Skip to content

Commit c4938c5

Browse files
PaulDuvallPaulDuvall
committed
took devopsinthecloud jenkins.template to use
1 parent 43deb46 commit c4938c5

File tree

1 file changed

+375
-0
lines changed

1 file changed

+375
-0
lines changed

software/infrastructure/jenkins.template

Lines changed: 375 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,375 @@
1+
{
2+
"AWSTemplateFormatVersion" : "2010-09-09",
3+
4+
"Description" : "CloudFormation Template to provision a Jenkins instance for CI Example",
5+
6+
"Parameters" : {
7+
8+
"KeyName" : {
9+
"Description" : "Name of an existing EC2 KeyPair to enable SSH access to the instances",
10+
"Type" : "String",
11+
"Default" : "cd00",
12+
"MinLength": "1",
13+
"MaxLength": "64",
14+
"AllowedPattern" : "[-_ a-zA-Z0-9]*",
15+
"ConstraintDescription" : "Can contain only alphanumeric characters, spaces, dashes and underscores."
16+
},
17+
18+
"InstanceType" : {
19+
"Description" : "WebServer EC2 instance type",
20+
"Type" : "String",
21+
"Default" : "c1.medium",
22+
"ConstraintDescription" : "Must be a valid EC2 instance type."
23+
},
24+
25+
"PrivateBucket" : {
26+
"Description" : "S3 bucket for storing credentials",
27+
"Type" : "String",
28+
"Default" : "cd00creds",
29+
"ConstraintDescription" : "Must be a valid S3 Bucket"
30+
},
31+
32+
"PublicBucket" : {
33+
"Description" : "S3 bucket for storing build artifacts",
34+
"Type" : "String",
35+
"Default" : "cd00artifacts",
36+
"ConstraintDescription" : "Must be a valid S3 Bucket"
37+
}
38+
},
39+
40+
"Mappings" : {
41+
"AWSInstanceType2Arch" : {
42+
"t1.micro" : { "Arch" : "64" },
43+
"m1.large" : { "Arch" : "64" },
44+
"m1.xlarge" : { "Arch" : "64" },
45+
"m2.xlarge" : { "Arch" : "64" },
46+
"m2.2xlarge" : { "Arch" : "64" },
47+
"m2.4xlarge" : { "Arch" : "64" },
48+
"c1.medium" : { "Arch" : "64" },
49+
"c1.xlarge" : { "Arch" : "64" },
50+
"cc1.4xlarge" : { "Arch" : "64" }
51+
},
52+
"AWSRegionArch2AMI" : {
53+
"us-east-1" : { "32" : "ami-7f418316", "64" : "ami-7341831a" },
54+
"us-west-1" : { "32" : "ami-951945d0", "64" : "ami-971945d2" },
55+
"us-west-2" : { "32" : "ami-16fd7026", "64" : "ami-10fd7020" },
56+
"eu-west-1" : { "32" : "ami-24506250", "64" : "ami-20506254" },
57+
"ap-southeast-1" : { "32" : "ami-74dda626", "64" : "ami-7edda62c" },
58+
"ap-northeast-1" : { "32" : "ami-dcfa4edd", "64" : "ami-e8fa4ee9" }
59+
}
60+
},
61+
62+
"Resources" : {
63+
64+
"CfnUser" : {
65+
"Type" : "AWS::IAM::User",
66+
"Properties" : {
67+
"Path": "/",
68+
"Policies": [
69+
{
70+
"PolicyName": "Admin",
71+
"PolicyDocument":
72+
{ "Statement": [
73+
{
74+
"Effect":"Allow",
75+
"Action":"*",
76+
"Resource":"*"
77+
}
78+
]}
79+
}
80+
]
81+
}
82+
},
83+
84+
"DeploymentQueue" : {
85+
"Type" : "AWS::SQS::Queue",
86+
"Properties" : {
87+
"VisibilityTimeout" : "0"
88+
}
89+
},
90+
91+
"CFNStackQueue" : {
92+
"Type" : "AWS::SQS::Queue",
93+
"Properties" : {
94+
"VisibilityTimeout" : "0"
95+
}
96+
},
97+
98+
"PrivateBucketPolicy" : {
99+
"Type" : "AWS::S3::BucketPolicy",
100+
"Properties" : {
101+
"PolicyDocument": {
102+
"Id":"PrivateBucketPolicy",
103+
"Statement":[
104+
{
105+
"Sid":"ReadAccess",
106+
"Action":["s3:GetObject"],
107+
"Effect":"Allow",
108+
"Resource": { "Fn::Join" : ["", ["arn:aws:s3:::", { "Ref" : "PrivateBucket" } , "/*" ]]},
109+
"Principal":{ "AWS": { "Fn::GetAtt" : [ "CfnUser", "Arn" ]} }
110+
}
111+
]
112+
},
113+
"Bucket" : {"Ref" : "PrivateBucket"}
114+
}
115+
},
116+
117+
"HostKeys" : {
118+
"Type" : "AWS::IAM::AccessKey",
119+
"Properties" : {
120+
"UserName" : {"Ref": "CfnUser"}
121+
}
122+
},
123+
124+
"WebServer": {
125+
"Type": "AWS::EC2::Instance",
126+
"DependsOn" : "PrivateBucketPolicy",
127+
"Metadata" : {
128+
"AWS::CloudFormation::Init" : {
129+
"config" : {
130+
"packages" : {
131+
"yum" : {
132+
"java-1.6.0-openjdk" : [],
133+
"tomcat6" : [],
134+
"git" : [],
135+
"make" : [],
136+
"gcc" : [],
137+
"sqlite-devel" : [],
138+
"libxml2-devel" : [],
139+
"libxslt-devel" : [],
140+
"libyaml-devel" : []
141+
}
142+
},
143+
144+
145+
"files" : {
146+
"/usr/share/tomcat6/webapps/jenkins.war" : {
147+
"source" : "http://mirrors.jenkins-ci.org/war-stable/latest/jenkins.war",
148+
"mode" : "000500",
149+
"owner" : "tomcat",
150+
"group" : "tomcat"
151+
},
152+
153+
"/usr/share/tomcat6/scripts/aws/sqs_receive_message.rb" : {
154+
"source" : { "Fn::Join" : ["", ["https://s3.amazonaws.com/stelligentlabs/scripts/aws/sqs_receive_message.rb"]]},
155+
"mode" : "000500",
156+
"owner" : "tomcat",
157+
"group" : "tomcat"
158+
},
159+
160+
"/usr/share/tomcat6/scripts/aws/sqs_send_message.rb" : {
161+
"source" : { "Fn::Join" : ["", ["https://s3.amazonaws.com/stelligentlabs/scripts/aws/sqs_send_message.rb"]]},
162+
"mode" : "000500",
163+
"owner" : "tomcat",
164+
"group" : "tomcat"
165+
},
166+
167+
"/usr/share/tomcat6/scripts/aws/terminate.rb" : {
168+
"source" : { "Fn::Join" : ["", ["https://s3.amazonaws.com/stelligentlabs/scripts/aws/terminate.rb"]]},
169+
"mode" : "000500",
170+
"owner" : "tomcat",
171+
"group" : "tomcat"
172+
},
173+
174+
"/usr/share/tomcat6/scripts/aws/create_config_domain.rb" : {
175+
"source" : { "Fn::Join" : ["", ["https://s3.amazonaws.com/stelligentlabs/scripts/aws/create_config_domain.rb"]]},
176+
"mode" : "000500",
177+
"owner" : "tomcat",
178+
"group" : "tomcat"
179+
},
180+
181+
"/usr/share/tomcat6/scripts/aws/showback_domain.rb" : {
182+
"source" : { "Fn::Join" : ["", ["https://s3.amazonaws.com/stelligentlabs/scripts/aws/showback_domain.rb"]]},
183+
"mode" : "000500",
184+
"owner" : "tomcat",
185+
"group" : "tomcat"
186+
},
187+
188+
"/usr/share/tomcat6/.ssh/known_hosts" : {
189+
"source" : { "Fn::Join" : ["", ["https://s3.amazonaws.com/", { "Ref" : "PrivateBucket" }, "/known_hosts"]]},
190+
"mode" : "000644",
191+
"owner" : "tomcat",
192+
"group" : "tomcat",
193+
"authentication" : "S3AccessCreds"
194+
},
195+
196+
"/usr/share/tomcat6/.ssh/id_rsa" : {
197+
"source" : { "Fn::Join" : ["", ["https://s3.amazonaws.com/", { "Ref" : "PrivateBucket" }, "/id_rsa"]]},
198+
"mode" : "000600",
199+
"owner" : "tomcat",
200+
"group" : "tomcat",
201+
"authentication" : "S3AccessCreds"
202+
},
203+
204+
"/etc/cron.hourly/jenkins_versioning.sh" : {
205+
"source" : { "Fn::Join" : ["", ["https://s3.amazonaws.com/stelligentlabs/scripts/jenkins/jenkins_versioning.sh"]]},
206+
"mode" : "000500",
207+
"owner" : "tomcat",
208+
"group" : "tomcat"
209+
},
210+
211+
"/usr/share/tomcat6/scripts/config/aws.config" : {
212+
"content" : { "Fn::Join" : ["", [
213+
"AWS.config(\n",
214+
":access_key_id => \"", { "Ref" : "HostKeys" }, "\",\n",
215+
":secret_access_key => \"", {"Fn::GetAtt": ["HostKeys", "SecretAccessKey"]}, "\")\n"
216+
]]},
217+
"mode" : "000500",
218+
"owner" : "tomcat",
219+
"group" : "tomcat"
220+
}
221+
}
222+
}
223+
},
224+
225+
"AWS::CloudFormation::Authentication" : {
226+
"S3AccessCreds" : {
227+
"type" : "S3",
228+
"accessKeyId" : { "Ref" : "HostKeys" },
229+
"secretKey" : {"Fn::GetAtt": ["HostKeys", "SecretAccessKey"]},
230+
"buckets" : [ { "Ref" : "PrivateBucket" }, { "Ref" : "PublicBucket" } ]
231+
}
232+
}
233+
},
234+
"Properties": {
235+
"ImageId" : { "Fn::FindInMap" : [ "AWSRegionArch2AMI", { "Ref" : "AWS::Region" },
236+
{ "Fn::FindInMap" : [ "AWSInstanceType2Arch", { "Ref" : "InstanceType" }, "Arch" ] } ] },
237+
"InstanceType" : { "Ref" : "InstanceType" },
238+
"SecurityGroups" : [ {"Ref" : "FrontendGroup"} ],
239+
"KeyName" : { "Ref" : "KeyName" },
240+
"Tags" : [{ "Key" : "Name", "Value" : "Jenkins" }],
241+
"UserData" : { "Fn::Base64" : { "Fn::Join" : ["", [
242+
"#!/bin/bash -v\n",
243+
"date > /home/ec2-user/starttime\n",
244+
"yum update -y aws-cfn-bootstrap\n",
245+
246+
"# Install packages\n",
247+
"/opt/aws/bin/cfn-init -s ", { "Ref" : "AWS::StackName" }, " -r WebServer ",
248+
" --access-key ", { "Ref" : "HostKeys" },
249+
" --secret-key ", {"Fn::GetAtt": ["HostKeys", "SecretAccessKey"]},
250+
" --region ", { "Ref" : "AWS::Region" }, " || error_exit 'Failed to run cfn-init'\n",
251+
252+
"# Copy Github credentials to root ssh directory\n",
253+
"cp /usr/share/tomcat6/.ssh/* /root/.ssh/\n",
254+
255+
"# Update Jenkins with versioned configuration\n",
256+
"rm -rf /usr/share/tomcat6/.jenkins\n",
257+
"git clone git@github.com:stelligent/continuous_integration_example.git /usr/share/tomcat6/.jenkins\n",
258+
259+
"# Installing Ruby 1.9.3 from RPM\n",
260+
"wget https://s3.amazonaws.com/stelligentlabs/resources/rpm/ruby-1.9.3p0-2.amzn1.x86_64.rpm\n",
261+
"rpm -Uvh ruby-1.9.3p0-2.amzn1.x86_64.rpm\n",
262+
263+
"# Install Jenkins Plugins\n",
264+
"wget -P /usr/share/tomcat6/.jenkins/plugins/ http://updates.jenkins-ci.org/download/plugins/git/1.1.16/git.hpi\n",
265+
"wget -P /usr/share/tomcat6/.jenkins/plugins/ http://updates.jenkins-ci.org/download/plugins/s3/0.2.0/s3.hpi\n",
266+
"wget -P /usr/share/tomcat6/.jenkins/plugins/ http://updates.jenkins-ci.org/download/plugins/jenkins-cloudformation-plugin/0.9/jenkins-cloudformation-plugin.hpi\n",
267+
"wget -P /usr/share/tomcat6/.jenkins/plugins/ http://updates.jenkins-ci.org/download/plugins/build-pipeline-plugin/1.2.3/build-pipeline-plugin.hpi\n",
268+
"wget -P /usr/share/tomcat6/.jenkins/plugins/ http://updates.jenkins-ci.org/download/plugins/github/1.2/github.hpi\n",
269+
"wget -P /usr/share/tomcat6/.jenkins/plugins/ http://updates.jenkins-ci.org/download/plugins/dashboard-view/2.2/dashboard-view.hpi\n",
270+
271+
"# Install Bundler\n",
272+
"gem install bundler\n",
273+
"gem install aws-sdk\n",
274+
"gem install cucumber\n",
275+
"gem install net-ssh\n",
276+
"gem install capistrano\n",
277+
278+
"# Add Tomcat user to sudoers and disable tty\n",
279+
"echo \"tomcat ALL=(ALL) NOPASSWD:ALL\" >> /etc/sudoers\n",
280+
"echo \"Defaults:%tomcat !requiretty\" >> /etc/sudoers\n",
281+
"echo \"Defaults:tomcat !requiretty\" >> /etc/sudoers\n",
282+
283+
"# Update main Jenkins config\n",
284+
"sed -i 's@<accessKey>.*</accessKey>@<accessKey>", { "Ref" : "HostKeys" }, "</accessKey>@' /usr/share/tomcat6/.jenkins/hudson.plugins.s3.S3BucketPublisher.xml\n",
285+
"sed -i 's@<secretKey>.*</secretKey>@<secretKey>", {"Fn::GetAtt": ["HostKeys", "SecretAccessKey"]}, "</secretKey>@' /usr/share/tomcat6/.jenkins/hudson.plugins.s3.S3BucketPublisher.xml\n",
286+
287+
"# Update Build Jenkins Job config\n",
288+
"sed -i 's@<bucket>.*</bucket>@<bucket>", { "Ref" : "PublicBucket" }, "</bucket>@' /usr/share/tomcat6/.jenkins/jobs/Build/config.xml\n",
289+
"sed -i 's@<bucket>.*</bucket>@<bucket>", { "Ref" : "PublicBucket" }, "</bucket>@' /usr/share/tomcat6/.jenkins/jobs/Puppet/config.xml\n",
290+
"sed -i 's@<bucket>.*</bucket>@<bucket>", { "Ref" : "PublicBucket" }, "/templates</bucket>@' /usr/share/tomcat6/.jenkins/jobs/Templates/config.xml\n",
291+
"sed -i 's@<bucket>.*</bucket>@<bucket>", { "Ref" : "PublicBucket" }, "/scripts/aws</bucket>@' /usr/share/tomcat6/.jenkins/jobs/JenkinsConfig/config.xml\n",
292+
293+
"# Add AWS Credentials to Tomcat\n",
294+
"echo \"AWS_ACCESS_KEY=", { "Ref" : "HostKeys" }, "\" >> /etc/sysconfig/tomcat6\n",
295+
"echo \"AWS_SECRET_ACCESS_KEY=", {"Fn::GetAtt": ["HostKeys", "SecretAccessKey"]}, "\" >> /etc/sysconfig/tomcat6\n",
296+
"echo \"AWS_CLOUDFORMATION_HOME=/opt/aws/apitools/cfn/\" >> /etc/sysconfig/tomcat6\n",
297+
298+
"# Add CloudFormation CLI tools\n",
299+
"wget -P /opt/aws/apitools/ https://s3.amazonaws.com/stelligentlabs/resources/aws_cli/CloudFormation-CLI.tar.gz\n",
300+
"tar -C /opt/aws/apitools/ -xf /opt/aws/apitools/CloudFormation-CLI.tar.gz\n",
301+
302+
"# Setup deployment directory\n",
303+
"mkdir /var/www/rails\n",
304+
"sudo chown -R ec2-user:ec2-user /var/www/rails\n",
305+
306+
"# Tomcat Setup\n",
307+
"chown -R tomcat:tomcat /usr/share/tomcat6/\n",
308+
"service tomcat6 start\n",
309+
310+
"/opt/aws/bin/cfn-signal", " -e 0", " '", { "Ref" : "WaitHandle" }, "'","\n",
311+
312+
"date > /home/ec2-user/stoptime"
313+
]]}}
314+
}
315+
},
316+
317+
"IPAddress" : {
318+
"Type" : "AWS::EC2::EIP"
319+
},
320+
321+
"IPAssoc" : {
322+
"Type" : "AWS::EC2::EIPAssociation",
323+
"Properties" : {
324+
"InstanceId" : { "Ref" : "WebServer" },
325+
"EIP" : { "Ref" : "IPAddress" }
326+
}
327+
},
328+
329+
"FrontendGroup" : {
330+
"Type" : "AWS::EC2::SecurityGroup",
331+
"Properties" : {
332+
"GroupDescription" : "Enable SSH and access to Apache and Tomcat",
333+
"SecurityGroupIngress" : [
334+
{"IpProtocol" : "tcp", "FromPort" : "22", "ToPort" : "22", "CidrIp" : "0.0.0.0/0"},
335+
{"IpProtocol" : "tcp", "FromPort" : "80", "ToPort" : "80", "CidrIp" : "0.0.0.0/0"},
336+
{"IpProtocol" : "tcp", "FromPort" : "8080", "ToPort" : "8080", "CidrIp" : "0.0.0.0/0"}
337+
]
338+
}
339+
},
340+
341+
"WaitHandle" : {
342+
"Type" : "AWS::CloudFormation::WaitConditionHandle"
343+
},
344+
345+
"WaitCondition" : {
346+
"Type" : "AWS::CloudFormation::WaitCondition",
347+
"DependsOn" : "WebServer",
348+
"Properties" : {
349+
"Handle" : { "Ref" : "WaitHandle" },
350+
"Timeout" : "1200"
351+
}
352+
}
353+
},
354+
355+
"Outputs" : {
356+
"InstanceIPAddress" : {
357+
"Value" : { "Ref" : "IPAddress" }
358+
},
359+
"SecretAccessKey" : {
360+
"Value" : {"Fn::GetAtt": ["HostKeys", "SecretAccessKey"]}
361+
},
362+
"JenkinsURL" : {
363+
"Value" : { "Fn::Join" : ["", ["http://", { "Ref" : "IPAddress" }, ":8080/jenkins"]] },
364+
"Description" : "URL for newly created Jenkins app"
365+
},
366+
"DeploymentQueueName" : {
367+
"Description" : "Name newly created Deployment SQS Queue",
368+
"Value" : { "Fn::GetAtt" : ["DeploymentQueue", "QueueName"]}
369+
},
370+
"CFNStackQueueName" : {
371+
"Description" : "Name newly created CFN Stack SQS Queue",
372+
"Value" : { "Fn::GetAtt" : ["CFNStackQueue", "QueueName"]}
373+
}
374+
}
375+
}

0 commit comments

Comments
 (0)