Architecture
Glossary
- CI/CD/CT: Continuous Integration / Continuous Deployment / Continuous Testing
AWS Blu age RTS: AWS Blu Age Regression Testing Snapshots
AWS Mainframe Modernization (Blu Age engine)
AWS Mainframe Modernization is an AWS service allowing to migrate and modernize on-premises mainframe applications to a cloud native fully-managed runtime environment. The service can migrate legacy programming languages such as Cobol, IBM RPG and others to Java. However, this code migration is not 100% efficient yet, that means, project teams need to correct, improve, and test the generated code to get back to the prior behavior of the non-migrated application.
What is the purpose of the AWS Blu Age DevOps Pipelines project?
AWS Blu Age DevOps Pipelines is a tool tailored for delivery teams, aimed at ensuring high-quality deliverables and achieving functional equivalence in modernization projects by providing an additional development environment layer to existing infrastructure. It enables all team members to automate building, analyzing, and testing modernized projects. The application is built and deployed, making it visible and ready for interaction. Analysis is conducted using tools such as AWS Blu Age Compare Tool, AWS Blu Age Data Migrator and other market-approved solutions. Finally, tests are run concurrently for rapid execution, leveraging scale-out capabilities, with resources promptly released afterward to avoid unnecessary utilization, ensuring a frugal approach.
As the way we automate most of the modernized projects are quite similar, the main idea of AWS Blu Age DevOps Pipelines is to provide a common automated environment for developers of the project teams. These tools are deployed on client accounts using CDK scripts and allows developers to get started quickly on a new project. AWS Blu Age DevOps Pipelines is made up of 2 principal parts:- The building pipeline: these pipelines compile, generate a Docker container image of the application, and deploy it on ECS.
The testing pipeline: these pipelines mainly run multiple types of tests such as Selenium, Playwright or Groovy.
General architecture
The architecture presented below relies on AWS services, uses VPC endpoints, and does not add any firewall rules on the client or Isengard account.
Building pipeline
The building pipeline architectural diagram is described here → Building Pipeline Architectural Diagram
Testing pipeline
The testing pipeline architectural diagram is described here → Testing Pipeline Architectural Diagram
Other pipelines
The architectural diagram of the other pipelines is described here → Other Pipeline Architectural Diagrams
Workflow Charts
Building pipeline
The building pipeline workflow is described here → Building Pipeline Flow Chart
Testing pipeline
The testing pipeline workflow is described here → Testing Pipeline Flow Chart
References
AWS services used
This section gathers all the AWS services used and the name of the object created.
CodeArtifact
- Domains:
<PROJECT_NAME>
- Repositories:
codeartifact-appmaven-central-storenpm-storeGitlab
- Repositories:
gitlab-<PROJECT_NAME>-modern-applicationgitlab-<PROJECT_NAME>-test-casesgitlab-<PROJECT_NAME>-servergitlab-devopsCodeBuild
- Projects:
codebuild-appcodebuild-pre-jenkinscodebuild-jenkinscodebuild-docker-image-builderCodeDeploy
- Applications:
codedeploy-application-jenkins
- Deployment groups:
codedeploy-dg-jenkinsCodePipeline
- Pipelines:
codepipeline-app-intcodepipeline-app-uatcodepipeline-jenkinscodepipeline-docker-image-builderEventBridge
- Rules
eventbridge-rule-triggers-codepipeline-app-inteventbridge-rule-triggers-codepipeline-app-uateventbridge-rule-triggers-codepipeline-appeventbridge-rule-triggers-codepipeline-jenkinseventbridge-rule-triggers-lambda-slack-notificationseventbridge-schedule-codepipeline-jenkinsCloudWatch
- Log groups:
/ecs/app-int/ecs/app-uat/ecs/jenkins-node/ecs/selenium-hub/ecs/chrome-node/jenkins/jobsLambda
- Functions:
lambda-building-pipeline-slack-notificationslambda-s3-triggers-building-pipelineslambda-jenkins-job-finalizerEC2
- Instances:
ecs-eu-west-3a-app-intecs-eu-west-3a-app-uatec2-eu-west-3a-efs-test-casesecs-eu-west-3a-sonarqubeecs-eu-west-3a-seleniumecs-eu-west-3a-selenium-chrome-nodeec2-eu-west-3a-jenkinsecs-eu-west-3a-jenkins-nodeecs-eu-west-3c-app-test-casesec2-eu-west-3a-devops-linuxec2-eu-west-3a-devops-windows
- Load Balancers:
ec2-alb-app-intec2-alb-app-uat
- Target groups
ec2-targetgroup-app-intec2-targetgroup-app-uat
- Auto Scaling groups
ec2-asg-app-intec2-asg-app-uatec2-asg-sonarqubeec2-asg-seleniumec2-asg-selenium-chrome-nodesec2-asg-app-test-casesec2-asg-jenkins-nodesECS
- Clusters:
ecs-cluster-app-intecs-cluster-app-uatecs-cluster-sonarqubeecs-cluster-seleniumecs-cluster-selenium-chrome-nodesecs-cluster-jenkins-nodesecs-cluster-app-test-cases
- Task definitions:
ecs-task-app-intecs-task-app-uatecs-task-sonarqubeecs-task-seleniumecs-task-selenium-chrome-nodeecs-task-jenkins-nodeECR
- Repositories:
ecr-app-intecr-app-uatecr-tomcatecr-jenkinsecr-jenkins-nodeecr-sonarqubeecr-postgresecr-selenium-hubecr-chrome-nodeEFS
- File Systems:
efs-test-casesS3
- Buckets:
s3-eu-west-3-app-pipelines-artifacts-<AWS_ACCOUNT_ID>s3-eu-west-3-app-test-cases-<AWS_ACCOUNT_ID>s3-eu-west-3-<PROJECT_NAME>-velocity-<AWS_ACCOUNT_ID>s3-eu-west-3-pipeline-archives-<AWS_ACCOUNT_ID>IAM
- Roles:
iam-role-<AWS_REGION>-appiam-role-<AWS_REGION>-codebuild-appiam-role-<AWS_REGION>-codebuild-docker-image-builderiam-role-<AWS_REGION>-codebuild-jenkinsiam-role-<AWS_REGION>-codebuild-pre-jenkinsiam-role-<AWS_REGION>-codedeploy-dg-jenkinsiam-role-<AWS_REGION>-codepipeline-appiam-role-<AWS_REGION>-codepipeline-docker-image-builderiam-role-<AWS_REGION>-codepipeline-jenkinsiam-role-<AWS_REGION>-ec2-devops-linuxiam-role-<AWS_REGION>-ec2-efs-test-casesiam-role-<AWS_REGION>-ec2-jenkinsiam-role-<AWS_REGION>-ecs-jenkins-nodeiam-role-<AWS_REGION>-ecs-sonarqubeiam-role-<AWS_REGION>-ecs-taskiam-role-<AWS_REGION>-ecs-task-executioniam-role-<AWS_REGION>-ecs-task-jenkins-nodeiam-role-<AWS_REGION>-ecs-test-casesiam-role-<AWS_REGION>-eventbridge-schedule-codepipeline-jenkinsiam-role-<AWS_REGION>-eventbridge-triggers-codepipeline-appiam-role-<AWS_REGION>-eventbridge-triggers-codepipeline-jenkinsiam-role-<AWS_REGION>-lambda-building-pipeline-slack-notificationsiam-role-<AWS_REGION>-lambda-jenkins-job-finalizeriam-role-<AWS_REGION>-lambda-s3-triggers-building-pipelinesiam-role-<AWS_REGION>-seleniumiam-role-<AWS_REGION>-selenium-chrome-node
- Policies:
Coming soon
Security group
- Security groups:
seg-appseg-codebuild-appseg-codebuild-jenkinsseg-lambda-jenkins-job-finalizerseg-ec2-devops-linuxseg-ec2-efs-test-casesseg-ec2-jenkinsseg-ecs-jenkins-nodeseg-ecs-seleniumseg-ecs-selenium-chrome-nodeseg-ecs-sonarqubeseg-ecs-loadbalancer-appseg-efs-test-casesRoute53
- Hosted zone:
bluage.local
- DNS:
app-int.bluage.localapp-uat.bluage.localjenkins.bluage.localselenium.bluage.localsonarqube.bluage.localefs-test-cases.bluage.localSecretsManager
- Secrets:
/jenkins/jenkinsAgent/sonarqube/adminEndpoints used
This section gathers the VPC endpoints used.
- Endpoints:
com.amazonaws.eu-west-3.s3com.amazonaws.eu-west-3.eventscom.amazonaws.eu-west-3.codeartifact.repositoriescom.amazonaws.eu-west-3.codeartifact.apicom.amazonaws.eu-west-3.codecommitcom.amazonaws.eu-west-3.git-codecommitcom.amazonaws.eu-west-3.codebuildcom.amazonaws.eu-west-3.codepipelinecom.amazonaws.eu-west-3.ssmcom.amazonaws.eu-west-3.sqscom.amazonaws.eu-west-3.ecscom.amazonaws.eu-west-3.ecs-agentcom.amazonaws.eu-west-3.codedeploycom.amazonaws.eu-west-3.ec2messagescom.amazonaws.eu-west-3.ecr.dkrcom.amazonaws.eu-west-3.ecr.api
Note: VPC endpoints are not created by AWS Blu Age DevOps Pipeline CDK scripts but by the AWS Blu Age DevOps Setup CDK scripts
Libraries used
This section gathers the libraries used by the pipeline scripts:
- Python-3.9:
Requests-2.31.0Boto3-1.34.50Jinja2-3.1.3xmldiff-2.6.3