DEV Community: SWAPNIL UPPIN The latest articles on DEV Community by SWAPNIL UPPIN (@swapnil_uppin_3c823bdc459). https://dev.to/swapnil_uppin_3c823bdc459 https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F2641846%2F2eec9418-65ed-406e-9874-eec5145ce3b9.jpg DEV Community: SWAPNIL UPPIN https://dev.to/swapnil_uppin_3c823bdc459 en Building a CI/CD Pipeline with Docker, Jenkins, and AWS EC2 SWAPNIL UPPIN Mon, 23 Mar 2026 02:57:25 +0000 https://dev.to/swapnil_uppin_3c823bdc459/building-a-cicd-pipeline-with-docker-jenkins-and-aws-ec2-2flp https://dev.to/swapnil_uppin_3c823bdc459/building-a-cicd-pipeline-with-docker-jenkins-and-aws-ec2-2flp <p><strong>Introduction:</strong></p> <p>In modern DevOps workflows, Continuous Integration and Continuous Deployment (CI/CD) pipelines help teams deliver software faster and more reliably.</p> <p>In this project, I built a complete CI/CD pipeline that automatically deploys a Dockerized Python application to an AWS EC2 instance using Jenkins.</p> <p>The goal was to simulate a real-world deployment pipeline where code changes trigger automatic builds, tests, and deployments.</p> <p><strong>Architecture Overview:</strong></p> <p>The pipeline works as follows:</p> <p>Developer → GitHub → Jenkins Pipeline → Docker Build → DockerHub → AWS EC2 → Nginx Reverse Proxy → Application Containers</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fjr49zgqmmfadttfwnhvw.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fjr49zgqmmfadttfwnhvw.png" alt=" " width="800" height="595"></a></p> <p><strong>Application Setup:</strong></p> <p>We will be using a simple Python Flask application that returns the message 'Hello from CI/CD auto-deploy!', along with a requirements.txt file for managing dependencies and a test_app.py file for running test cases.</p> <p>app.py:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="kn">from</span> <span class="n">flask</span> <span class="kn">import</span> <span class="n">Flask</span><span class="p">,</span> <span class="n">jsonify</span> <span class="kn">import</span> <span class="n">socket</span> <span class="kn">import</span> <span class="n">os</span> <span class="n">app</span> <span class="o">=</span> <span class="nc">Flask</span><span class="p">(</span><span class="n">__name__</span><span class="p">)</span> <span class="nd">@app.get</span><span class="p">(</span><span class="sh">"</span><span class="s">/health</span><span class="sh">"</span><span class="p">)</span> <span class="k">def</span> <span class="nf">health</span><span class="p">():</span> <span class="k">return</span> <span class="nf">jsonify</span><span class="p">(</span><span class="n">status</span><span class="o">=</span><span class="sh">"</span><span class="s">ok</span><span class="sh">"</span><span class="p">)</span> <span class="nd">@app.get</span><span class="p">(</span><span class="sh">"</span><span class="s">/</span><span class="sh">"</span><span class="p">)</span> <span class="k">def</span> <span class="nf">index</span><span class="p">():</span> <span class="k">return</span> <span class="nf">jsonify</span><span class="p">(</span> <span class="n">message</span><span class="o">=</span><span class="sh">"</span><span class="s">Hello from CI/CD auto-deploy!</span><span class="sh">"</span><span class="p">,</span> <span class="n">hostname</span><span class="o">=</span><span class="n">socket</span><span class="p">.</span><span class="nf">gethostname</span><span class="p">(),</span> <span class="n">version</span><span class="o">=</span><span class="n">os</span><span class="p">.</span><span class="nf">getenv</span><span class="p">(</span><span class="sh">"</span><span class="s">APP_VERSION</span><span class="sh">"</span><span class="p">,</span> <span class="sh">"</span><span class="s">dev</span><span class="sh">"</span><span class="p">),</span> <span class="p">)</span> <span class="k">if</span> <span class="n">__name__</span> <span class="o">==</span> <span class="sh">"</span><span class="s">__main__</span><span class="sh">"</span><span class="p">:</span> <span class="n">app</span><span class="p">.</span><span class="nf">run</span><span class="p">(</span><span class="n">host</span><span class="o">=</span><span class="sh">"</span><span class="s">0.0.0.0</span><span class="sh">"</span><span class="p">,</span><span class="n">port</span><span class="o">=</span><span class="mi">5000</span><span class="p">)</span> </code></pre> </div> <p>requirements.txt:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight properties"><code><span class="py">flask</span><span class="p">=</span><span class="s">=3.0.3</span> <span class="py">gunicorn</span><span class="p">=</span><span class="s">=22.0.0</span> <span class="py">pytest</span><span class="p">=</span><span class="s">=8.2.2</span> </code></pre> </div> <p>test_app.py:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="kn">import</span> <span class="n">sys</span> <span class="kn">import</span> <span class="n">os</span> <span class="c1"># Add the app directory to Python path </span><span class="n">sys</span><span class="p">.</span><span class="n">path</span><span class="p">.</span><span class="nf">insert</span><span class="p">(</span><span class="mi">0</span><span class="p">,</span> <span class="n">os</span><span class="p">.</span><span class="n">path</span><span class="p">.</span><span class="nf">dirname</span><span class="p">(</span><span class="n">os</span><span class="p">.</span><span class="n">path</span><span class="p">.</span><span class="nf">dirname</span><span class="p">(</span><span class="n">os</span><span class="p">.</span><span class="n">path</span><span class="p">.</span><span class="nf">abspath</span><span class="p">(</span><span class="n">__file__</span><span class="p">))))</span> <span class="kn">from</span> <span class="n">app</span> <span class="kn">import</span> <span class="n">app</span> <span class="k">def</span> <span class="nf">test_health</span><span class="p">():</span> <span class="n">client</span> <span class="o">=</span> <span class="n">app</span><span class="p">.</span><span class="nf">test_client</span><span class="p">()</span> <span class="n">r</span> <span class="o">=</span> <span class="n">client</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="sh">"</span><span class="s">/health</span><span class="sh">"</span><span class="p">)</span> <span class="k">assert</span> <span class="n">r</span><span class="p">.</span><span class="n">status_code</span> <span class="o">==</span> <span class="mi">200</span> <span class="k">assert</span> <span class="n">r</span><span class="p">.</span><span class="n">json</span><span class="p">[</span><span class="sh">"</span><span class="s">status</span><span class="sh">"</span><span class="p">]</span> <span class="o">==</span> <span class="sh">"</span><span class="s">ok</span><span class="sh">"</span> </code></pre> </div> <p><strong>Dockerizing the Application:</strong></p> <p>Create a Dockerfile to containerize the application using python:3.12-slim as the base image. The application listens on port 5000, and the CMD instruction starts the Gunicorn server with 2 workers, binding it to port 5000 and serving the app object from the app module. </p> <p>Dockerfile:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight docker"><code><span class="k">FROM</span><span class="s"> python:3.12-slim</span> <span class="k">WORKDIR</span><span class="s"> /app</span> <span class="k">COPY</span><span class="s"> app/requirements.txt /app/requirements.txt</span> <span class="k">RUN </span>pip <span class="nb">install</span> <span class="nt">--no-cache-dir</span> <span class="nt">-r</span> requirements.txt <span class="k">COPY</span><span class="s"> app /app</span> <span class="k">ENV</span><span class="s"> PYTHONUNBUFFERED=1</span> <span class="k">EXPOSE</span><span class="s"> 5000</span> <span class="k">CMD</span><span class="s"> ["gunicorn", "-w", "2", "-b", "0.0.0.0:5000", "app:app"]</span> </code></pre> </div> <p><strong>Reverse Proxy Configuration:</strong></p> <p>Below is the configuration for Nginx which acts reverse proxy and Routes user traffic to the correct container. it routes the incoming traffic to either the Blue (port 8081) or Green (port 8082) container, enabling zero-downtime deployments by simply switching the proxy_pass target between the two live environments.</p> <p>nginx.conf:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight nginx"><code><span class="k">events</span><span class="p">{}</span> <span class="k">http</span><span class="p">{</span> <span class="kn">server</span><span class="p">{</span> <span class="kn">listen</span> <span class="mi">80</span><span class="p">;</span> <span class="kn">location</span> <span class="n">/</span> <span class="p">{</span> <span class="kn">proxy_set_header</span> <span class="s">Host</span> <span class="nv">$host</span><span class="p">;</span> <span class="kn">proxy_set_header</span> <span class="s">X-Forwarded-For</span> <span class="nv">$proxy_add_x_forwarded_for</span><span class="p">;</span> <span class="c1"># default (blue). deploy script will switch to 127.0.0.1:8082 for green</span> <span class="kn">proxy_pass</span> <span class="s">http://127.0.0.1:8081</span><span class="p">;</span> <span class="p">}</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p><strong>scripts:</strong></p> <p><u>ec2_bootstrap.sh:</u></p> <p>This is a setup script that runs on EC2 instance to install Docker and Docker Compose, and configure the necessary permissions.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="c">#!/usr/bin/env bash</span> <span class="nb">set</span> <span class="nt">-euo</span> pipefail <span class="nb">sudo </span>apt-get update <span class="nt">-y</span> <span class="nb">sudo </span>apt-get <span class="nb">install</span> <span class="nt">-y</span> ca-certificates curl gnupg lsb-release <span class="nb">sudo install</span> <span class="nt">-m</span> 0755 <span class="nt">-d</span> /etc/apt/keyrings curl <span class="nt">-fsSL</span> https://download.docker.com/linux/ubuntu/gpg | <span class="nb">sudo </span>gpg <span class="nt">--dearmor</span> <span class="nt">-o</span> /etc/apt/keyrings/docker.gpg <span class="nb">sudo chmod </span>a+r /etc/apt/keyrings/docker.gpg <span class="nb">echo</span> <span class="se">\</span> <span class="s2">"deb [arch=</span><span class="si">$(</span>dpkg <span class="nt">--print-architecture</span><span class="si">)</span><span class="s2"> signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu </span><span class="se">\</span><span class="s2"> </span><span class="si">$(</span><span class="nb">.</span> /etc/os-release <span class="o">&amp;&amp;</span> <span class="nb">echo</span> <span class="s2">"</span><span class="nv">$VERSION_CODENAME</span><span class="s2">"</span><span class="si">)</span><span class="s2"> stable"</span> | <span class="se">\</span> <span class="nb">sudo tee</span> /etc/apt/sources.list.d/docker.list <span class="o">&gt;</span> /dev/null <span class="nb">sudo </span>apt-get update <span class="nt">-y</span> <span class="nb">sudo </span>apt-get <span class="nb">install</span> <span class="nt">-y</span> docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin <span class="nb">sudo </span>usermod <span class="nt">-aG</span> docker <span class="s2">"</span><span class="nv">$USER</span><span class="s2">"</span> </code></pre> </div> <p><u>deploy_bluegreen.sh:</u></p> <p>The deploy_bluegreen.sh script orchestrates the blue/green switch on the EC2 instance. It begins by pulling the latest Docker image and spinning up both the blue and green containers via Docker Compose. It then inspects the active Nginx proxy_pass directive to determine which slot — port 8081 (blue) or 8082 (green) — is currently serving live traffic, and targets the idle slot for the new deployment. A health check loop polls the new slot's /health endpoint up to 10 times, with a 2-second delay between attempts, before proceeding. Once the new slot is confirmed healthy, the script updates the Nginx config with a sed in-place swap and reloads Nginx — making the cutover instant and zero-downtime — then logs the active port to confirm a successful deployment.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="c">#!/usr/bin/env bash</span> <span class="nb">set</span> <span class="nt">-euo</span> pipefail <span class="c"># Expected env vars:</span> <span class="c"># IMAGE_FULL (e.g. docker.io/&lt;user&gt;/cicd-ec2-autodeploy:build-123)</span> <span class="c"># APP_VERSION (e.g. build-123)</span> <span class="nv">APP_DIR</span><span class="o">=</span><span class="s2">"/opt/cicd-ec2-deploy"</span> <span class="nv">NGINX_CONF</span><span class="o">=</span><span class="s2">"</span><span class="k">${</span><span class="nv">APP_DIR</span><span class="k">}</span><span class="s2">/docker/nginx.conf"</span> <span class="nb">mkdir</span> <span class="nt">-p</span> <span class="s2">"</span><span class="k">${</span><span class="nv">APP_DIR</span><span class="k">}</span><span class="s2">"</span> <span class="nb">cd</span> <span class="s2">"</span><span class="k">${</span><span class="nv">APP_DIR</span><span class="k">}</span><span class="s2">"</span> <span class="c"># If first time: put repo runtime files here</span> <span class="c"># You can git clone on EC2 OR Jenkins will scp needed files. We keep it simple:</span> <span class="c"># We assume docker-compose.ec2.yml and docker/nginx.conf exist in APP_DIR.</span> <span class="k">if</span> <span class="o">[[</span> <span class="o">!</span> <span class="nt">-f</span> docker-compose.ec2.yml <span class="o">]]</span><span class="p">;</span> <span class="k">then </span><span class="nb">echo</span> <span class="s2">"ERROR: docker-compose.ec2.yml not found in </span><span class="k">${</span><span class="nv">APP_DIR</span><span class="k">}</span><span class="s2">"</span> <span class="nb">exit </span>1 <span class="k">fi </span><span class="nb">echo</span> <span class="s2">"Pulling image: </span><span class="k">${</span><span class="nv">IMAGE_FULL</span><span class="k">}</span><span class="s2">"</span> <span class="nb">sudo </span>docker pull <span class="s2">"</span><span class="k">${</span><span class="nv">IMAGE_FULL</span><span class="k">}</span><span class="s2">"</span> <span class="c"># Pass vars explicitly to docker compose</span> <span class="nb">sudo </span><span class="nv">IMAGE_FULL</span><span class="o">=</span><span class="s2">"</span><span class="k">${</span><span class="nv">IMAGE_FULL</span><span class="k">}</span><span class="s2">"</span> <span class="nv">APP_VERSION</span><span class="o">=</span><span class="s2">"</span><span class="k">${</span><span class="nv">APP_VERSION</span><span class="k">}</span><span class="s2">"</span> <span class="se">\</span> docker compose <span class="nt">-f</span> docker-compose.ec2.yml up <span class="nt">-d</span> <span class="c"># Determine currently active upstream in nginx.conf</span> <span class="nv">ACTIVE_UPSTREAM</span><span class="o">=</span><span class="s2">"</span><span class="si">$(</span><span class="nb">grep</span> <span class="nt">-E</span> <span class="s1">'proxy_pass http://127\.0\.0\.1:808[12];'</span> <span class="nt">-o</span> <span class="s2">"</span><span class="k">${</span><span class="nv">NGINX_CONF</span><span class="k">}</span><span class="s2">"</span> | <span class="nb">tail</span> <span class="nt">-n</span> 1 <span class="o">||</span> <span class="nb">true</span><span class="si">)</span><span class="s2">"</span> <span class="k">if</span> <span class="o">[[</span> <span class="s2">"</span><span class="k">${</span><span class="nv">ACTIVE_UPSTREAM</span><span class="k">}</span><span class="s2"> == *"</span>8081<span class="s2">"*"</span> <span class="o">]]</span><span class="p">;</span> <span class="k">then </span><span class="nv">NEW_PORT</span><span class="o">=</span><span class="s2">"8082"</span> <span class="nv">NEW_SLOT</span><span class="o">=</span><span class="s2">"green"</span> <span class="k">else </span><span class="nv">NEW_PORT</span><span class="o">=</span><span class="s2">"8081"</span> <span class="nv">NEW_SLOT</span><span class="o">=</span><span class="s2">"blue"</span> <span class="k">fi </span><span class="nb">echo</span> <span class="s2">"Switching traffic to </span><span class="k">${</span><span class="nv">NEW_SLOT</span><span class="k">}</span><span class="s2"> (port </span><span class="k">${</span><span class="nv">NEW_PORT</span><span class="k">}</span><span class="s2">)"</span> <span class="c"># Basic health check loop in new slot</span> <span class="k">for </span>i <span class="k">in</span> <span class="o">{</span>1..10<span class="o">}</span><span class="p">;</span> <span class="k">do if </span>curl <span class="nt">-fss</span> <span class="s2">"http://127.0.0.1:</span><span class="k">${</span><span class="nv">NEW_PORT</span><span class="k">}</span><span class="s2">/health"</span> <span class="o">&gt;</span>/dev/null<span class="p">;</span> <span class="k">then </span><span class="nb">echo</span> <span class="s2">"New slot healthy"</span> <span class="nb">break </span><span class="k">fi </span><span class="nb">echo</span> <span class="s2">"waiting for new slot health... </span><span class="k">${</span><span class="nv">i</span><span class="k">}</span><span class="s2">/10"</span> <span class="nb">sleep </span>2 <span class="k">if</span> <span class="o">[[</span> <span class="nv">$i</span> <span class="nt">-eq</span> 20 <span class="o">]]</span><span class="p">;</span> <span class="k">then </span><span class="nb">echo</span> <span class="s2">"ERROR: New slot did not become healthy"</span> <span class="nb">exit </span>1 <span class="k">fi done</span> <span class="c"># Swap nginx upstream and reload</span> <span class="nb">sudo sed</span> <span class="nt">-i</span> <span class="s2">"s#proxy_pass http://127.0.0.1:808[12];#proxy_pass http://127.0.0.1:</span><span class="k">${</span><span class="nv">NEW_PORT</span><span class="k">}</span><span class="s2">;#g"</span> <span class="s2">"</span><span class="k">${</span><span class="nv">NGINX_CONF</span><span class="k">}</span><span class="s2">"</span> <span class="nb">sudo </span>docker <span class="nb">exec </span>nginx nginx <span class="nt">-s</span> reload <span class="nb">echo</span> <span class="s2">"Deploy complete. Live traffic now on port </span><span class="k">${</span><span class="nv">NEW_PORT</span><span class="k">}</span><span class="s2"> via Nginx:80"</span> </code></pre> </div> <p><strong>Docker Compose Configuration:</strong></p> <p>The Docker Compose file defines three services: Nginx acts as a reverse proxy, listening on port 80 and routing traffic using a custom nginx.conf mounted as a read-only volume; app_blue runs the application container on host port 8081; and app_green runs an identical instance on host port 8082. Both the blue and green containers use the same versioned image — injected via the IMAGE_FULL environment variable — and receive an APP_VERSION variable at runtime, making it easy to verify which build is actively serving traffic at any given time.</p> <p>docker-compose.ec2.yml:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="na">services</span><span class="pi">:</span> <span class="na">nginx</span><span class="pi">:</span> <span class="na">image</span><span class="pi">:</span> <span class="s">nginx:1.27-alpine</span> <span class="na">container_name</span><span class="pi">:</span> <span class="s">nginx</span> <span class="na">ports</span><span class="pi">:</span> <span class="pi">-</span> <span class="s2">"</span><span class="s">80:80"</span> <span class="na">volumes</span><span class="pi">:</span> <span class="pi">-</span> <span class="s">./docker/nginx.conf:/etc/nginx/nginx.conf:ro</span> <span class="na">depends_on</span><span class="pi">:</span> <span class="pi">-</span> <span class="s">app_blue</span> <span class="pi">-</span> <span class="s">app_green</span> <span class="na">restart</span><span class="pi">:</span> <span class="s">always</span> <span class="c1"># Blue app (port 8081 on host)</span> <span class="na">app_blue</span><span class="pi">:</span> <span class="na">image</span><span class="pi">:</span> <span class="s">${IMAGE_FULL}</span> <span class="na">container_name</span><span class="pi">:</span> <span class="s">app_blue</span> <span class="na">environment</span><span class="pi">:</span> <span class="pi">-</span> <span class="s">APP_VERSION=${APP_VERSION}</span> <span class="na">ports</span><span class="pi">:</span> <span class="pi">-</span> <span class="s2">"</span><span class="s">8081:5000"</span> <span class="na">restart</span><span class="pi">:</span> <span class="s">always</span> <span class="c1"># Green app(port 8082 on host)</span> <span class="na">app_green</span><span class="pi">:</span> <span class="na">image</span><span class="pi">:</span> <span class="s">${IMAGE_FULL}</span> <span class="na">container_name</span><span class="pi">:</span> <span class="s">app_green</span> <span class="na">environment</span><span class="pi">:</span> <span class="pi">-</span> <span class="s">APP_VERSION=${APP_VERSION}</span> <span class="na">ports</span><span class="pi">:</span> <span class="pi">-</span> <span class="s2">"</span><span class="s">8082:5000"</span> <span class="na">restart</span><span class="pi">:</span> <span class="s">always</span> </code></pre> </div> <p><strong>CI/CD Pipeline:</strong></p> <p>This pipeline automates the full CI/CD lifecycle and is divided into five stages: Checkout SCM pulls the latest code from source control; Test sets up a Python virtual environment and runs pytest against the application; Build Docker Image builds a versioned Docker image tagged with the Jenkins build number; Docker Push authenticates with DockerHub and pushes the built image to the registry; and finally, Deploy to EC2 (Blue/Green) securely connects to the EC2 instance over SSH, transfers the necessary configuration files — including the Docker Compose file, Nginx config, and blue/green deployment script — and executes the deployment. A post block ensures Docker is logged out and any sensitive files are cleaned up after every run, regardless of the build outcome.</p> <p>Jenkinsfile:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight groovy"><code><span class="n">pipeline</span><span class="o">{</span> <span class="n">agent</span> <span class="n">any</span> <span class="n">environment</span><span class="o">{</span> <span class="n">APP_NAME</span> <span class="o">=</span> <span class="s1">'cicd-ec2-deploy'</span> <span class="n">DOCKERHUB_REPO</span> <span class="o">=</span> <span class="s2">"${env.DOCKERHUB_REPO}"</span> <span class="c1">// set in Jenkins job config</span> <span class="n">IMAGE_TAG</span> <span class="o">=</span> <span class="s2">"build-${env.BUILD_NUMBER}"</span> <span class="n">IMAGE_FULL</span> <span class="o">=</span> <span class="s2">"${DOCKERHUB_REPO}:${IMAGE_TAG}"</span> <span class="n">EC2_HOST</span> <span class="o">=</span> <span class="s2">"${env.EC2_HOST}"</span> <span class="c1">// set in Jenkins job config</span> <span class="n">EC2_USER</span> <span class="o">=</span> <span class="s2">"${env.EC2_USER}"</span> <span class="c1">// set in Jenkins job config (ubuntu)</span> <span class="o">}</span> <span class="n">stages</span><span class="o">{</span> <span class="n">stage</span><span class="o">(</span><span class="s2">"checkout scm"</span><span class="o">){</span> <span class="n">steps</span><span class="o">{</span> <span class="n">checkout</span> <span class="n">scm</span> <span class="o">}</span> <span class="o">}</span> <span class="n">stage</span><span class="o">(</span><span class="s2">"Test"</span><span class="o">){</span> <span class="n">steps</span> <span class="o">{</span> <span class="n">bat</span> <span class="s1">''' python -m venv .venv call .venv/Scripts/activate.bat pip install -r cicd-ec2-autodeploy/app/requirements.txt --quiet python -m pytest cicd-ec2-autodeploy/app -q '''</span> <span class="o">}</span> <span class="o">}</span> <span class="n">stage</span><span class="o">(</span><span class="s2">"Build Docker image"</span><span class="o">){</span> <span class="n">steps</span><span class="o">{</span> <span class="n">bat</span> <span class="s1">''' docker build -t %IMAGE_FULL% -f cicd-ec2-autodeploy/docker/Dockerfile . '''</span> <span class="o">}</span> <span class="o">}</span> <span class="n">stage</span><span class="o">(</span><span class="s2">"docker push image"</span><span class="o">){</span> <span class="n">steps</span><span class="o">{</span> <span class="n">withCredentials</span><span class="o">([</span><span class="n">usernamePassword</span><span class="o">(</span><span class="nl">credentialsId:</span> <span class="s1">'dockerhub'</span><span class="o">,</span> <span class="nl">usernameVariable:</span> <span class="s1">'DOCKER_USER'</span><span class="o">,</span> <span class="nl">passwordVariable:</span> <span class="s1">'DOCKER_PASS'</span><span class="o">)]){</span> <span class="n">sh</span> <span class="s1">''' echo "${DOCKER_PASS}" | docker login -u "${DOCKER_USER}" --password-stdin docker push ${IMAGE_FULL} '''</span> <span class="o">}</span> <span class="o">}</span> <span class="o">}</span> <span class="n">stage</span><span class="o">(</span><span class="s2">"Deploy to EC2 (Blue/Green)"</span><span class="o">)</span> <span class="o">{</span> <span class="n">steps</span> <span class="o">{</span> <span class="n">withCredentials</span><span class="o">([</span><span class="n">file</span><span class="o">(</span><span class="nl">credentialsId:</span> <span class="s1">'ec2-ssh-key-file'</span><span class="o">,</span> <span class="nl">variable:</span> <span class="s1">'SSH_KEY_FILE'</span><span class="o">)])</span> <span class="o">{</span> <span class="c1">// Windows Jenkins runs bat with %VAR% for local ssh/scp commands</span> <span class="n">bat</span> <span class="s2">""" icacls %SSH_KEY_FILE% /inheritance:r icacls %SSH_KEY_FILE% /grant:r "%USERNAME%:R" icacls %SSH_KEY_FILE% /remove "BUILTIN\\Users" icacls %SSH_KEY_FILE% /remove "Everyone" icacls %SSH_KEY_FILE% /grant:r "SYSTEM:F" icacls %SSH_KEY_FILE% /grant:r "BUILTIN\\Administrators:F" ssh -o StrictHostKeyChecking=no -i %SSH_KEY_FILE% ^ %EC2_USER%@%EC2_HOST% ^ "sudo mkdir -p /opt/%APP_NAME%/docker /opt/%APP_NAME%/scripts" scp -o StrictHostKeyChecking=no -i %SSH_KEY_FILE% ^ cicd-ec2-autodeploy/docker-compose.ec2.yml ^ %EC2_USER%@%EC2_HOST%:/tmp/docker-compose.ec2.yml scp -o StrictHostKeyChecking=no -i %SSH_KEY_FILE% ^ cicd-ec2-autodeploy/docker/nginx.conf ^ %EC2_USER%@%EC2_HOST%:/tmp/nginx.conf scp -o StrictHostKeyChecking=no -i %SSH_KEY_FILE% ^ cicd-ec2-autodeploy/scripts/deploy_bluegreen.sh ^ %EC2_USER%@%EC2_HOST%:/tmp/deploy_bluegreen.sh ssh -o StrictHostKeyChecking=no -i %SSH_KEY_FILE% ^ %EC2_USER%@%EC2_HOST% ^ "set -e &amp;&amp; sudo apt-get install -y dos2unix -qq &amp;&amp; sudo mv /tmp/docker-compose.ec2.yml /opt/%APP_NAME%/docker-compose.ec2.yml &amp;&amp; sudo mv /tmp/nginx.conf /opt/%APP_NAME%/docker/nginx.conf &amp;&amp; sudo mv /tmp/deploy_bluegreen.sh /opt/%APP_NAME%/scripts/deploy_bluegreen.sh &amp;&amp; sudo dos2unix /opt/%APP_NAME%/scripts/deploy_bluegreen.sh &amp;&amp; sudo chmod +x /opt/%APP_NAME%/scripts/deploy_bluegreen.sh &amp;&amp; sudo IMAGE_FULL=%IMAGE_FULL% APP_VERSION=%IMAGE_TAG% /opt/%APP_NAME%/scripts/deploy_bluegreen.sh" """</span> <span class="o">}</span> <span class="o">}</span> <span class="o">}</span> <span class="o">}</span> <span class="n">post</span><span class="o">{</span> <span class="n">always</span><span class="o">{</span> <span class="n">sh</span> <span class="s2">"docker logout || true"</span> <span class="n">sh</span> <span class="s2">"rm -rf .env || true"</span> <span class="o">}</span> <span class="o">}</span> <span class="o">}</span> </code></pre> </div> <p><strong>step by step execution:</strong></p> <p><u>Step 1 — Create an EC2 Instance:</u></p> <p>Create an EC2 instance in the AWS Console using the following configuration:</p> <ul> <li>Instance Type: t2.micro (Free Tier eligible)</li> <li>AMI: Ubuntu 22.04 (Free Tier eligible)</li> <li>Security Group Inbound Ports: 22, 80, 8081, and 8082</li> <li>Storage: 8 GB gp2 EBS volume</li> </ul> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F4yzlulss5sbysne8dtk6.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F4yzlulss5sbysne8dtk6.png" alt=" " width="800" height="350"></a></p> <p><u>Step 2 — Create a Jenkins Pipeline Job:</u></p> <p>In Jenkins, create a new job and select Pipeline as the project type.</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fu7lmu35g64easndnd2lp.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fu7lmu35g64easndnd2lp.png" alt=" " width="800" height="375"></a></p> <p>In the Pipeline section, select Git as the SCM and enter your repository URL.</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Ffnv439nzsjtmkx719c27.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Ffnv439nzsjtmkx719c27.png" alt=" " width="800" height="400"></a></p> <p>Under Branches to Build, set the Branch Specifier to */main and set the Script Path to cicd-ec2-autodeploy/Jenkinsfile.</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fezepnynn06j6wosdzdym.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fezepnynn06j6wosdzdym.png" alt=" " width="800" height="384"></a></p> <p>Navigate to Configure → Build Environment → This project is parameterized and add the following as string parameters, matching the environment variables referenced in the Jenkinsfile:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>Parameter Description DOCKERHUB_REPO Your DockerHub repository EC2_HOST Public IP or DNS of your EC2 instance EC2_USER SSH login user (e.g. ubuntu) </code></pre> </div> <p><u>Step 3 — Generate SSH Keys on EC2 and Add to Jenkins:</u></p> <p>SSH into your EC2 instance and generate an RSA key pair:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>ssh-keygen <span class="nt">-t</span> rsa <span class="nt">-b</span> 4096 <span class="nt">-f</span> ~/.ssh/id_rsa <span class="nt">-N</span> <span class="s2">""</span> <span class="nt">-m</span> PEM </code></pre> </div> <p>This produces two files — id_rsa (private key) and id_rsa.pub (public key). Register the public key as an authorized key on the instance:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="nb">mkdir</span> <span class="nt">-p</span> ~/.ssh <span class="nb">cat </span>id_rsa.pub <span class="o">&gt;&gt;</span> ~/.ssh/authorized_keys <span class="nb">chmod </span>700 ~/.ssh <span class="nb">chmod </span>600 ~/.ssh/id_rsa <span class="nb">chmod </span>600 ~/.ssh/authorized_keys </code></pre> </div> <p>On your <strong>Windows machine</strong>, open Notepad and paste the private key in the following format:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>-----BEGIN RSA PRIVATE KEY----- &lt;your key content&gt; -----END RSA PRIVATE KEY----- </code></pre> </div> <p>Save the file as id_rsa.pem and ensure the following:</p> <p>No extra blank lines at the top or bottom<br> No extra spaces anywhere in the file<br> File encoding is UTF-8 (not UTF-8 BOM)</p> <p>Now upload the key to Jenkins by navigating to Manage Jenkins → Credentials → System → Global Credentials and adding a new credential with the following settings:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>Field Value Kind Secret file ID ec2-ssh-key-file File Upload id_rsa.pem </code></pre> </div> <p><u>Step 4 — Bootstrap the EC2 Instance:</u></p> <p>Clone the repository onto your EC2 instance, or manually copy and paste the ec2-bootstrap.sh script into it, then run the script to install Docker and Docker Compose and configure the necessary permissions.<br> Once the installation is complete, verify that Docker is installed and running:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>systemctl status docker </code></pre> </div> <p><u>Step 5 — Run the Jenkins Job</u></p> <p>Trigger the Jenkins job by selecting Build with Parameters and allow the job to run through all the stages defined in the Jenkinsfile. Monitor the Console Output to track the progress of each stage as it executes.<br> If any stage encounters an error, the job will mark the build as Failed and the console output will indicate exactly where the failure occurred. If all stages complete without issues, the job will mark the build as Success. </p> <p><strong>Deployment Result:</strong></p> <p>Once the Jenkins job completes successfully, the application will be deployed on the EC2 instance as two running Docker containers — app_blue on port 8081 and app_green on port 8082. Nginx listens on port 80 and routes all live traffic to one active slot at a time, switching to the idle slot on each new deployment. You can access the application either through Nginx on port 80, or directly on port 8081 or 8082 via the EC2 instance's public IP in your browser, as shown below:</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fd41tc6h7qpcm8srt1r4h.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fd41tc6h7qpcm8srt1r4h.png" alt=" " width="800" height="108"></a></p> <p><u>Clean up:</u></p> <p>After the completion of the project delete your EC2 instance. The purpose of deleting the EC2 instance is to release the compute resources and avoid unnecessary costs associated with running and maintaining the instance</p> <p>In conclusion,This project demonstrates how a fully automated CI/CD pipeline can be built from scratch using Jenkins, Docker, and a simple Bash script — without relying on any cloud-native deployment services. Every push to the repository triggers a clean build, test, containerization, and a zero-downtime blue/green deployment to a live EC2 instance, all within a single pipeline run.</p> <p><strong>About the Repo</strong></p> <p>The full source code for this project is available on GitHub, including the Jenkinsfile, Dockerfile, Docker Compose configuration, Nginx config, blue/green deployment script, and the EC2 bootstrap script. The repository is structured to be straightforward to clone and adapt to your own use case — swap in your DockerHub credentials, point it at your EC2 instance, and the pipeline handles the rest.</p> <p>🔗 GitHub: <a href="https://github.com/sloppygiant82/EC2-CICD-DEPLOY/tree/main/cicd-ec2-autodeploy" rel="noopener noreferrer">EC2-CICD-DEPLOY</a></p> <p>Thank you for reading this article, and we hope it has provided valuable insights into deploying applications on cloud platforms.</p> cicd docker jenkins aws