexus vim /opt/nexus-3.79.0-09/bin/nexus # (Edit the file and set) run_as_user="nexus" #STEP-4: SWITCH TO NEXUS USER AND START SERVICE su - nexus /opt/nexus-3.79.0-09/bin/nexus start /opt/nexus-3.79.0-09/bin/nexus status #STEP-5: VERIFY NEXUS IS RUNNING ps -ef | grep nexus ss -tuln | grep 8081 #STEP-6: GET DEFAULT ADMIN PASSWORD cat /opt/sonatype-work/nexus3/admin.password
Sonar Setup:
#STEP-1: INSTALL JAVA OPENJDK 11 amazon-linux-extras install java-openjdk11 -y #STEP-2: DOWNLOAD SONARQUBE cd /opt/ wget https://binaries.sonarsource.com/Distribution/sonarqube/sonarqube-8.9.6.50800.zip #STEP-3: UNZIP AND CONFIGURE PERMISSIONS unzip sonarqube-8.9.6.50800.zip useradd sonar chown sonar:sonar sonarqube-8.9.6.50800 -R #STEP-4: SWITCH TO SONAR USER AND START SONARQUBE su - sonar cd /opt/sonarqube-8.9.6.50800/bin/linux-x86-64/ sh sonar.sh start sh sonar.sh statusSTEP-3: Login to Jenkins & Install Plugins
Go to
http://<your-ip>:8080and log in to Jenkins.Go to Manage Jenkins → Plugin Manager → Available
Install these plugins:
SonarQube Scanner – for code scanning
Nexus Artifact Uploader – to upload files to Nexus
SSH Agent – to send files to another server.
STEP-4:Create a Jenkins pipeline job and write a Jenkins file for deploy a web application, usually we have 2 types of pipelines,
scripted ,declarative
Here i am using scripted pipeline for the Jenkins file
STAGE-1 : GET THE CODE FROM GITHUB TO CI-SERVER
node { stage("Code") { git clone(“repo-link” } }
STAGE-2 : BUILD THE SOURCE CODE: GO TO MANAGE JENKINS >> GLOBAL TOOL CONFIGURATION >> MAVEN ADD INSTALLER WITH THE NAME OF maven WITH VERISON (3.9.9)
stage("Build") { def mavenHome = tool name: "maven3", type: "maven" def mavenCMD = "${mavenHome}/bin/mvn" sh "${mavenCMD} clean package" }
CHECK THE WAR FILE IN JENKINS FOR CONFIRMATION AFTER SUCCESSFULL BUILD
STAGE-3 : SCAN THE SOURCE CODE: LOGIN INTO SONAR GO TO MY ACCOUNT >> SECURITY >> ENTER A TOKEN NAME AND GENERATE A TOKEN
NOW INTEGRATE THE SONAR TO JENKINS MANAGE JENKINS >> CONFIGURE SYSTEM >> SONAR SERVER
stage("CQA") { withSonarQubeEnv('mysonar') { def mavenHome = tool name: "maven3", type: "maven" def mavenCMD = "${mavenHome}/bin/mvn" sh "${mavenCMD} sonar:sonar" } }
AFTER SUCCESSFULL BUILD CHECK FOR ANY BUGS IN THE SONARQUBE DASHBOARD>PROJECTS
STAGE-4: Upload WAR File to Nexus Artifactory
Create a new repository in Nexus:
• Name: new-repo
• Format: maven2 (hosted)
• Version Policy: Releases
• Deployment Policy: Allow Redeploy
Install the Nexus Artifact Uploader plugin in Jenkins.
Go to Jenkins → Pipeline Syntax, choose Nexus Artifact Uploader from the dropdown.
Fill in the required fields:
• Nexus URL
• Repository name (new-repo)
• Group ID, Artifact ID, Version(You can find in the pom.xml file)
• Path to WAR file
Click Generate Pipeline Script and add it to your Jenkinsfile
stage("Nexus") {
nexusArtifactUploader artifacts: [[
artifactId: 'myweb',
classifier: '',
file: 'target/myweb-8.6.9.war',
type: 'war'
]],
credentialsId: 'nexus',
groupId: 'in.javahome',
nexusUrl: '34.229.123.124:8081',
nexusVersion: 'nexus3',
protocol: 'http',
repository: 'bhavya-repo',
version: '8.6.9'
}
AFTER SUCESSFULL BIULD YOU CAN SEE THE WAR FILES UPLOADED IN NEXUS
STAGE-5 : DEPLOY THE APPLICATION INTO TOMCAT WEB SERVER:
(Put your pem file privte key)
#!/bin/bash
# Move Tomcat folder to ec2-user home
mv apache-tomcat-9.0.104 /home/ec2-user/
# Change ownership to ec2-user
chown ec2-user:ec2-user /home/ec2-user/apache-tomcat-9.0.104 -R
# Switch to tomcat directory
cd /home/ec2-user/apache-tomcat-9.0.104/bin
# Stop Tomcat if running
./shutdown.sh
# Start Tomcat
./startup.sh
# Navigate to webapps folder
cd ../webapps
pwd
stage("Deployment") {
sshagent(['8bce0b0e-c5db-4aac-bf07-4831ca13a760']) {
sh 'scp -o StrictHostKeyChecking=no target/*.war ec2-user@52.23.240.218:/home/ec2-user/apache-tomcat-9.0.104/webapps/'
}
}
AFTER SUCCESSFULL BUILD YOU CAN SEE YOUR WAR FILED DEPLOYED INTO TOMCAT SERVER
CLICK ON YOUR WAR FILE TO VIEW YOUR APPLICATION
Final Pipeline Flow Summary
From Code to Deployment:
Developer pushes code to Git
Jenkins job triggers → SonarQube analysis
Maven builds code → Nexus stores WAR file
Jenkins deploys to Tomcat → Application is live
✅ What I Learned
How each DevOps tool works in real-world projects.
Jenkins integration with multiple tools for continuous integration and delivery.
Managing AWS instances and implementing security best practices.
Debugging and automating deployment steps to enhance workflow efficiency.
CONNECT WITH ME ON LINKEDIN TO LEARN AND GROW TOGETHER
Subscribe to my newsletter
Read articles from SURYANSH GUPTA directly inside your inbox. Subscribe to the newsletter, and don't miss out.
Written by