Deploy Jenkins 2.0 in a docker container on an AWS EC2 instance using Terraform.
The terraform script stores the terraform state remotely in an S3 bucket. The Makefile by default sets up a copy of the remote state if it doesn’t exist and then runs either terraform plan
or terraform apply
depending on the target.
Before you run the Makefile, you should set the following environment variables to authenticate with AWS:
$ export AWS_ACCESS_KEY_ID= <your key> # to store and retrieve the remote state in s3.
$ export AWS_SECRET_ACCESS_KEY= <your secret>
$ export AWS_DEFAULT_REGION= <your bucket region e.g. us-west-2>
$ export TF_VAR_access_key=$AWS_ACCESS_KEY # exposed as access_key in terraform scripts
$ export TF_VAR_secret_key=$AWS_SECRET_ACCESS_KEY # exposed as secret_key in terraform scripts
You need to change the default values of s3_bucket
and key_name
terraform variables defined in variables.tf
or set them via environment variables:
$ export TF_VAR_s3_bucket=<your s3 bucket>
$ export TF_VAR_key_name=<your keypair name>
You also need to change the value of STATEBUCKET
in the Makefile to match that of the s3_bucket
terraform variable.
make
make apply
make destroy
Upon completion, terraform will output the DNS name of Jenkins, e.g.:
jenkins_public_dns = [ ec2-54-235-229-108.compute-1.amazonaws.com ]
You can then reach Jenkins via your browser at http://ec2-54-235-229-108.compute-1.amazonaws.com
.
After the Jenkins EC2 instance is started, a cronjob is configured to back up Jenkins data to an S3 bucket set via the s3_bucket
variable (see variables.tf). To accomplish this, a script needs to be copied onto the EC2 instance, therefore, Terraform requires SSH access to the instance.
To grant SSH access to Terraform, place the instance's PEM file in this project's directory. Note that the key file should have the same name as the EC2 keypair, or you can update the key_file
variable in the connection section of the Terraform EC2 resource (see main.tf).
The AMI on which Jenkins is run has Weave Scope pre-installed. Scope is a Docker monitoring, visualisation and management tool from Weaveworks.
The Scope UI can be reached at the URL of the Jenkins instance on port 4040, e.g. http://ec2-54-235-229-108.compute-1.amazonaws.com:4040
.
- The Makefile idea (and the Makefile itself) is taken from this blog post.