Lab 14 jenkins

14-Jenkins/Practice-14.1/config.txt

@@ -0,0 +1,9 @@
+# How to configure the master slave architecture of jenkins
+1. Log into the master node and generate a key using
+    # ssh-keygen -t rsa
+2. Copy the master's ~/.ssh/id_rsa.pub to the slave nodes' authorized_keys
+    # echo "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDGP9mQOqjhpxJssQbqz9pHzmWUCMMbWpxyLChsl9MPvMcslqrOXSYrywWErA9Zj01tvu/hwxMv/lIY/iSdkCP68z5VjM3eZQ/iNqWnQ6dhK4EeVoF/wNoRBdQCIQlFHK222uuyPTsMfmjJZz8hsSgTmgQqX5ifeCYQKjQWB2264Z7bLy8ByOFAUYVfUrhd7+bbADV5eU5mAmUvNjEdinccAePSFMi2omAGX6K2ZaSj4bS6dTzgQLcEJJkg9H1bgnlK89b6N2IXmDZEWRvsXnucr1mFnqnuFVbo13xV36e/MUVIqqYp9C4LYLP3jKWGCSfo2u/ucvf/+FzhztGvEco1 ec2-user@ip-10-0-0-47.ec2.internal" >> ~/.ssh/authorized_keys
+
+Follow this link to configure the Slave nodes on jenkins install in Master node
+    # https:/www.bogotobogo.com/DevOps/Jenkins/Jenkins_on_EC2_setting_up_master_slaves.php
+ssh -i "DesmondKey.pem" ec2-user@ec2-3-230-115-158.compute-1.amazonaws.com

14-Jenkins/Practice-14.1/stack.yml

@@ -0,0 +1,274 @@
+Description: "Jenkins CodeDeploy"
+
+Parameters:
+  JenkinsInstanceType:
+    Type: String
+    Description: "EC2 instance type for Jenkins Server"
+    Default: t2.medium
+    AllowedValues: 
+      - t2.micro
+      - t2.small
+      - t2.medium
+      - m3.medium
+      - m3.large
+      - m3.xlarge
+      - m3.2xlarge
+      - c3.large
+      - c3.xlarge
+      - c3.2xlarge
+      - c3.4xlarge
+      - c3.8xlarge
+      - c4.large
+      - c4.xlarge
+      - c4.2xlarge
+      - c4.4xlarge
+      - c4.8xlarge
+      - r3.large
+      - r3.xlarge
+      - r3.2xlarge
+      - r3.4xlarge
+      - r3.8xlarge
+      - i2.xlarge
+      - i2.2xlarge
+      - i2.4xlarge
+      - i2.8xlarge
+      - hi1.4xlarge
+      - hs1.8xlarge
+      - cr1.8xlarge
+      - cc2.8xlarge
+  KeyName:
+    Description: "The EC2 Key Pair to allow SSH access to CodeDeploy EC2 instances and Jenkins Server"
+    Type: 'AWS::EC2::KeyPair::KeyName'
+    Default: DesmondKey
+  IPRange:
+    Description: "CIDR block of the network from where you will connect to the Jenkins server using HTTP and SSH"
+    Type: "String"
+    MinLength: "9"
+    MaxLength: "18"
+    AllowedPattern: "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/(\\d{1,2})"
+    ConstraintDescription: "must be a valid IP CIDR range of the form x.x.x.x/x."
+    Default: 0.0.0.0/0
+
+Mappings:
+  AWSRegionArch2AMI: 
+    ap-northeast-1: 
+      AMI: "ami-08847abae18baa040"
+    ap-northeast-2:
+      AMI: "ami-012566705322e9a8e"
+    ap-south-1:
+      AMI: "ami-00b6a8a2bd28daf19"
+    ap-southeast-1: 
+      AMI: "ami-01da99628f381e50a"
+    ap-southeast-2: 
+      AMI: "ami-00e17d1165b9dd3ec"
+    eu-central-1:
+      AMI: "ami-076431be05aaf8080"
+    eu-west-1:
+      AMI: "ami-0bdb1d6c15a40392c"
+    eu-west-2: 
+      AMI: "ami-e1768386"
+    eu-west-3:
+      AMI: "ami-06340c8c12baa6a09"
+    sa-east-1: 
+      AMI: "ami-0ad7b0031d41ed4b9"
+    us-east-1:
+      AMI: "ami-04681a1dbd79675a5"
+    us-east-2:
+      AMI: "ami-0cf31d971a3ca20d6"
+    us-west-1:
+      AMI: "ami-0782017a917e973e7"
+    us-west-2:
+      AMI: "ami-6cd6f714"
+  UbuntuAMI:
+    us-east-1:
+      AMI: "ami-08c40ec9ead489470"
+
+
+Resources:
+  JenkinsServer:
+    Type: AWS::EC2::Instance
+    Properties:
+      KeyName: !Ref KeyName
+      ImageId: !FindInMap ['AWSRegionArch2AMI', {"Ref": 'AWS::Region'}, 'AMI']
+      InstanceType: !Ref JenkinsInstanceType
+      IamInstanceProfile: !Ref JenkinsInstanceProfile
+      UserData:
+        Fn::Base64: !Sub |
+          #!/bin/bash
+          sudo yum update -y
+          sudo yum install wget
+          sudo amazon-linux-extras install java-openjdk11
+          sudo amazon-linux-extras install epel -y
+          sudo wget -O /etc/yum.repos.d/jenkins.repo http://pkg.jenkins-ci.org/redhat/jenkins.repo
+          sudo rpm --import https://pkg.jenkins.io/redhat-stable/jenkins.io.key
+          sudo yum install jenkins -y
+          sudo systemctl enable jenkins
+          sudo systemctl start jenkins
+          sudo systemctl status jenkins
+
+          #Installing CloudWatch Agent
+          sudo yum install -y awslogs
+
+          #Installing git
+          sudo yum install git -y
+
+          #Install Maven
+          sudo wget https://dlcdn.apache.org/maven/maven-3/3.8.6/binaries/apache-maven-3.8.6-bin.tar.gz
+          tar -xvf apache-maven-3.8.6-bin.tar.gz
+          sudo mv apache-maven-3.8.6 /opt/
+          export M2_HOME=/opt/apache-maven-3.8.6
+          export PATH="$PATH:$M2_HOME/bin"
+
+
+      NetworkInterfaces:
+        - AssociatePublicIpAddress: true
+          DeviceIndex: '0'
+          GroupSet:
+            - !Ref JenkinsSecurityGroup
+          SubnetId: 
+            Fn::ImportValue:
+              PublicSubnet1
+      Tags:
+        - Key: 'Name'
+          Value: 'Jenkins Server'
+  JenkinsRole:
+    Type: AWS::IAM::Role
+    Properties:
+      Path: /
+      AssumeRolePolicyDocument:
+        Statement:
+          - Effect: Allow
+            Principal:
+              Service: [ec2.amazonaws.com]
+            Action: ['sts:AssumeRole']
+      Policies:
+      - PolicyName: "JenkinsPolicy"
+        PolicyDocument:
+          Version: "2012-10-17"
+          Statement:
+            - Effect: Allow
+              Action: [
+                's3:GetObject',
+                's3:GetObjectVersion',
+                's3:PutObject',
+                's3:DeleteObject',
+                's3:ListBucket'
+              ]
+              Resource: "*"  
+      - PolicyName: "CloudWatch-agent-role"
+        PolicyDocument:
+          Statement:
+          - Effect: Allow
+            Action: [
+              'logs:CreateLogGroup',
+              'logs:CreateLogStream',
+              'logs:PutLogEvents',
+              'logs:DescribeLogStreams'
+            ]
+            Resource: "*"
+  JenkinsInstanceProfile:
+    Type: AWS::IAM::InstanceProfile
+    Properties:
+      Path: /
+      Roles: [!Ref 'JenkinsRole']
+  JenkinsSecurityGroup:
+    Type: AWS::EC2::SecurityGroup
+    Properties:
+      GroupDescription: "Enable SSH and HTTP access from specific CIDR block"
+      VpcId: 
+        Fn::ImportValue: 
+          VPCID
+      SecurityGroupEgress:
+        - IpProtocol: tcp
+          FromPort: 0
+          ToPort: 65535
+          CidrIp: 0.0.0.0/0
+      SecurityGroupIngress:
+        - IpProtocol: tcp
+          FromPort: 22
+          ToPort: 22
+          CidrIp: !Ref IPRange
+        - IpProtocol: tcp
+          FromPort: 80
+          ToPort: 80
+          CidrIp: !Ref IPRange
+        - IpProtocol: tcp
+          FromPort: 8080
+          ToPort: 8080
+          CidrIp: !Ref IPRange
+        - IpProtocol: tcp
+          FromPort: 50000
+          ToPort: 50000
+          CidrIp: !Ref IPRange
+  AgentSecurityGroup:
+    Type: AWS::EC2::SecurityGroup
+    Properties:
+      GroupDescription: "Enable Agent to Master communication"
+      VpcId:
+        Fn::ImportValue:
+          VPCID
+      SecurityGroupEgress:
+        - IpProtocol: tcp
+          FromPort: 0
+          ToPort: 65535
+          CidrIp: 0.0.0.0/0
+      SecurityGroupIngress:
+        - IpProtocol: tcp
+          FromPort: 22
+          ToPort: 22
+          CidrIp: !Ref IPRange
+  Agent1Server:
+    Type: AWS::EC2::Instance
+    Properties:
+      KeyName: !Ref KeyName
+      ImageId: !FindInMap ['UbuntuAMI', {"Ref": 'AWS::Region'}, 'AMI']
+      InstanceType: "t2.small"
+      IamInstanceProfile: !Ref JenkinsInstanceProfile
+      UserData:
+        Fn::Base64: !Sub |
+          #!/bin/bash
+          sudo apt update -y
+          sudo apt install openjdk-11-jre-headless -y
+      NetworkInterfaces:
+        - AssociatePublicIpAddress: true
+          DeviceIndex: '0'
+          GroupSet:
+            - !Ref AgentSecurityGroup
+          SubnetId: 
+            Fn::ImportValue:
+              PublicSubnet1
+      Tags:
+        - Key: 'Name'
+          Value: 'Slave Node(1)'
+  Agent2Server:
+    Type: AWS::EC2::Instance
+    Properties:
+      KeyName: !Ref KeyName
+      ImageId: !FindInMap ['AWSRegionArch2AMI', {"Ref": 'AWS::Region'}, 'AMI']
+      InstanceType: 't2.micro'
+      IamInstanceProfile: !Ref JenkinsInstanceProfile
+      UserData:
+        Fn::Base64: !Sub |
+          #!/bin/bash
+          sudo yum update -y
+          sudo amazon-linux-extras install java-openjdk11 -y
+          sudo amazon-linux-extras install epel -y
+          sudo yum install git -y
+          sudo wget https://dlcdn.apache.org/maven/maven-3/3.8.6/binaries/apache-maven-3.8.6-bin.tar.gz
+          tar -xvf apache-maven-3.8.6-bin.tar.gz
+          sudo mv apache-maven-3.8.6 /opt/
+          export M2_HOME=/opt/apache-maven-3.8.6
+          export PATH="$PATH:$M2_HOME/bin"
+      NetworkInterfaces:
+        - AssociatePublicIpAddress: true
+          DeviceIndex: '0'
+          GroupSet:
+            - !Ref AgentSecurityGroup
+          SubnetId: 
+            Fn::ImportValue:
+              PublicSubnet1
+      Tags:
+        - Key: 'Name'
+          Value: 'Slave Node(2)'
+
+

14-Jenkins/Practice-14.1/vpc.yml

@@ -0,0 +1,90 @@
+Description: > 
+  Jenkins VPC Resources
+
+Mappings:
+  SubnetConfig:
+    VPC:
+      CIDR: '10.0.0.0/16'
+    PublicSubnet1:
+      CIDR: '10.0.0.0/24'
+    PublicSubnet2:
+      CIDR: '10.0.1.0/24'
+
+Resources:
+  VPC:
+    Type: AWS::EC2::VPC
+    Properties:
+      CidrBlock: !FindInMap ['SubnetConfig', 'VPC', 'CIDR']
+      EnableDnsHostnames: true
+      EnableDnsSupport: true
+  PublicSubnetOne:
+    Type: AWS::EC2::Subnet
+    Properties:
+      AvailabilityZone:
+        Fn::Select:
+          - 0
+          - Fn::GetAZs: {Ref: 'AWS::Region'}
+      VpcId: !Ref 'VPC'
+      CidrBlock: !FindInMap ['SubnetConfig', 'PublicSubnet1', 'CIDR']
+      MapPublicIpOnLaunch: true
+      Tags: 
+        - Key: Name 
+          Value: "Public Subnet (AZ1)"
+  PublicSubnetTwo:
+    Type: AWS::EC2::Subnet
+    Properties:
+      AvailabilityZone:
+        Fn::Select:
+          - 1
+          - Fn::GetAZs: {Ref: 'AWS::Region'}
+      VpcId: !Ref 'VPC'
+      CidrBlock: !FindInMap ['SubnetConfig', 'PublicSubnet2', 'CIDR']
+      MapPublicIpOnLaunch: true
+      Tags: 
+        - Key: Name 
+          Value: "Public Subnet (AZ2)"
+  InternetGateway:
+    Type: AWS::EC2::InternetGateway
+  GatewayAttachement:
+    Type: AWS::EC2::VPCGatewayAttachment
+    Properties:
+      VpcId: !Ref 'VPC'
+      InternetGatewayId: !Ref 'InternetGateway'
+  PublicRouteTable:
+    Type: AWS::EC2::RouteTable
+    Properties:
+      VpcId: !Ref 'VPC'
+  PublicRoute:
+    Type: AWS::EC2::Route
+    DependsOn: GatewayAttachement
+    Properties:
+      RouteTableId: !Ref 'PublicRouteTable'
+      DestinationCidrBlock: '0.0.0.0/0'
+      GatewayId: !Ref 'InternetGateway'
+  PublicSubnetOneRouteTableAssociation:
+    Type: AWS::EC2::SubnetRouteTableAssociation
+    Properties:
+      SubnetId: !Ref PublicSubnetOne
+      RouteTableId: !Ref PublicRouteTable
+  PublicSubnetTwoRouteTableAssociation:
+    Type: AWS::EC2::SubnetRouteTableAssociation
+    Properties:
+      SubnetId: !Ref PublicSubnetTwo
+      RouteTableId: !Ref PublicRouteTable
+
+Outputs:
+  VPC: 
+    Description: A reference to the created VPC
+    Value: !Ref VPC
+    Export: 
+      Name: VPCID
+  PublicSubnet1:
+    Description: A reference to the public subnet in the 1st Availability Zone
+    Value: !Ref PublicSubnetOne
+    Export: 
+      Name: PublicSubnet1
+  PublicSubnet2: 
+    Description: A reference to the public subnet in the 2nd Availability Zone
+    Value: !Ref PublicSubnetTwo
+    Export: 
+      Name: PublicSubnet2