Apr 24
Loading video player...
In this video, you will learn how to build a **complete DevSecOps pipeline** from scratch and deploy a real application to Kubernetes β without using managed services like EKS. This project is designed to be **simple, practical, and production-oriented**, helping you understand how modern DevOps workflows actually work in real environments. --- ## π₯ What You Will Learn β Build a simple HTML application (running on port 80) β Set up a full CI/CD pipeline using GitHub Actions β Scan both **Docker images and Kubernetes configs** using Trivy β Deploy directly to an EC2 instance (no EKS) β Use **K3s** as a lightweight Kubernetes cluster β Configure **Traefik** as an Ingress controller β Access your app via public IP π Final result: ``` http://EC2_PUBLIC_IP ``` --- ## 𧩠Project Structure ```bash project4-k8s-security/ βββ app/ # Simple HTML app βββ Dockerfile # Container setup βββ k8s/ # Kubernetes manifests βββ .github/workflows/ # CI/CD pipeline ``` --- ## βοΈ Key Features * π **Security-first approach** (DevSecOps) * π **Fully automated CI/CD pipeline** * βΈοΈ **Kubernetes deployment with K3s** * π **Ingress routing using Traefik** * π **Multi-layer security scanning**: * Kubernetes YAML * Docker Image * Running Cluster --- ## βοΈ Infrastructure Setup * EC2 instance (minimum 1GB RAM) * Open ports: `22, 80, 443, 6443` * Install: * K3s (includes Traefik) * Trivy (security scanner) --- ## π CI/CD Workflow ```text Push Code β Scan YAML β Build Image β Scan Image β Push Image β Deploy to K8s β Verify β Scan Cluster ``` This ensures security is applied at **every stage of the pipeline**. --- ## π§ Why This Project Matters This is not just a demo β it reflects a **real-world DevSecOps workflow**: * Secure your application before deployment * Automate everything with CI/CD * Run Kubernetes without complex infrastructure * Validate your system in a live environment --- ## π― Final Result After pushing your code: ```bash git push origin main ``` π The pipeline runs automatically and deploys your app. π Open your browser: ``` http://EC2_PUBLIC_IP ```