From 88faa426ff7c63a24c6a51bc51e204bc8bf7293f Mon Sep 17 00:00:00 2001 From: Joel Webb Date: Wed, 15 Jun 2022 14:26:31 -0400 Subject: [PATCH 01/10] should help clarification of sequence of calls --- 00-dev-environment/README.md | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) diff --git a/00-dev-environment/README.md b/00-dev-environment/README.md index 296b66c4..569eb202 100644 --- a/00-dev-environment/README.md +++ b/00-dev-environment/README.md @@ -74,7 +74,18 @@ aws sts get-session-token \ / ``` -This will return json containing the temporarily credentials.(**WARNING: special characters in the 'SecretAccessKey' may not work for Windoze machines) +This will return json containing the temporary credentials.(**WARNING: special characters in the 'SecretAccessKey' may not work for Windoze machines) + +**Notice: these are not the SecretAccessKey and SessionToken you provided before. These are brand spanking new to be used specifically for a new programmatic connection** + +```mermaid +sequenceDiagram +You ->> AWS: I need temporary credentials +Note right of AWS: Thinking... Thinking +AWS ->> You: Here are the new credentials... +You ->> AWS: Here's the credentials to get me access +AWS ->> You: Soup for you. You have access!! +``` ```shell "Credentials": { @@ -221,5 +232,5 @@ to complete the training work. In your Cloud9 Editor, perform the following: application in that language - Add the files to your new branch, commit them, and push the branch up to your forked repository -- Create a pull request from your branch to the master branch within your forked +- Create a pull request from your branch to the master branch within YOUR forked repository and merge after reviewing From 9c4e1a3cc8b77a7efcdc7afc7cd130701f344512 Mon Sep 17 00:00:00 2001 From: Joel Webb Date: Fri, 28 Oct 2022 11:52:28 -0400 Subject: [PATCH 02/10] small changes --- 14-Jenkins/base-params.json | 4 ++-- 14-Jenkins/base.yaml | 10 +++++----- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/14-Jenkins/base-params.json b/14-Jenkins/base-params.json index 56a56ba5..291e8621 100644 --- a/14-Jenkins/base-params.json +++ b/14-Jenkins/base-params.json @@ -21,10 +21,10 @@ }, { "ParameterKey": "EC2KeyName", - "ParameterValue": "test-user-key" + "ParameterValue": "joel-key" }, { "ParameterKey": "IAMUserOwnerIp", - "ParameterValue": "XX.XXX.XXX.XXX" + "ParameterValue": "66.110.242.65" } ] \ No newline at end of file diff --git a/14-Jenkins/base.yaml b/14-Jenkins/base.yaml index 5b267390..c2a40450 100644 --- a/14-Jenkins/base.yaml +++ b/14-Jenkins/base.yaml @@ -168,14 +168,14 @@ Resources: NetworkAclId: !Ref MyNetworkAcl RuleNumber: 202 RuleAction: allow - Protocol: 6 + Protocol: icmp CidrBlock: !Join ['/', ["10.0.0.128", '25' ] ] Icmp: Code: -1 Type: -1 PortRange: - From: - To: + From: 8 + To: -1 MyNetworkEntryMySecondSubnetIngressAllHttp: Type: AWS::EC2::NetworkAclEntry Properties: @@ -197,8 +197,8 @@ Resources: Protocol: -1 CidrBlock: !Join ['/', ["10.0.0.128", '25' ] ] PortRange: - From: - To: + From: 0 + To: 65000 MySecondSubnet: Type: AWS::EC2::Subnet Properties: From 4991814f86c0dee80814b0a14d3bcd99d6d05e33 Mon Sep 17 00:00:00 2001 From: Joel Webb Date: Fri, 28 Oct 2022 14:39:17 -0400 Subject: [PATCH 03/10] working stack --- 14-Jenkins/base-params.json | 4 ++-- 14-Jenkins/base.yaml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/14-Jenkins/base-params.json b/14-Jenkins/base-params.json index 291e8621..0eff0a66 100644 --- a/14-Jenkins/base-params.json +++ b/14-Jenkins/base-params.json @@ -13,7 +13,7 @@ }, { "ParameterKey": "EC2InstanceAmi", - "ParameterValue": "ami-0bce08e823ed38bdd" + "ParameterValue": "ami-0ee23bfc74a881de5" }, { "ParameterKey": "EC2InstanceType", @@ -21,7 +21,7 @@ }, { "ParameterKey": "EC2KeyName", - "ParameterValue": "joel-key" + "ParameterValue": "joels-key-pair-lab" }, { "ParameterKey": "IAMUserOwnerIp", diff --git a/14-Jenkins/base.yaml b/14-Jenkins/base.yaml index c2a40450..2403fe7a 100644 --- a/14-Jenkins/base.yaml +++ b/14-Jenkins/base.yaml @@ -168,7 +168,7 @@ Resources: NetworkAclId: !Ref MyNetworkAcl RuleNumber: 202 RuleAction: allow - Protocol: icmp + Protocol: 1 CidrBlock: !Join ['/', ["10.0.0.128", '25' ] ] Icmp: Code: -1 From c61d72a113ac34f5aeb323676b6fdfbcbc515feb Mon Sep 17 00:00:00 2001 From: Joel Webb Date: Mon, 31 Oct 2022 08:32:15 -0400 Subject: [PATCH 04/10] working stacks --- 14-Jenkins/base-params.json | 2 +- 14-Jenkins/base.yaml | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/14-Jenkins/base-params.json b/14-Jenkins/base-params.json index 0eff0a66..5f3e799e 100644 --- a/14-Jenkins/base-params.json +++ b/14-Jenkins/base-params.json @@ -13,7 +13,7 @@ }, { "ParameterKey": "EC2InstanceAmi", - "ParameterValue": "ami-0ee23bfc74a881de5" + "ParameterValue": "/aws/service/ecs/optimized-ami/amazon-linux-2/recommended/image_id" }, { "ParameterKey": "EC2InstanceType", diff --git a/14-Jenkins/base.yaml b/14-Jenkins/base.yaml index 2403fe7a..6e6fe7c7 100644 --- a/14-Jenkins/base.yaml +++ b/14-Jenkins/base.yaml @@ -12,9 +12,9 @@ Parameters: Type: String Description: IAM user that is owner of this CFN stack EC2InstanceAmi: - Type: AWS::EC2::Image::Id + Type: AWS::SSM::Parameter::Value Description: EC2 Instance AMI - Default: ami-014534a11156c1a0d + Default: /aws/service/ecs/optimized-ami/amazon-linux-2/recommended/image_id EC2KeyName: Type: String Description: Name of the EC2 keys used for ssh From a25110b45a4bc11c5006808a5b490e88cf4bf193 Mon Sep 17 00:00:00 2001 From: Joel Webb Date: Mon, 31 Oct 2022 11:47:45 -0400 Subject: [PATCH 05/10] adding in port 8080 --- 14-Jenkins/base.yaml | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/14-Jenkins/base.yaml b/14-Jenkins/base.yaml index 6e6fe7c7..c1b38520 100644 --- a/14-Jenkins/base.yaml +++ b/14-Jenkins/base.yaml @@ -84,6 +84,16 @@ Resources: ToPort: 22 IpProtocol: tcp CidrIp: 0.0.0.0/0 + - + FromPort: 80 + ToPort: 80 + IpProtocol: tcp + CidrIp: 0.0.0.0/0 + - + FromPort: 8080 + ToPort: 8080 + IpProtocol: tcp + CidrIp: 0.0.0.0/0 - FromPort: -1 ToPort: -1 @@ -187,6 +197,17 @@ Resources: PortRange: From: 80 To: 80 + MyNetworkEntryMySecondSubnetIngressAllJenkins: + Type: AWS::EC2::NetworkAclEntry + Properties: + NetworkAclId: !Ref MyNetworkAcl + RuleNumber: 203 + RuleAction: allow + Protocol: 6 + CidrBlock: !Join ['/', ["10.0.0.128", '25' ] ] + PortRange: + From: 8080 + To: 8080 MyNetworkEntryMySecondSubnetEgressAllTraffic: Type: AWS::EC2::NetworkAclEntry Properties: From 2d1e96361d23afb212a028e2a4237ee3c9badd87 Mon Sep 17 00:00:00 2001 From: Joel Webb Date: Tue, 1 Nov 2022 08:51:24 -0400 Subject: [PATCH 06/10] needed a different rule --- 14-Jenkins/base.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/14-Jenkins/base.yaml b/14-Jenkins/base.yaml index c1b38520..95423ded 100644 --- a/14-Jenkins/base.yaml +++ b/14-Jenkins/base.yaml @@ -201,7 +201,7 @@ Resources: Type: AWS::EC2::NetworkAclEntry Properties: NetworkAclId: !Ref MyNetworkAcl - RuleNumber: 203 + RuleNumber: 205 RuleAction: allow Protocol: 6 CidrBlock: !Join ['/', ["10.0.0.128", '25' ] ] From 5cde2867083b20a5b2c35da6f760eac6120eee2d Mon Sep 17 00:00:00 2001 From: Joel Webb Date: Thu, 30 Mar 2023 14:41:46 -0400 Subject: [PATCH 07/10] adding in the main configuration to start it up --- 14-Jenkins/README.md | 9 +++++++++ 14-Jenkins/base-params.json | 2 +- 14-Jenkins/base.yaml | 13 +++++++++++++ 3 files changed, 23 insertions(+), 1 deletion(-) diff --git a/14-Jenkins/README.md b/14-Jenkins/README.md index d9bcef82..e97781ce 100644 --- a/14-Jenkins/README.md +++ b/14-Jenkins/README.md @@ -94,6 +94,15 @@ present and you can: - Manage "Credentials" - View "My Views" +#### I had to re-create the RSA key pair (joels-key-pair) in order to login again + +``` + aws cloudformation create-stack --profile temp --stack-name Joels1411 --template-body file://base.yaml --parameters file://base-params.json --capabilities CAPABILITY_NAMED_IAM +{ + "StackId": "arn:aws:cloudformation:us-east-1:324320755747:stack/Joels1411/e8ac7090-cf28-11ed-a8ab-1222a4b30ce5" +} +``` + #### Lab 14.1.2 - Adding Agents As it stands, the Jenkins server can be used to execute jobs. Executing jobs diff --git a/14-Jenkins/base-params.json b/14-Jenkins/base-params.json index 5f3e799e..6c7c49d7 100644 --- a/14-Jenkins/base-params.json +++ b/14-Jenkins/base-params.json @@ -21,7 +21,7 @@ }, { "ParameterKey": "EC2KeyName", - "ParameterValue": "joels-key-pair-lab" + "ParameterValue": "joels-key-pair" }, { "ParameterKey": "IAMUserOwnerIp", diff --git a/14-Jenkins/base.yaml b/14-Jenkins/base.yaml index 95423ded..51fc5e1a 100644 --- a/14-Jenkins/base.yaml +++ b/14-Jenkins/base.yaml @@ -120,6 +120,19 @@ Resources: - Key: stack Value: !Ref "AWS::StackId" + UserData: + Fn::Base64: !Sub | + #!/bin/bash + sudo yum update -y + sudo yum install -y java-1.8.0-openjdk-devel + sudo alternatives --set java /usr/lib/jvm/jre-1.8.0-openjdk.x86_64/bin/java + sudo alternatives --set javac /usr/lib/jvm/java-1.8.0-openjdk.x86_64/bin/javac + sudo yum install -y wget + sudo wget -O /etc/yum.repos.d/jenkins.repo https://pkg.jenkins.io/redhat-stable/jenkins.repo + sudo rpm --import https://pkg.jenkins.io/redhat-stable/jenkins.io.key + sudo yum install -y jenkins + sudo systemctl start jenkins + sudo systemctl enable jenkins MyNetworkAcl: Type: AWS::EC2::NetworkAcl Properties: From 8f0bb0e4ac110a83822b82bcaf9d3de893c7ce31 Mon Sep 17 00:00:00 2001 From: Joel Webb Date: Fri, 31 Mar 2023 10:19:49 -0400 Subject: [PATCH 08/10] updated new creation commenting out artifact bucket to start --- 14-Jenkins/README.md | 5 +++ 14-Jenkins/base.yaml | 86 +++++++++++++++++++++++++++++++++++++------- 2 files changed, 79 insertions(+), 12 deletions(-) diff --git a/14-Jenkins/README.md b/14-Jenkins/README.md index e97781ce..09d9f5fb 100644 --- a/14-Jenkins/README.md +++ b/14-Jenkins/README.md @@ -70,6 +70,11 @@ For ease of deployment and scalability, we will provision a Jenkins environment using CloudFormation templates on the AWS platform. In order to do this you will need the following: +Follow these directions instead +``` +https://www.jenkins.io/doc/tutorials/tutorial-for-installing-jenkins-on-AWS/#downloading-and-installing-jenkins +``` + - EC2 Instance (as the Jenkins Server) -- use the Amazon Linux AMI with JDK installed - EIP, for the instance to receive traffic - Subnet, containing the Jenkins master instance diff --git a/14-Jenkins/base.yaml b/14-Jenkins/base.yaml index 51fc5e1a..01435e8c 100644 --- a/14-Jenkins/base.yaml +++ b/14-Jenkins/base.yaml @@ -121,18 +121,21 @@ Resources: Key: stack Value: !Ref "AWS::StackId" UserData: - Fn::Base64: !Sub | - #!/bin/bash - sudo yum update -y - sudo yum install -y java-1.8.0-openjdk-devel - sudo alternatives --set java /usr/lib/jvm/jre-1.8.0-openjdk.x86_64/bin/java - sudo alternatives --set javac /usr/lib/jvm/java-1.8.0-openjdk.x86_64/bin/javac - sudo yum install -y wget - sudo wget -O /etc/yum.repos.d/jenkins.repo https://pkg.jenkins.io/redhat-stable/jenkins.repo - sudo rpm --import https://pkg.jenkins.io/redhat-stable/jenkins.io.key - sudo yum install -y jenkins - sudo systemctl start jenkins - sudo systemctl enable jenkins + Fn::Base64: | + #!/bin/bash + yum update -y + yum install -y java-1.8.0-openjdk-devel + alternatives --set java /usr/lib/jvm/jre-1.8.0-openjdk.x86_64/bin/java + alternatives --set javac /usr/lib/jvm/java-1.8.0-openjdk.x86_64/bin/javac + yum install -y wget + wget -O /etc/yum.repos.d/jenkins.repo https://pkg.jenkins.io/redhat-stable/jenkins.repo + rpm --import https://pkg.jenkins.io/redhat-stable/jenkins.io.key + yum upgrade + amazon-linux-extras install java-openjdk11 -y + yum install -y jenkins + systemctl enable jenkins + systemctl start jenkins + sed s/ /etc/sysconfig/jenkins MyNetworkAcl: Type: AWS::EC2::NetworkAcl Properties: @@ -284,6 +287,65 @@ Resources: - Key: stack Value: !Ref "AWS::StackId" + # JenkinsArtifactsBucket: + # Type: AWS::S3::Bucket + # Properties: + # BucketName: !Sub "${AWS::StackName}-jenkins-artifacts" + # JenkinsBuildPipeline: + # Type: AWS::CodePipeline::Pipeline + # Properties: + # Name: !Sub "${AWS::StackName}-jenkins-build-pipeline" + # RoleArn: !GetAtt [CodePipelineRole, Arn] + # Stages: + # - Name: Source + # Actions: + # - Name: SourceAction + # ActionTypeId: + # Category: Source + # Owner: ThirdParty + # Provider: GitHub + # Version: '1' + # OutputArtifacts: + # - Name: SourceArtifact + # Configuration: + # Owner: !Ref GitHubOwner + # Repo: !Ref GitHubRepo + # Branch: !Ref GitHubBranch + # OAuthToken: !Ref GitHubOAuthToken + # RunOrder: 1 + # - Name: Build + # Actions: + # - Name: BuildAction + # ActionTypeId: + # Category: Build + # Owner: Custom + # Provider: Jenkins + # Version: '1' + # Configuration: + # ProjectName: !Ref JenkinsProjectName + # Url: !Ref JenkinsUrl + # Username: !Ref JenkinsUsername + # Password: !Ref JenkinsPassword + # InputArtifacts: + # - Name: SourceArtifact + # OutputArtifacts: + # - Name: BuildArtifact + # RunOrder: 1 + # - Name: Deploy + # Actions: + # - Name: DeployAction + # ActionTypeId: + # Category: Deploy + # Owner: AWS + # Provider: S3 + # Version: '1' + # Configuration: + # BucketName: !Ref JenkinsArtifactsBucket + # ObjectKey: !Ref S3ObjectKey + # Extract: true + # InputArtifacts: + # - Name: BuildArtifact + # RunOrder: 1 Outputs: MyVpcOutput: Description: Id of MyVpc From d3370662658f2034bafb8c465c93725201cc2af2 Mon Sep 17 00:00:00 2001 From: Joel Webb Date: Mon, 3 Apr 2023 10:55:25 -0400 Subject: [PATCH 09/10] working end to end --- 14-Jenkins/base.yaml | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) diff --git a/14-Jenkins/base.yaml b/14-Jenkins/base.yaml index 01435e8c..0379bad8 100644 --- a/14-Jenkins/base.yaml +++ b/14-Jenkins/base.yaml @@ -123,19 +123,15 @@ Resources: UserData: Fn::Base64: | #!/bin/bash - yum update -y - yum install -y java-1.8.0-openjdk-devel - alternatives --set java /usr/lib/jvm/jre-1.8.0-openjdk.x86_64/bin/java - alternatives --set javac /usr/lib/jvm/java-1.8.0-openjdk.x86_64/bin/javac + yum -y update yum install -y wget wget -O /etc/yum.repos.d/jenkins.repo https://pkg.jenkins.io/redhat-stable/jenkins.repo rpm --import https://pkg.jenkins.io/redhat-stable/jenkins.io.key - yum upgrade + yum -y upgrade amazon-linux-extras install java-openjdk11 -y yum install -y jenkins systemctl enable jenkins systemctl start jenkins - sed s/ /etc/sysconfig/jenkins MyNetworkAcl: Type: AWS::EC2::NetworkAcl Properties: From 7220872bb465943734dbeaa2c9c52bce83f47252 Mon Sep 17 00:00:00 2001 From: Joel Webb Date: Tue, 4 Apr 2023 15:31:51 -0400 Subject: [PATCH 10/10] adding the documentation --- 14-Jenkins/base.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/14-Jenkins/base.yaml b/14-Jenkins/base.yaml index 0379bad8..9286cef9 100644 --- a/14-Jenkins/base.yaml +++ b/14-Jenkins/base.yaml @@ -121,6 +121,7 @@ Resources: Key: stack Value: !Ref "AWS::StackId" UserData: + # https://www.jenkins.io/doc/tutorials/tutorial-for-installing-jenkins-on-AWS/#downloading-and-installing-jenkins Fn::Base64: | #!/bin/bash yum -y update