diff --git a/14-Jenkins/Practice-14.1/config.txt b/14-Jenkins/Practice-14.1/config.txt new file mode 100644 index 00000000..5658b6b1 --- /dev/null +++ b/14-Jenkins/Practice-14.1/config.txt @@ -0,0 +1,9 @@ +# How to configure the master slave architecture of jenkins +1. Log into the master node and generate a key using + # ssh-keygen -t rsa +2. Copy the master's ~/.ssh/id_rsa.pub to the slave nodes' authorized_keys + # echo "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDGP9mQOqjhpxJssQbqz9pHzmWUCMMbWpxyLChsl9MPvMcslqrOXSYrywWErA9Zj01tvu/hwxMv/lIY/iSdkCP68z5VjM3eZQ/iNqWnQ6dhK4EeVoF/wNoRBdQCIQlFHK222uuyPTsMfmjJZz8hsSgTmgQqX5ifeCYQKjQWB2264Z7bLy8ByOFAUYVfUrhd7+bbADV5eU5mAmUvNjEdinccAePSFMi2omAGX6K2ZaSj4bS6dTzgQLcEJJkg9H1bgnlK89b6N2IXmDZEWRvsXnucr1mFnqnuFVbo13xV36e/MUVIqqYp9C4LYLP3jKWGCSfo2u/ucvf/+FzhztGvEco1 ec2-user@ip-10-0-0-47.ec2.internal" >> ~/.ssh/authorized_keys + +Follow this link to configure the Slave nodes on jenkins install in Master node + # https:/www.bogotobogo.com/DevOps/Jenkins/Jenkins_on_EC2_setting_up_master_slaves.php +ssh -i "DesmondKey.pem" ec2-user@ec2-3-230-115-158.compute-1.amazonaws.com diff --git a/14-Jenkins/Practice-14.1/stack.yml b/14-Jenkins/Practice-14.1/stack.yml new file mode 100644 index 00000000..659a2d57 --- /dev/null +++ b/14-Jenkins/Practice-14.1/stack.yml @@ -0,0 +1,274 @@ +Description: "Jenkins CodeDeploy" + +Parameters: + JenkinsInstanceType: + Type: String + Description: "EC2 instance type for Jenkins Server" + Default: t2.medium + AllowedValues: + - t2.micro + - t2.small + - t2.medium + - m3.medium + - m3.large + - m3.xlarge + - m3.2xlarge + - c3.large + - c3.xlarge + - c3.2xlarge + - c3.4xlarge + - c3.8xlarge + - c4.large + - c4.xlarge + - c4.2xlarge + - c4.4xlarge + - c4.8xlarge + - r3.large + - r3.xlarge + - r3.2xlarge + - r3.4xlarge + - r3.8xlarge + - i2.xlarge + - i2.2xlarge + - i2.4xlarge + - i2.8xlarge + - hi1.4xlarge + - hs1.8xlarge + - cr1.8xlarge + - cc2.8xlarge + KeyName: + Description: "The EC2 Key Pair to allow SSH access to CodeDeploy EC2 instances and Jenkins Server" + Type: 'AWS::EC2::KeyPair::KeyName' + Default: DesmondKey + IPRange: + Description: "CIDR block of the network from where you will connect to the Jenkins server using HTTP and SSH" + Type: "String" + MinLength: "9" + MaxLength: "18" + AllowedPattern: "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/(\\d{1,2})" + ConstraintDescription: "must be a valid IP CIDR range of the form x.x.x.x/x." + Default: 0.0.0.0/0 + +Mappings: + AWSRegionArch2AMI: + ap-northeast-1: + AMI: "ami-08847abae18baa040" + ap-northeast-2: + AMI: "ami-012566705322e9a8e" + ap-south-1: + AMI: "ami-00b6a8a2bd28daf19" + ap-southeast-1: + AMI: "ami-01da99628f381e50a" + ap-southeast-2: + AMI: "ami-00e17d1165b9dd3ec" + eu-central-1: + AMI: "ami-076431be05aaf8080" + eu-west-1: + AMI: "ami-0bdb1d6c15a40392c" + eu-west-2: + AMI: "ami-e1768386" + eu-west-3: + AMI: "ami-06340c8c12baa6a09" + sa-east-1: + AMI: "ami-0ad7b0031d41ed4b9" + us-east-1: + AMI: "ami-04681a1dbd79675a5" + us-east-2: + AMI: "ami-0cf31d971a3ca20d6" + us-west-1: + AMI: "ami-0782017a917e973e7" + us-west-2: + AMI: "ami-6cd6f714" + UbuntuAMI: + us-east-1: + AMI: "ami-08c40ec9ead489470" + + +Resources: + JenkinsServer: + Type: AWS::EC2::Instance + Properties: + KeyName: !Ref KeyName + ImageId: !FindInMap ['AWSRegionArch2AMI', {"Ref": 'AWS::Region'}, 'AMI'] + InstanceType: !Ref JenkinsInstanceType + IamInstanceProfile: !Ref JenkinsInstanceProfile + UserData: + Fn::Base64: !Sub | + #!/bin/bash + sudo yum update -y + sudo yum install wget + sudo amazon-linux-extras install java-openjdk11 + sudo amazon-linux-extras install epel -y + sudo wget -O /etc/yum.repos.d/jenkins.repo http://pkg.jenkins-ci.org/redhat/jenkins.repo + sudo rpm --import https://pkg.jenkins.io/redhat-stable/jenkins.io.key + sudo yum install jenkins -y + sudo systemctl enable jenkins + sudo systemctl start jenkins + sudo systemctl status jenkins + + #Installing CloudWatch Agent + sudo yum install -y awslogs + + #Installing git + sudo yum install git -y + + #Install Maven + sudo wget https://dlcdn.apache.org/maven/maven-3/3.8.6/binaries/apache-maven-3.8.6-bin.tar.gz + tar -xvf apache-maven-3.8.6-bin.tar.gz + sudo mv apache-maven-3.8.6 /opt/ + export M2_HOME=/opt/apache-maven-3.8.6 + export PATH="$PATH:$M2_HOME/bin" + + + NetworkInterfaces: + - AssociatePublicIpAddress: true + DeviceIndex: '0' + GroupSet: + - !Ref JenkinsSecurityGroup + SubnetId: + Fn::ImportValue: + PublicSubnet1 + Tags: + - Key: 'Name' + Value: 'Jenkins Server' + JenkinsRole: + Type: AWS::IAM::Role + Properties: + Path: / + AssumeRolePolicyDocument: + Statement: + - Effect: Allow + Principal: + Service: [ec2.amazonaws.com] + Action: ['sts:AssumeRole'] + Policies: + - PolicyName: "JenkinsPolicy" + PolicyDocument: + Version: "2012-10-17" + Statement: + - Effect: Allow + Action: [ + 's3:GetObject', + 's3:GetObjectVersion', + 's3:PutObject', + 's3:DeleteObject', + 's3:ListBucket' + ] + Resource: "*" + - PolicyName: "CloudWatch-agent-role" + PolicyDocument: + Statement: + - Effect: Allow + Action: [ + 'logs:CreateLogGroup', + 'logs:CreateLogStream', + 'logs:PutLogEvents', + 'logs:DescribeLogStreams' + ] + Resource: "*" + JenkinsInstanceProfile: + Type: AWS::IAM::InstanceProfile + Properties: + Path: / + Roles: [!Ref 'JenkinsRole'] + JenkinsSecurityGroup: + Type: AWS::EC2::SecurityGroup + Properties: + GroupDescription: "Enable SSH and HTTP access from specific CIDR block" + VpcId: + Fn::ImportValue: + VPCID + SecurityGroupEgress: + - IpProtocol: tcp + FromPort: 0 + ToPort: 65535 + CidrIp: 0.0.0.0/0 + SecurityGroupIngress: + - IpProtocol: tcp + FromPort: 22 + ToPort: 22 + CidrIp: !Ref IPRange + - IpProtocol: tcp + FromPort: 80 + ToPort: 80 + CidrIp: !Ref IPRange + - IpProtocol: tcp + FromPort: 8080 + ToPort: 8080 + CidrIp: !Ref IPRange + - IpProtocol: tcp + FromPort: 50000 + ToPort: 50000 + CidrIp: !Ref IPRange + AgentSecurityGroup: + Type: AWS::EC2::SecurityGroup + Properties: + GroupDescription: "Enable Agent to Master communication" + VpcId: + Fn::ImportValue: + VPCID + SecurityGroupEgress: + - IpProtocol: tcp + FromPort: 0 + ToPort: 65535 + CidrIp: 0.0.0.0/0 + SecurityGroupIngress: + - IpProtocol: tcp + FromPort: 22 + ToPort: 22 + CidrIp: !Ref IPRange + Agent1Server: + Type: AWS::EC2::Instance + Properties: + KeyName: !Ref KeyName + ImageId: !FindInMap ['UbuntuAMI', {"Ref": 'AWS::Region'}, 'AMI'] + InstanceType: "t2.small" + IamInstanceProfile: !Ref JenkinsInstanceProfile + UserData: + Fn::Base64: !Sub | + #!/bin/bash + sudo apt update -y + sudo apt install openjdk-11-jre-headless -y + NetworkInterfaces: + - AssociatePublicIpAddress: true + DeviceIndex: '0' + GroupSet: + - !Ref AgentSecurityGroup + SubnetId: + Fn::ImportValue: + PublicSubnet1 + Tags: + - Key: 'Name' + Value: 'Slave Node(1)' + Agent2Server: + Type: AWS::EC2::Instance + Properties: + KeyName: !Ref KeyName + ImageId: !FindInMap ['AWSRegionArch2AMI', {"Ref": 'AWS::Region'}, 'AMI'] + InstanceType: 't2.micro' + IamInstanceProfile: !Ref JenkinsInstanceProfile + UserData: + Fn::Base64: !Sub | + #!/bin/bash + sudo yum update -y + sudo amazon-linux-extras install java-openjdk11 -y + sudo amazon-linux-extras install epel -y + sudo yum install git -y + sudo wget https://dlcdn.apache.org/maven/maven-3/3.8.6/binaries/apache-maven-3.8.6-bin.tar.gz + tar -xvf apache-maven-3.8.6-bin.tar.gz + sudo mv apache-maven-3.8.6 /opt/ + export M2_HOME=/opt/apache-maven-3.8.6 + export PATH="$PATH:$M2_HOME/bin" + NetworkInterfaces: + - AssociatePublicIpAddress: true + DeviceIndex: '0' + GroupSet: + - !Ref AgentSecurityGroup + SubnetId: + Fn::ImportValue: + PublicSubnet1 + Tags: + - Key: 'Name' + Value: 'Slave Node(2)' + + \ No newline at end of file diff --git a/14-Jenkins/Practice-14.1/vpc.yml b/14-Jenkins/Practice-14.1/vpc.yml new file mode 100644 index 00000000..3039e678 --- /dev/null +++ b/14-Jenkins/Practice-14.1/vpc.yml @@ -0,0 +1,90 @@ +Description: > + Jenkins VPC Resources + +Mappings: + SubnetConfig: + VPC: + CIDR: '10.0.0.0/16' + PublicSubnet1: + CIDR: '10.0.0.0/24' + PublicSubnet2: + CIDR: '10.0.1.0/24' + +Resources: + VPC: + Type: AWS::EC2::VPC + Properties: + CidrBlock: !FindInMap ['SubnetConfig', 'VPC', 'CIDR'] + EnableDnsHostnames: true + EnableDnsSupport: true + PublicSubnetOne: + Type: AWS::EC2::Subnet + Properties: + AvailabilityZone: + Fn::Select: + - 0 + - Fn::GetAZs: {Ref: 'AWS::Region'} + VpcId: !Ref 'VPC' + CidrBlock: !FindInMap ['SubnetConfig', 'PublicSubnet1', 'CIDR'] + MapPublicIpOnLaunch: true + Tags: + - Key: Name + Value: "Public Subnet (AZ1)" + PublicSubnetTwo: + Type: AWS::EC2::Subnet + Properties: + AvailabilityZone: + Fn::Select: + - 1 + - Fn::GetAZs: {Ref: 'AWS::Region'} + VpcId: !Ref 'VPC' + CidrBlock: !FindInMap ['SubnetConfig', 'PublicSubnet2', 'CIDR'] + MapPublicIpOnLaunch: true + Tags: + - Key: Name + Value: "Public Subnet (AZ2)" + InternetGateway: + Type: AWS::EC2::InternetGateway + GatewayAttachement: + Type: AWS::EC2::VPCGatewayAttachment + Properties: + VpcId: !Ref 'VPC' + InternetGatewayId: !Ref 'InternetGateway' + PublicRouteTable: + Type: AWS::EC2::RouteTable + Properties: + VpcId: !Ref 'VPC' + PublicRoute: + Type: AWS::EC2::Route + DependsOn: GatewayAttachement + Properties: + RouteTableId: !Ref 'PublicRouteTable' + DestinationCidrBlock: '0.0.0.0/0' + GatewayId: !Ref 'InternetGateway' + PublicSubnetOneRouteTableAssociation: + Type: AWS::EC2::SubnetRouteTableAssociation + Properties: + SubnetId: !Ref PublicSubnetOne + RouteTableId: !Ref PublicRouteTable + PublicSubnetTwoRouteTableAssociation: + Type: AWS::EC2::SubnetRouteTableAssociation + Properties: + SubnetId: !Ref PublicSubnetTwo + RouteTableId: !Ref PublicRouteTable + +Outputs: + VPC: + Description: A reference to the created VPC + Value: !Ref VPC + Export: + Name: VPCID + PublicSubnet1: + Description: A reference to the public subnet in the 1st Availability Zone + Value: !Ref PublicSubnetOne + Export: + Name: PublicSubnet1 + PublicSubnet2: + Description: A reference to the public subnet in the 2nd Availability Zone + Value: !Ref PublicSubnetTwo + Export: + Name: PublicSubnet2 \ No newline at end of file