Deploy Jenkins Server with Terraform

TERRAFORM LAB 3

Before proceeding with this lab, reference the following link below:

• INSTALLING TERRAFORM ON YOUR LOCAL MACHINE 

In this lab, we will be deploying a Jenkins standalone server with terraform. 

Prerequisites:

AWS access and secret keys are required to provision resources on AWS cloud.

• Open Visual Code Studio then click on File > Preferences > Extensions then search and install Terraform extension

• 
  

• Login to AWS console, click on Username on top right corner and go to My Security Credentials

• Click on Access Keys and Create New Key

Step I: Open File Explorer, navigate to Desktop and create a folder jenkins_workspace.

Step II: Once folder has been created, open Visual Code Studio and add folder to workspace

Step III: Create a new folder files in workspace and follow the below steps:

• In files folder, create a file environment and copy the below code and save it

         export JAVA_HOME=/home/ubuntu/jdk1.8.0_251/bin

• In files folder, download JAVA dependencies on your machine and copy it in the directory.

Step IV: Create a new file main.tf and copy the below code in yellow color

provider "aws" {
    region = var.region
    access_key = var.accesskey
    secret_key  = var.secretkey
}

resource "aws_instance" "ec2" {

## The provisioner file allows to copy files from your local machine to remote server via ssh and winrm

    provisioner "file" {
    source      = "./files/environment"
    destination = "/home/ubuntu/environment"
  }

  provisioner "file" {
    source      = "./files/jdk-8u251-linux-x64.tar.gz"
    destination = "/home/ubuntu/jdk-8u251-linux-x64.tar.gz"
  }

    ################################################################################################
    #### Input code here to configure your jenkins server (yum install, sudo this, sudo that, pip those)
    ################################################################################################
    provisioner "remote-exec" {
        inline = [
            "sudo pip install awscli",
            "echo This is installing 1",
            "sudo apt-get install -y unzip",
            "echo This is installing 2",
            "sudo apt-get install wget",
            "echo This is installing 3",
            "sudo yum install java -y",
            "sudo tar xvf /home/ubuntu/jdk-8u251-linux-x64.tar.gz",
            "java -version",
            "echo Completed installing java",
            "sudo mv -f /home/ubuntu/environment /etc/",
            "source /etc/environment",
            "echo Set JAVA HOME",
            "wget -q -O - https://pkg.jenkins.io/debian-stable/jenkins.io.key | sudo apt-key add -",
            "echo This is installing 8",
            "sudo sh -c 'echo deb https://pkg.jenkins.io/debian-stable binary/ > /etc/apt/sources.list.d/jenkins.list'",
            "sudo apt-get update",
            "sudo apt-get install jenkins -y",
            "sudo sed -i 's|/bin:/usr/bin:/sbin:/usr/sbin|/bin:/usr/bin:/sbin:/usr/sbin:/home/ubuntu/jdk1.8.0_251/bin|g' /etc/init.d/jenkins",
            "sudo systemctl daemon-reload",
            "sudo systemctl start jenkins",
            "echo Installation Complete",
            "cd /home/ubuntu/",
            "wget https://releases.hashicorp.com/terraform/0.12.24/terraform_0.12.24_linux_amd64.zip",
            "unzip terraform_0.12.24_linux_amd64.zip",
            "sudo mv terraform /usr/bin/",
            "sudo pwd"
        ]
    }

    ami = "ami-0782e9ee97725263d"
    root_block_device {
    volume_type           = "gp2"
    volume_size           = 200
    encrypted             = true
  }

    tags = {
        Name = var.stackname
        CreatedBy = var.launched_by
        Application = var.application
        OS = var.os
    }

    instance_type = "t2.micro"
    key_name = "terraform"
    vpc_security_group_ids = [aws_security_group.ec2_sg.id]

    #This connection string is to establish a connection via ssh to configure the instance
    

connection {
        user = "ubuntu"
        type = "ssh"
        host = self.public_ip
        private_key = file("KEYNAME.pem")
        timeout = "2m"
    }
}

Add the block below in main.tf to output the Private IP, Public IP and EC2 Name after creation. (Note: This is not required)

output "ec2_ip" {

    value = [aws_instance.ec2.*.private_ip]

}

output "ec2_ip_public" {

    value = [aws_instance.ec2.*.public_ip]

}

output "ec2_name" {

    value = [aws_instance.ec2.*.tags.Name]

}

Step V: Create a new file security.tf and copy the below code in yellow color

resource "aws_security_group" "ec2_sg" {

name = "jenkins-dev-sg"

description = "EC2 SG"

ingress {

from_port = 22

to_port = 22

protocol = "tcp"

cidr_blocks = ["10.0.0.0/8"]

}

   ingress {

from_port = 8080

to_port = 8080

protocol = "tcp"

cidr_blocks = ["10.0.0.0/8"]

}

#Allow all outbound

egress {

from_port = 0

to_port = 0

protocol = "-1"

cidr_blocks = ["0.0.0.0/0"]

}

tags = {
    Name = "jenkins-dev-sg"
  }

}

Step VI: Create a new file variable.tf and copy the below code in yellow color. 

variable region {

  type        = string

  default = "us-east-2"

}

############## tags

variable accesskey {

  type        = string

  default = "ENTER ACCESS KEY HERE"

}

variable secretkey {

  type        = string

  default = "ENTER SECRET KEY HERE"

}

variable stackname {

  type        = string

  default = "u2-dev-jenas"

}

variable application {

  type        = string

  default = "Jenkins"

}

variable os {

  type        = string

  default = "Ubuntu"

}

variable launched_by {

  type        = string

  default = "ENTER YOUR NAME HERE"

}

Step X: Open Terminal in VSCode

Step XI: Execute command below

terraform init

the above command will download the necessary plugins for AWS.

terraform plan

the above command will show how many resources will be added.

Plan: 2 to add, 0 to change, 0 to destroy.

Execute the below command

terraform apply

Plan: 2 to add, 0 to change, 0 to destroy.

Do you want to perform these actions?
  Terraform will perform the actions described above.
  Only 'yes' will be accepted to approve.

  Enter a value: yes

Apply complete! Resources: 2 added, 0 changed, 0 destroyed.

Yay! 

We have successfully deployed your first jenkins server with terraform............................

Now login to AWS console, to verify jenkins is up and running

How to Create a Bitbucket Pull Request

Using a pull request, you're requesting that another developer or the project owner pull a branch from your repository and add it to the project. Here's how to create a pull request from the Bitbucket website.

How to Create a Bitbucket Pull Request

To create a pull request, you'll have to make sure that your branch is updated with new code that you want to be reviewed. Before going any further, check and save your work on the local machine and update the branch.

Then, open the Bitbucket website on your browser and navigate to the repository in question.

Click on the menu button in the top-left, and select Pull Requests.

Here, click on the Create pull request button.

The pull request creation form will open.

There are a few things to do on this form:

• From the left dropdown menu, select the sub-branch (source repository) that you want to merge into the master branch.

• On the right, make sure that the project and the master branch (destination repository) are selected.

• You can create a separate title for the pull request and write a short description of the code that you've written or the task that you've completed.

• At the bottom, you'll indicate the Reviewers. This is the most important step: Type in the name of one or more developers who need to review your code.

• If you automatically want to close the branch once the pull request is merged, click the Close branch checkbox.

Before submitting the request, you can scroll below the form to take a look at the code differences between the test branch and the master branch and go over the recent commits.

Once you're confident about it, click Create pull request.

The process from your side is now complete. The reviewers will get an email notification about your pull request. They'll be able to view all the contents of your branch, compare it with the master branch, and leave comments.

Once they're satisfied with your work, they can click Merge to merge your branch's code with the master branch.

How to Install packages using Ansible Tower(AWX)(On Ubuntu)

 Step 1

We need a user account with sudo previlege. If you are using an ubuntu machine you can use ubuntu

You can also create a new user using https://violetstreamstechnology.blogspot.com/2020/10/how-to-create-new-user-in-ubuntu-18.html

For this lab we will use ubuntu user account. Please launch a target ec2 instance.  ubuntu 16.04

Step 2:

Create a password for ubuntu

i. Login to the target ec2 machine

ii. Switch to root 

sudo su

iii. Create password for ubuntu

passwd ubuntu

When prompted enter admin for the password

iv.  Create password for root user

passwd root

when prompted enter admin for the password

v. Make sure you enable password login Authentication:(skip this step if you have already done it)

See: https://violetstreamstechnology.blogspot.com/2020/11/how-to-enable-ssh-password.html

Step 3 : Create credentials for bitbucket and Target server

Log into your Ansible Tower Account

Create credentials for Bitbucket

Click Credentials ----"+"

Enter a Name(You can use any name of choice): Bitbucket

Enter Organization: Devops
Credential Type: Source Control

UserName: Your Bitbucket username

Password: Your Bitbucket Password

Then Save

Create Credential for Target server

Click Credentials ----"+"

Enter a Name(You can use any name of choice): Ubuntu

Enter Organization: Devops
Credential Type: machine

UserName: (Username to login to the target server) ubuntu

Password: (Password for the target server)admin

(Note: Make sure you create this user/pswd on the target server-see https://violetstreamstechnology.blogspot.com/2020/11/how-to-enable-ssh-password.html

https://violetstreamstechnology.blogspot.com/2020/10/how-to-create-new-user-in-ubuntu-18.html)

Scroll down---- Enter the parameters for Sudo/root user you will escalate to

• sudo
• su
• pbrun
• pfexec
• dzdo
• pmrun
• runas
• enable
• doas
• ksu
• machinectl
• sesu

PRIVILEGE ESCALATION USERNAME: root

PRIVILEGE ESCALATION METHOD 

sudo

PRIVILEGE ESCALATION PASSWORD

admin

Then Save

Step 4 : Create a new Project on Ansible Tower( Skip this step if you have created one before)

Click Projects ---- "+" to Add a new Project

You can use the ff details

Name: MyWebAppPackages

Organization: Select an Existing org(You can create one)for this lab i selected Devops

SCM TYPE: Select Git

SCM URL: Enter your bitbucket url

Branch: Enter your bitbucket branch - Ansible

SCM Credential: Select your Bitbucket Credential you created

Then Save

Step 5: Add Target Host to inventory----click Inventories----"+" select ---inventory

Enter Name: Apache(You can Name it anything)

         Organization: Devops(Select the organization you created)

          Save

Click on GROUPS(Here we can create group of hosts) ----"+" to add a group

Enter Name: Apache-Server

Description: Any description will do (See Screenshot below)

Save

After saving ----Click on Hosts (To Add your target host to the group) ----"+" select---- New Host

Enter 

HOST NAME:  IP of your Target Host

Save

Step 6: Add the playbook to your repo

---Go to your project on  your computer

---Open Git bash

---Go into the repo folder : cd myfirstrepo

---launch vscode : code .

----Create a New File

Copy the below Playbook and paste in the New file

---

- name: Playbook to install NGINX

hosts: "{{ deploy_host }}"

tasks:

- name: Ansible apt install Apache

apt:

name: apache2

state: present

Save it as apache.yml

Commit and push to your repo

Step 7: Refresh your project to load the new playbook

Step 8: Create a New Template----click Templates----"+"

Enter Name : Apache-Install

Job Type: Run

Inventory: Apache(Select the inventory you created)

PROJECT: MyWebAppPackages

PLAYBOOK: apache.yml(Select your playbook)

CREDENTIALS: ubuntu(Select the credentials you created)

VERBOSITY: Select 4

In EXTRA VARIABLES Add the deploy host(Specify the group server name or host ip)

deploy_host: Apache-Servers

Save then Launch

This will install Apache Server on your Target Host

Go to the Ip Address. Open port 80 and you should see Apache running

You can try these steps to install more packages with the following paybooks:

Remove Apache:

---

- name: Playbook to install APache

hosts: "{{ deploy_host }}"

tasks:

- name: Ansible apt install Apache

apt:

name: apache2

state: absent

Install Openssl-update cache

---

- name: Playbook to install NGINX

hosts: "{{ deploy_host }}"

tasks:

- name: Ansible apt install open ssl

apt:

name: openssl

state: present

update_cache: yes

Install Nginx

---

- name: Playbook to install NGINX

hosts: "{{ deploy_host }}"

tasks:

- name: Ansible apt install nginx

apt:

name: nginx

state: present

Install Jenkins

---

- name: Playbook to install Jenkins

hosts: "{{ deploy_host }}"

tasks:

- name: Install OpenJDK Java

become: yes

apt:

name: "{{ item }}"

state: present

with_items:

openjdk-8-jdk

- name: ensure the jenkins apt repository key is installed

apt_key: url=https://pkg.jenkins.io/debian-stable/jenkins.io.key state=present

become: yes

- name: ensure the repository is configured

apt_repository: repo='deb https://pkg.jenkins.io/debian-stable binary/' state=present

become: yes

- name: ensure jenkins is installed

apt: name=jenkins update_cache=yes

become: yes

- name: ensure jenkins is running

service: name=jenkins state=started

Install Tomcat

---

- name: Playbook to install TOMCAT

hosts: "{{ deploy_host }}"

tasks:

- name: Install Tomcat 9 on Ubuntu

become: yes

apt: pkg={{ item }} state=latest update_cache=yes cache_valid_time=3600

with_items:

- tomcat8

Install Maven

--- - name: Playbook to install MAVEN hosts: "{{ deploy_host }}" tasks: - name: Install Maven using Ansible become: yes apt: name: maven state: present

Install LAMP stack(ApcheMysqlPhp)

---

- name: Playbook to install Jenkins

hosts: "{{ deploy_host }}"

tasks:

- name: Install LAMP stack using Ansible

become: yes

apt:

name: "{{ packages }}"

state: present

vars:

packages:

- apache2

- mysql-server

- php

You can also download other Playbooks from the internet and use