The 6th principle of DevOps: "Automate Everything You Can" and sit back
As I mentioned in the title of my post, AUTOMATE EVERYTHING YOU CAN AND SIT BACK.?
On AWS Cloud, I created an ansible instance and a jenkins server?by using two different IAAC Tools (CloudFormation and Ansible).?
What practical is that: During the first creation process, ansible instance clones all necessary files from git repo and automatically triggers other instance's creation process and creates an other instance (a new jenkins server) running on container infrastructure.?
This solution allows me to skip extra and unnecessary steps and automate the other infrastructure creation process by using two different IAAC tools together.
You see below my cloudformation template which will create Ansible instance and automatically trigger/create jenkins server in next step?
AWSTemplateFormatVersion: 2010-09-0
Description: >
? This template aims to create an ubuntu instance with ansible installed on AWS Cloud? and to create at the same time a jenkins server running on docker container infrastructure by using ansible instance (ansible tool).?
Parameters:
? KeyPairName:
? ? Description: ali_ilk_key.pem
? ? Type: AWS::EC2::KeyPair::KeyName
? ? ConstraintDescription: Must one of the existing EC2 KeyPair
Resources:
? ServerSecurityGroup:
? ? Type: AWS::EC2::SecurityGroup
? ? Properties:
? ? ? GroupDescription: Amazon Linux machine
? ? ? SecurityGroupIngress:
? ? ? ? - IpProtocol: tcp
? ? ? ? ? FromPort: 22
? ? ? ? ? ToPort: 22
? ? ? ? ? CidrIp: 0.0.0.0/0
? ? ? ? - IpProtocol: tcp
? ? ? ? ? FromPort: 80
? ? ? ? ? ToPort: 80
? ? ? ? ? CidrIp: 0.0.0.0/0
? ? ? ? - IpProtocol: tcp
? ? ? ? ? FromPort: 443
? ? ? ? ? ToPort: 443
? ? ? ? ? CidrIp: 0.0.0.0/0
? AmazonEC2FullAccessRole:
? ? Type: AWS::IAM::Role
? ? Properties:
? ? ? AssumeRolePolicyDocument:
? ? ? ? Statement:
? ? ? ? ? - Effect: Allow
? ? ? ? ? ? Principal:
? ? ? ? ? ? ? Service: [ec2.amazonaws.com]
? ? ? ? ? ? Action: ['sts:AssumeRole']
? ? ? Path: /
? ? ? ManagedPolicyArns:
? ? ? ? - arn:aws:iam::aws:policy/AmazonEC2FullAccess
? AmazonEC2FullAccessProfile:
? ? Type: AWS::IAM::InstanceProfile
? ? Properties:
? ? ? Path: /
? ? ? Roles: [!Ref AmazonEC2FullAccessRole] ? ? ? ?
? ServerHost:
? ? Type: AWS::EC2::Instance
? ? Properties:
? ? ? ImageId: ami-0e472ba40eb589f49
? ? ? InstanceType: t2.micro
? ? ? IamInstanceProfile: !Ref AmazonEC2FullAccessProfile
? ? ? KeyName: !Ref KeyPairName
? ? ? SecurityGroupIds:
? ? ? ? - !Ref ServerSecurityGroup
? ? ? Tags: ? ? ? ? ? ? ? ?
? ? ? ? - ? ? ? ? ? ? ? ? ? ? ? ?
? ? ? ? ? Key: Name
? ? ? ? ? Value: !Sub ${AWS::StackName} ?
? ? ? UserData:
? ? ? ? Fn::Base64:
? ? ? ? ? !Sub |
? ? ? ? ? ? #! /bin/bash
? ? ? ? ? ? apt-get update
? ? ? ? ? ? apt-add-repository -y ppa:ansible/ansible
? ? ? ? ? ? apt-get update
? ? ? ? ? ? apt-get install -y ansible
? ? ? ? ? ? apt install python-pip -y
? ? ? ? ? ? pip install boto boto3
? ? ? ? ? ? apt-get install python-boto -y
? ? ? ? ? ? pip install --upgrade requests==2.20.1
? ? ? ? ? ? cd /home/ubuntu
? ? ? ? ? ? git clone https://alisXXX:[email protected]/alisXXX/infrastructure-jenkins-with-ansible.git
? ? ? ? ? ? cd infrastructure-jenkins-with-ansible/
? ? ? ? ? ? chmod 400 ali_ilk_key.pem
? ? ? ? ? ? ansible-playbook playbook_1_create_a_new_instance.yml
? ? ? ?
? ? ? ?
Outputs:
? WebsiteURL:
? ? Value: !Sub
? ? ? - https://${PublicAddress}
? ? ? - PublicAddress: !GetAtt ServerHost.PublicDnsName
? ? Description: Control Node (Ansible Instance)9
Look carefully at the User Data section in CloudFormation (above). You will see that the files that I have kept in my private repo have been cloned within the sequential process steps. Afterwards, you will see that the command that runs the playbook is written to create a jenkins server automatically.
The repo you see below is being cloned to the home/ubuntu directory in ansible instance during instance's creation.
Now let's take a look at the playbook named "playbook_1_create_a_new_instance.yml" that we ran during the installation of ansible instance. You will see it below.
---
- name: Create Ec2 instance
hosts: localhost
connection: local
gather_facts: False
tags: provisioning
vars:
key_name: ali_ilk_key
instance_type: t2.micro
image: ami-0e472ba40eb589f49
wait: yes
group: jenkins server
count: 1
region: us-east-1
security_group: Security group for jenkins server
user_data: "{{ lookup('file', 'user-data.sh') }}"
tasks:
- name: Creating security group for jenkins server
local_action:
module: ec2_group
name: "{{ security_group }}"
description: Security group for jenkins server
region: "{{ region }}"
rules:
- proto: tcp
from_port: 22
to_port: 22
cidr_ip: 0.0.0.0/0
- proto: tcp
from_port: 8080
to_port: 8080
cidr_ip: 0.0.0.0/0
- proto: tcp
from_port: 80
to_port: 80
cidr_ip: 0.0.0.0/0
- proto: tcp
from_port: 50000
to_port: 50000
cidr_ip: 0.0.0.0/0
- proto: tcp
from_port: 8090
to_port: 8090
cidr_ip: 0.0.0.0/0
rules_egress:
- proto: all
cidr_ip: 0.0.0.0/0
register: basic_firewall
- name: Launching the new EC2 Instance which is created for jenkins server
local_action: ec2
group={{ security_group }}
instance_type={{ instance_type }}
image={{ image }}
wait=true
region={{ region }}
user_data="{{ user_data }}"
key_name={{ key_name }}
count={{ count }}
register: ec2
- name: Add Tagging to EC2 instance
local_action: ec2_tag resource={{ item.id }} region={{ region }} state=present
with_items: "{{ ec2.instances }}"
args:
tags:
Name: New Instance for Jenkins Server
Monitoring: New Instance for Jenkins Server-
Note the variable user_data: "{{ lookup('file', 'user-data.sh') }}" in the playbook above. Let's take a closer look at our user-data.sh file below.
领英推荐
#!/bin/bas
apt-get update
apt-get upgrade -y
apt-get install python3.7
apt install python-pip
apt-get update
apt-get install -y apt-transport-https ca-certificates curl software-properties-common
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
add-apt-repository \
"deb [arch=amd64] https://download.docker.com/linux/ubuntu \
$(lsb_release -cs) \
stable"
apt-get update
apt-get install -y docker-ce
usermod -aG docker ubuntu
curl -L "https://github.com/docker/compose/releases/download/1.29.2/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
chmod +x /usr/local/bin/docker-compose
service docker start
cd /home/ubuntu
git clone https://github.com/alisoXXXX/install-jenkins-shfile.git
cd install-jenkins-shfile
chmod +x /home/ubuntu/install-jenkins-shfile/install-jenkins.sh
sudo ./install-jenkins.sh
As you see, we are creating a new server infrastructure by pointing the user-data variable, thanks to playbook_1_create_a_new_instance.yml. On our new server, we first install docker and docker dompose.
Subsequently, we clone the sh file named "install-jenkins.sh" from gitrepo and run it. Below you can see my git repo and the sh file named "install-jenkins.sh".
Below you can see the sh file named "install-jenkins.sh".
docker network create --driver=bridge alitech
docker volume create jenkins-log
docker volume create jenkins-data
docker container run -d \
--name jenkins \
--restart always \
-p 8080:8080 -p 50000:50000 \
--network alitech \
-v jenkins-log:/var/log/jenkins \
-v jenkins-data:/var/jenkins_home \
-v /var/run/docker.sock:/var/run/docker.sock \
-v /data/docker/bind-mounts/jenkins/downloads:/var/jenkins_home/downloads \
-v /usr/bin/docker:/usr/bin/docker \
--env VIRTUAL_HOST=jenkins.ali.tech \
--env VIRTUAL_PORT=8080 \
--env JAVA_OPTS=-Xmx4g \
--env LETSENCRYPT_HOST=jenkins.ali.tech \
--env [email protected] \
bitnami/jenkins:2.319.3
? 2022 GitHub, Inc.
Terme
Now check your AWS console. As you see below, you will see that both instances (Ansible instance and Jenkins Server) are running now.
Let's finally check and look at below whether the jenkins server is running on the web browser.
And that's all. Our Jenkins Server is running as we want. Let's repeat what we said at the beginning of my post, then, at the end of our article: Automate everything you can and sit back.
Cloud / DevOps Engineer at Sainsbury's Digital, Tech and Data
3 年Vaouv! Congrats. Very good...
Cloud Engineer @ Rapid Circle
3 年Thanks for the informative post. ??
Platform Engineer @ Chillipharm
3 年Thanks for posting. Keep sharing ?? Ali Sorkuncuk