From 9eeea38d3732dc8a4f87ca6d0dd50665f5415db5 Mon Sep 17 00:00:00 2001 From: veerakumar123 Date: Wed, 27 Aug 2014 12:18:25 +0530 Subject: [PATCH] Update myjenkins.template --- infrastructure/templates/myjenkins.template | 303 +++++++++++++++++++- 1 file changed, 301 insertions(+), 2 deletions(-) diff --git a/infrastructure/templates/myjenkins.template b/infrastructure/templates/myjenkins.template index d3fb6ce..dcdbcbc 100644 --- a/infrastructure/templates/myjenkins.template +++ b/infrastructure/templates/myjenkins.template @@ -4,19 +4,318 @@ "Description" : "CloudFormation Template to provision a Jenkins instance", "Parameters" : { - + "KeyName" : { + "Description" : "Name of an existing EC2 KeyPair to enable SSH access to the instances", + "Type" : "String", + "Default" : "ditc", + "MinLength": "1", + "MaxLength": "64", + "AllowedPattern" : "[-_ a-zA-Z0-9]*", + "ConstraintDescription" : "Can contain only alphanumeric characters, spaces, dashes and underscores." + } +}, +"InstanceType" : { + "Description" : "WebServer EC2 instance type", + "Type" : "String", + "Default" : "c1.medium", + "ConstraintDescription" : "Must be a valid EC2 instance type." +}, +"PrivateBucket" : { + "Description" : "S3 bucket for storing credentials", + "Type" : "String", + "Default" : "ditcpmedcreds", + "ConstraintDescription" : "Must be a valid S3 Bucket" +}, +"PublicBucket" : { + "Description" : "S3 bucket for storing build artifacts", + "Type" : "String", + "Default" : "stelligentlabs", + "ConstraintDescription" : "Must be a valid S3 Bucket" +} }, "Mappings" : { + "AWSInstanceType2Arch" : { + "t1.micro": { "Arch" : "64" }, + "m1.large": { "Arch" : "64" }, + "m1.xlarge" : { "Arch" : "64" }, + "m2.xlarge" : { "Arch" : "64" }, + "m2.2xlarge" : { "Arch" : "64" }, + "m2.4xlarge" : { "Arch" : "64" }, + "c1.medium" : { "Arch" : "64" }, + "c1.xlarge" : { "Arch" : "64" }, + "cc1.4xlarge" : { "Arch" : "64" } +}, +"AWSRegionArch2AMI" : { + "us-east-1" : { "32" : "ami-7f418316", "64" : "ami-7341831a" }, + "us-west-1" : { "32" : "ami-951945d0", "64" : "ami-971945d2" }, + "us-west-2" : { "32" : "ami-16fd7026", "64" : "ami-10fd7020" }, + "eu-west-1" : { "32" : "ami-24506250", "64" : "ami-20506254" }, + "ap-southeast-1" : { "32" : "ami-74dda626", "64" : "ami-7edda62c" }, + "ap-northeast-1" : { "32" : "ami-dcfa4edd", "64" : "ami-e8fa4ee9" } +} + }, - "Resources" : { + "Resources" : { + + "CfnUser" : { + "Type" : "AWS::IAM::User", + "Properties" : { + "Path": "/", + "Policies": [ +{ + "PolicyName": "Admin", + "PolicyDocument": + { "Statement": [ + { + "Effect":"Allow", + "Action":"*", + "Resource":"*" + } + ]} + } + ] + } +}, + +"PrivateBucketPolicy" : { + "Type" : "AWS::S3::BucketPolicy", + "Properties" : { + "PolicyDocument": { + "Id":"PrivateBucketPolicy", + "Statement":[ + { + "Sid":"ReadAccess", + "Action":["s3:GetObject"], + "Effect":"Allow", + "Resource": { "Fn::Join" : ["", ["arn:aws:s3:::", { "Ref" : "PrivateBucket" } , "/*" ]]}, + "Principal":{ "AWS": { "Fn::GetAtt" : [ "CfnUser", "Arn" ]} } + } +] + }, + "Bucket" : {"Ref" : "PrivateBucket"} + } +}, + +"HostKeys" : { + "Type" : "AWS::IAM::AccessKey", + "Properties" : { + "UserName" : {"Ref": "CfnUser"} + } +}, + +"WebServer": { + "Type": "AWS::EC2::Instance", + "DependsOn" : "PrivateBucketPolicy", + "Metadata" : { + "AWS::CloudFormation::Init" : { + "config" : { + "packages" : { + "yum" : { + "java-1.6.0-openjdk" : [], + "tomcat6" : [], + "git" : [], + "make" : [], + "gcc" : [], + "sqlite-devel" : [], + "libxml2-devel" : [], + "libxslt-devel" : [], + "libyaml-devel" : [] + } + }, + + + "files" : { + "/usr/share/tomcat6/webapps/jenkins.war" : { + "source" : "http://mirrors.jenkins-ci.org/war-stable/latest/jenkins.war", + "mode" : "000500", + "owner" : "tomcat", + "group" : "tomcat" + }, + + "/usr/share/tomcat6/sqs_receive_message.rb" : { + "source" : { "Fn::Join" : ["", ["https://s3.amazonaws.com/", { "Ref" : "PublicBucket" }, "/scripts/sqs_receive_message.rb"]]}, + "mode" : "000500", + "owner" : "tomcat", + "group" : "tomcat", + "authentication" : "S3AccessCreds" + }, + + "/usr/share/tomcat6/sqs_send_message.rb" : { + "source" : { "Fn::Join" : ["", ["https://s3.amazonaws.com/", { "Ref" : "PublicBucket" }, "/scripts/sqs_send_message.rb"]]}, + "mode" : "000500", + "owner" : "tomcat", + "group" : "tomcat", + "authentication" : "S3AccessCreds" + }, + + "/usr/share/tomcat6/terminate.rb" : { + "source" : { "Fn::Join" : ["", ["https://s3.amazonaws.com/", { "Ref" : "PublicBucket" }, "/scripts/terminate.rb"]]}, + "mode" : "000500", + "owner" : "tomcat", + "group" : "tomcat", + "authentication" : "S3AccessCreds" + }, + "/usr/share/tomcat6/.ssh/known_hosts" : { + "source" : { "Fn::Join" : ["", ["https://s3.amazonaws.com/", { "Ref" : "PrivateBucket" }, "/known_hosts"]]}, + "mode" : "000644", + "owner" : "tomcat", + "group" : "tomcat", + "authentication" : "S3AccessCreds" + }, + "/usr/share/tomcat6/.ssh/id_rsa" : { + "source" : { "Fn::Join" : ["", ["https://s3.amazonaws.com/", { "Ref" : "PrivateBucket" }, "/id_rsa"]]}, + "mode" : "000600", + "owner" : "tomcat", + "group" : "tomcat", + "authentication" : "S3AccessCreds" + }, + + "/etc/cron.hourly/jenkins_versioning.sh" : { + "source" : { "Fn::Join" : ["", ["https://s3.amazonaws.com/", { "Ref" : "PublicBucket" }, "/scripts/jenkins_versioning.sh"]]}, + "mode" : "000500", + "owner" : "tomcat", + "group" : "tomcat", + "authentication" : "S3AccessCreds" + } + } + } + }, + +"AWS::CloudFormation::Authentication" : { + "S3AccessCreds" : { + "type" : "S3", + "accessKeyId" : { "Ref" : "HostKeys" }, + "secretKey" : {"Fn::GetAtt": ["HostKeys", "SecretAccessKey"]}, + "buckets" : [ { "Ref" : "PrivateBucket" }, { "Ref" : "PublicBucket"} ] + } +} + }, + "Properties": { + "ImageId" : { "Fn::FindInMap" : [ "AWSRegionArch2AMI", { "Ref" : "AWS::Region" }, + { "Fn::FindInMap" : [ "AWSInstanceType2Arch", { "Ref" : "InstanceType" }, "Arch" ] } ] }, + "InstanceType" : { "Ref" : "InstanceType" }, + "SecurityGroups" : [ {"Ref" : "FrontendGroup"} ], + "KeyName" : { "Ref" : "KeyName" }, + "Tags" : [{ "Key" : "Name", "Value" : "Jenkins" }], + "UserData" : { "Fn::Base64" : { "Fn::Join" : ["", [ + "#!/bin/bash -v\n", + "date > /home/ec2-user/starttime\n", + "yum update -y aws-cfn-bootstrap\n", + + "# Install packages\n", + "/opt/aws/bin/cfn-init -s ", { "Ref" : "AWS::StackName" }, " -r WebServer ", + " --access-key ", { "Ref" : "HostKeys" }, + " --secret-key ", {"Fn::GetAtt": ["HostKeys", "SecretAccessKey"]}, + " --region ", { "Ref" : "AWS::Region" }, " || error_exit 'Failed to run cfn-init'\n", + +"# Copy Github credentials to root ssh directory\n", +"cp /usr/share/tomcat6/.ssh/* ~/.ssh/\n", + +"# Update Jenkins with versioned configuration\n", +"rm -rf /usr/share/tomcat6/.jenkins\n", +"git clone git@github.com:stelligent/devopsinthecloudjenkins.git /usr/share/tomcat6/.jenkins\n", + +"# Installing Ruby 1.9.3 from RPM\n", +"wget https://s3.amazonaws.com/stelligentlabs/resources/rpm/ruby-1.9.3p0-2.amzn1.x86_64.rpm\n", +"rpm -Uvh ruby-1.9.3p0-2.amzn1.x86_64.rpm\n", + +"# Install Jenkins Plugins\n", +"wget -P /usr/share/tomcat6/.jenkins/plugins/ http://updates.jenkins-ci.org/download/plugins/git/1.1.16/git.hpi\n", +"wget -P /usr/share/tomcat6/.jenkins/plugins/ http://updates.jenkins-ci.org/download/plugins/s3/0.2.0/s3.hpi\n", +"wget -P /usr/share/tomcat6/.jenkins/plugins/ http://updates.jenkins-ci.org/download/plugins/jenkins-cloudformation-plugin/0.9/jenkins-cloudformation-plugin.hpi\n", +"wget -P /usr/share/tomcat6/.jenkins/plugins/ http://updates.jenkins-ci.org/download/plugins/build-pipeline-plugin/1.2.3/build-pipeline-plugin.hpi\n", +"wget -P /usr/share/tomcat6/.jenkins/plugins/ http://updates.jenkins-ci.org/download/plugins/github/1.2/github.hpi\n", +"wget -P /usr/share/tomcat6/.jenkins/plugins/ http://updates.jenkins-ci.org/download/plugins/dashboard-view/2.2/dashboard-view.hpi\n", + +"# Install Bundler\n", +"gem install bundler\n", +"gem install aws-sdk\n", +"gem install cucumber\n", +"gem install net-ssh\n", +"gem install capistrano\n", + +"# Add Tomcat user to sudoers and disable tty\n", +"echo \"tomcat ALL=(ALL) NOPASSWD:ALL\" >> /etc/sudoers\n", +"echo \"Defaults:%tomcat !requiretty\" >> /etc/sudoers\n", +"echo \"Defaults:tomcat !requiretty\" >> /etc/sudoers\n", + +"# Add AWS Credentials to Tomcat\n", +"echo \"AWS_ACCESS_KEY=", { "Ref" : "HostKeys" }, "\" >> /etc/sysconfig/tomcat6\n", +"echo \"AWS_SECRET_ACCESS_KEY=", {"Fn::GetAtt": ["HostKeys", "SecretAccessKey"]}, "\" >> /etc/sysconfig/tomcat6\n", +"echo \"AWS_CLOUDFORMATION_HOME=/opt/aws/apitools/cfn/\" >> /etc/sysconfig/tomcat6\n", + +"# Add CloudFormation CLI tools\n", +"wget -P /opt/aws/apitools/ https://s3.amazonaws.com/stelligentlabs/CloudFormation-CLI.tar.gz\n", +"tar -C /opt/aws/apitools/ -xf /opt/aws/apitools/CloudFormation-CLI.tar.gz\n", + +"# Setup deployment directory\n", +"mkdir /var/www/rails\n", +"sudo chown -R ec2-user:ec2-user /var/www/rails\n", + +"# Tomcat Setup\n", +"chown -R tomcat:tomcat /usr/share/tomcat6/\n", +"service tomcat6 start\n", + +"/opt/aws/bin/cfn-signal", " -e 0", " '", { "Ref" : "WaitHandle" }, "'","\n", + +"date > /home/ec2-user/stoptime" + ]]}} + } +}, + +"IPAddress" : { + "Type" : "AWS::EC2::EIP" +}, + +"IPAssoc" : { + "Type" : "AWS::EC2::EIPAssociation", + "Properties" : { + "InstanceId" : { "Ref" : "WebServer" }, + "EIP" : { "Ref" : "IPAddress" } + } +}, + +"FrontendGroup" : { + "Type" : "AWS::EC2::SecurityGroup", + "Properties" : { + "GroupDescription" : "Enable SSH and access to Apache and Tomcat", + "SecurityGroupIngress" : [ + {"IpProtocol" : "tcp", "FromPort" : "22", "ToPort" : "22", "CidrIp" : "0.0.0.0/0"}, + {"IpProtocol" : "tcp", "FromPort" : "80", "ToPort" : "80", "CidrIp" : "0.0.0.0/0"}, + {"IpProtocol" : "tcp", "FromPort" : "8080", "ToPort" : "8080", "CidrIp" : "0.0.0.0/0"} + ] + } +}, + +"WaitHandle" : { + "Type" : "AWS::CloudFormation::WaitConditionHandle" +}, + +"WaitCondition" : { + "Type" : "AWS::CloudFormation::WaitCondition", + "DependsOn" : "WebServer", + "Properties" : { + "Handle" : { "Ref" : "WaitHandle" }, + "Timeout" : "1200" + } +} }, "Outputs" : { + "InstanceIPAddress" : { + "Value" : { "Ref" : "IPAddress" } + }, + "JenkinsURL" : { + "Value" : { "Fn::Join" : ["", ["http://", { "Ref" : "IPAddress" }, ":8080/jenkins"]] }, + "Description" : "URL for newly created Jenkins app" + } +} + }