In this blog, I’ll walk through how I deployed a real E-Commerce Spring Boot application to AWS using a complete production-style DevOps setup with Terraform, Jenkins, AWS EC2, AWS RDS (MySQL) and systemd. The goal was simple: once a developer pushes code to GitHub, the app should automatically build and deploy to AWS with zero manual steps.
1️⃣ Project Overview
This project combines multiple DevOps tools to create an end-to-end automated pipeline:
- Spring Boot (Java 17) – E-Commerce backend application
- Terraform – To provision AWS infrastructure (VPC, EC2, RDS, Security Groups)
- AWS EC2 – One instance for Jenkins, one for the application
- AWS RDS MySQL – Managed database for products, orders, users etc.
- Jenkins CI/CD – Builds and deploys the app automatically
- systemd – Keeps the Spring Boot JAR running as a service
- GitHub Webhook – Automatically triggers Jenkins on every push
Together, this forms a realistic DevOps portfolio project similar to what companies use in production.
2️⃣ High-Level Architecture
From a user's perspective, they simply hit the EC2 public IP in the browser and use the E-Commerce app. Behind the scenes, Terraform, Jenkins and AWS are doing all the heavy lifting.
3️⃣ Why This Architecture?
Each component has a specific role:
- Terraform – Infrastructure as Code, so infra is versioned, repeatable and easy to recreate.
- EC2 App Server – Runs the Spring Boot jar with full control (SSH, logs, configs).
- EC2 Jenkins Server – Dedicated CI/CD engine that pulls from GitHub and deploys to the app server.
- AWS RDS MySQL – Managed database with backups, scaling and reliability.
- Security Groups – Act as firewalls for EC2 and RDS.
- VPC + Subnets – Isolated, secure network for all resources.
- systemd – Ensures the application always stays running.
4️⃣ Terraform Infrastructure – Deep Breakdown
4.1 VPC and DNS Settings
Terraform first creates a dedicated VPC with DNS support:
enable_dns_support = true
enable_dns_hostnames = trueThis makes sure that EC2 instances and the RDS endpoint can be resolved properly inside the VPC.
4.2 Public Subnets
Two public subnets are created in different availability zones:
10.0.1.0/24→ ap-south-1a10.0.2.0/24→ ap-south-1b
These subnets allow EC2 instances to get a public IP and talk to the internet for updates, git, packages, etc.
4.3 Internet Gateway & Route Table
An Internet Gateway + Route Table combo is used so instances in public subnets can:
- Install Java, Jenkins, Maven via internet
- Clone code from GitHub
- Reach external services when needed
4.4 Security Groups
EC2 Security Group allows:
- Port 22 – SSH access (for deployment/debug)
- Port 8080 – Access to the Spring Boot application
RDS Security Group is more restricted:
- Only allows traffic on port 3306 (MySQL)
- Only from the EC2 app server’s security group
That means:
✔ The app can talk to the database
❌ The internet cannot directly reach the database
4.5 EC2 Instances
Terraform provisions two main EC2 instances:
- App EC2 – Runs the Spring Boot JAR
- Jenkins EC2 – Hosts Jenkins and runs the pipeline
Using user data scripts, the instances automatically install:
- Java 17
- Maven
- Git
- Jenkins (on Jenkins EC2)
- MySQL client (on app EC2 for testing DB connectivity)
4.6 RDS MySQL
Terraform creates an AWS RDS MySQL 8.0 instance with:
- Automated backups
- Storage autoscaling
- Production-ready configuration
Terraform outputs useful values like:
rds_endpoint
app_ip
jenkins_ipThese outputs make it easy to connect the app and verify everything.
5️⃣ Running the App with systemd
Instead of manually running java -jar in a terminal, I use systemd to manage the Spring Boot app:
[Unit]
Description=Spring Boot E-Commerce App
After=network.target
[Service]
User=ubuntu
ExecStart=/usr/bin/java -jar /home/ubuntu/app.jar
Restart=always
RestartSec=5
[Install]
WantedBy=multi-user.targetBenefits of using systemd:
- App starts automatically on boot
- If the app crashes, it is restarted
- Central logging using
journalctl - No need to keep an SSH session open
6️⃣ Jenkins CI/CD Pipeline – Step by Step
The Jenkins pipeline automates the entire process from code to deployment. Typical stages:
Stage 1 – Checkout
git branch: 'master2'Jenkins pulls the latest code from the GitHub repository.
Stage 2 – Build with Maven
mvn clean package -DskipTestsThis generates a JAR file like:
target/JtSpringProject-0.0.1-SNAPSHOT.jarStage 3 – Copy JAR to App EC2
Jenkins uses SSH / SCP to transfer the artifact:
scp target/JtSpringProject-0.0.1-SNAPSHOT.jar ubuntu@<APP_IP>:/home/ubuntu/app.jarStage 4 – Restart systemd Service
After copying the JAR, Jenkins remotely restarts the systemd service:
ssh ubuntu@<APP_IP> "sudo systemctl restart myapp"This ensures the latest version of the application is always running.
Stage 5 – Optional Health Check
A simple curl-based health check can validate if the app is up:
curl http://<APP_IP>:8080/7️⃣ GitHub Webhook – Auto Trigger Jenkins
To make the pipeline fully automated, I configured a GitHub Webhook:
http://<JENKINS_IP>:8080/github-webhook/Whenever I push code to the GitHub repository:
- GitHub sends a webhook event to Jenkins
- Jenkins pipeline is triggered
- Code is built & deployed without manual clicks
This provides a real “Push → Build → Deploy” experience.
8️⃣ Verification & Useful Commands
Check if app is running
curl http://<APP_PUBLIC_IP>:8080/Connect to RDS MySQL
mysql -h <RDS-ENDPOINT> -u appadmin -pCheck systemd service logs
journalctl -u myapp -f9️⃣ Screenshots / Architecture Diagram
You can add screenshots in Blogger using the image upload option. Some good ideas:
- Terraform console output
- EC2 instances page (App & Jenkins)
- RDS instance dashboard
- Jenkins pipeline success screenshot
- Architecture diagram of the full flow
🔟 Final Conclusion
This project ties together everything a modern DevOps engineer should know:
- How to design a secure AWS architecture with VPC, Subnets and Security Groups
- How to use Terraform to create reproducible infrastructure
- How to use Jenkins pipelines for automated build & deployment
- How to run a Spring Boot app in a production-style environment
- How to manage services using systemd
It’s a perfect portfolio project to showcase DevOps + Cloud + Java skills and also a strong topic to discuss in interviews.
✨ Connect With Me
Author: Mahesh Shelke
🔗 GitHub:
github.com/Maheshshelke05
💼 LinkedIn:
linkedin.com/in/mahesh-shelke-7497a7315
✍️ Medium:
medium.com/@maheshshelke05
