this repo contains the IaC for Jenkins server on AWS. It is a part of DevOps projects with two additional repositories: Terraform-app and python-api
![Screenshot 2024-03-09 at 4 41 21 PM](https://private-user-images.githubusercontent.com/75366942/311433278-1ba37f53-ad51-42ce-a469-c6fad62cc2dc.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAzNTI5MzMsIm5iZiI6MTcyMDM1MjYzMywicGF0aCI6Ii83NTM2Njk0Mi8zMTE0MzMyNzgtMWJhMzdmNTMtYWQ1MS00MmNlLWE0NjktYzZmYWQ2MmNjMmRjLnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDclMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzA3VDExNDM1M1omWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPTM0YjQ3Yjk2ZDVkOGRlNWNkMzQzNWQ2OTdjOWRmYTMyYTMyMDZkYjI4NjI0ZmJkZTg2NDgxMzZkNWRkZjEwNTUmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.IyO62jlo9IxKBgGMR3j99W8jrFf4zaeCi1hzIpzZBNc)
- Initialize Terraform
terraform init
- Terraform plan
terraform plan
- Terraform apply
terraform apply -auto-approve
After running the above commands you will have :
Network layer
- one VPC (10.0.0.0/16)
- two public subnet(10.0.1.0/24, 10.0.2.0/24)
- one internet gateway connected to the VPC and a route table for subnets to allows traffic through IGW
- two security groups. one with just ssh, and one with http, https, custom tcp at port 8080.
Application Layer
- one ec2 instance with user data to install java, Jenkins, terraform on it.
- one target group
- one ALB(internal).
- Dont allow direct http traffic to ec2 instance. Only allow http traffic coming from ALB. Use security groups to do that.
- Dont make your ALB internet facing.
- make modification in the terraform.tfvars file according to your needs.
- generate your own ssh key (using 'ssh keygen') and put the public key (example.pub) in terraform.tfvars .
- it is recommended to increase the instance size from t2.micro to atleast t2.medium to work properly with Jenkins .
- change the share_credential_file in provider.tf .
ssh-keygen
use this command in your terminal and give any relevent name to you key.
By running this command, you will have two keys in your .ssh/
.
exampleKey.pub
and exampleKey
. the one with .pub
extension is our public key and we need to use that in our terraform code. and other one will be used as a private key. Which will be spicified in resource block "aws_instance".
Pull requests are welcome. For major changes, please open an issue first to discuss what you would like to change.