Search in book...
Toggle Font Controls
Create new playlist

Name your new playlist

Playlist description (optional)
Sign In

Email address

Password

Forgot Password?

or

Continue with Facebook

Continue with Google
Sign Up

Full Name

Email address

Confirm Email Address

Password

or

Continue with Facebook

Continue with Google

Deploy IaC

We start by creating a Terraform EC2 key-pair and a Terraform IAM user as in previous chapters (do not forget to write down access/secret API keys). Then we grant permissions to the IAM user to perform actions with the EC2, IAM, S3 and CodeCommit services:

Note

Please refer to: https://github.com/PacktPublishing/Implementing-DevOps-on-AWS/blob/master/5585_04_CodeFiles/Terraform/iam_user_policy.json.

{ 
    "Version": "2012-10-17", 
    "Statement": [ 
      { 
          "Effect": "Allow", 
          "NotAction": [ 
              "codecommit:DeleteRepository" 
          ], 
          "Resource": "*" 
      }, 
      { 
          "Effect": "Allow", 
          "NotAction": [ 
              "s3:DeleteBucket" 
          ], 
          "Resource": "*" 
      }, 
      { 
          "Sid": "Stmt1461764665000", 
          "Effect": "Allow", 
          "Action": [ 
              "ec2:AllocateAddress", 
...

Then we associate a SSH public key with the user (as per the screenshots in the previous chapter) to allow codecommit repository access.

Next, we need to setup our AWS CLI environment with the keys we produced earlier:

$ export AWS_ACCESS_KEY_ID='user_access_key'
$ export AWS_SECRET_ACCESS_KEY='user_secret_access_key'
$ export AWS_DEFAULT_REGION='us-east-1'

Now we should be able to use the CLI tool and create our SaltStack repository:

$ aws codecommit create-repository --repository-name salt 
      --repository-description "SaltStack repo"
{
"repositoryMetadata": {
"repositoryName": "salt",
"cloneUrlSsh": 
    "ssh://git-codecommit.us-east-1.amazonaws.com/v1/repos/salt",
...

We clone the repository locally:

$ git clone ssh://[email protected]
     1.amazonaws.com/v1/repos/salt
Cloning into 'salt'...
warning: You appear to have cloned an empty repository.
Checking connectivity... done.

(where SSH_KEY_ID is the one we saw after uploading a public key here)

Finally, you can copy the ready salt code examples for this chapter, commit and push to the codecommit repository.

Note

Please refer to: https://github.com/PacktPublishing/Implementing-DevOps-on-AWS/tree/master/5585_04_CodeFiles/CodeCommit/salt

With the SaltStack repo in sync, we can proceed with Terraform and the bootstrap process. Inside our TF templates folder we run the familiar command sequence:

$ terraform validate
$ terraform plan
Refreshing Terraform state prior to plan...
...
Plan: 11 to add, 0 to change, 0 to destroy.
$ terraform apply
aws_iam_role.jenkins: Creating...
...
Apply complete! Resources: 11 added, 0 changed, 0 destroyed.
Outputs:
  JENKINS EIP = x.x.x.x
  VPC ID      = vpc-xxxxxx

At the end we get the IP of our Jenkins node which we would need to resolve into a hostname (for example via the nslookup cmd). Load that in your browser and you should be greeted by Jenkins.

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.

Table of Contents for Deploy IaC

Create new playlist

Sign In

Sign Up

Deploy IaC

Note

Note

Table of Contents for
Deploy IaC