Skip to content

Instantly share code, notes, and snippets.

@joekiller

joekiller/jenkins.json

Created October 20, 2015 17:23
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save joekiller/644b41e5b7ae5f942edf to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save joekiller/644b41e5b7ae5f942edf to your computer and use it in GitHub Desktop.
Download ZIP
Jenkins EC2 Centos 6 codepipeline and codecommit
Raw
jenkins.json
{
"AWSTemplateFormatVersion" : "2010-09-09",
"Description" : "Jenkins Stack. Using https://aws.amazon.com/marketplace/ordering/ref=dtl_psb_continue?ie=UTF8&productId=74e73035-3435-48d6-88e0-89cc02ad83ee&region=us-east-1 for CentOS 6",
"Parameters" : {
"KeyName": {
"Description" : "Name of an existing EC2 KeyPair to enable SSH access to the instance",
"Type": "AWS::EC2::KeyPair::KeyName",
"ConstraintDescription" : "must be the name of an existing EC2 KeyPair."
},
"InstanceType" : {
"Description" : "WebServer EC2 instance type",
"Type" : "String",
"Default" : "t2.micro",
"AllowedValues" : [ "t1.micro", "t2.micro", "t2.small", "t2.medium", "m1.small", "m1.medium", "m1.large", "m1.xlarge", "m2.xlarge", "m2.2xlarge", "m2.4xlarge", "m3.medium", "m3.large", "m3.xlarge", "m3.2xlarge", "c1.medium", "c1.xlarge", "c3.large", "c3.xlarge", "c3.2xlarge", "c3.4xlarge", "c3.8xlarge", "c4.large", "c4.xlarge", "c4.2xlarge", "c4.4xlarge", "c4.8xlarge", "g2.2xlarge", "r3.large", "r3.xlarge", "r3.2xlarge", "r3.4xlarge", "r3.8xlarge", "i2.xlarge", "i2.2xlarge", "i2.4xlarge", "i2.8xlarge", "d2.xlarge", "d2.2xlarge", "d2.4xlarge", "d2.8xlarge", "hi1.4xlarge", "hs1.8xlarge", "cr1.8xlarge", "cc2.8xlarge", "cg1.4xlarge"]
,
"ConstraintDescription" : "must be a valid EC2 instance type."
},
"SSHLocation" : {
"Description" : "The IP address range that can be used to SSH to the EC2 instances",
"Type": "String",
"MinLength": "9",
"MaxLength": "18",
"Default": "0.0.0.0/0",
"AllowedPattern": "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/(\\d{1,2})",
"ConstraintDescription": "must be a valid IP CIDR range of the form x.x.x.x/x."
}
},
"Mappings" : {
"AWSInstanceType2Arch" : {
"t1.micro" : { "Arch" : "PV64" },
"t2.micro" : { "Arch" : "HVM64" },
"t2.small" : { "Arch" : "HVM64" },
"t2.medium" : { "Arch" : "HVM64" },
"m1.small" : { "Arch" : "PV64" },
"m1.medium" : { "Arch" : "PV64" },
"m1.large" : { "Arch" : "PV64" },
"m1.xlarge" : { "Arch" : "PV64" },
"m2.xlarge" : { "Arch" : "PV64" },
"m2.2xlarge" : { "Arch" : "PV64" },
"m2.4xlarge" : { "Arch" : "PV64" },
"m3.medium" : { "Arch" : "HVM64" },
"m3.large" : { "Arch" : "HVM64" },
"m3.xlarge" : { "Arch" : "HVM64" },
"m3.2xlarge" : { "Arch" : "HVM64" },
"c1.medium" : { "Arch" : "PV64" },
"c1.xlarge" : { "Arch" : "PV64" },
"c3.large" : { "Arch" : "HVM64" },
"c3.xlarge" : { "Arch" : "HVM64" },
"c3.2xlarge" : { "Arch" : "HVM64" },
"c3.4xlarge" : { "Arch" : "HVM64" },
"c3.8xlarge" : { "Arch" : "HVM64" },
"c4.large" : { "Arch" : "HVM64" },
"c4.xlarge" : { "Arch" : "HVM64" },
"c4.2xlarge" : { "Arch" : "HVM64" },
"c4.4xlarge" : { "Arch" : "HVM64" },
"c4.8xlarge" : { "Arch" : "HVM64" },
"g2.2xlarge" : { "Arch" : "HVMG2" },
"r3.large" : { "Arch" : "HVM64" },
"r3.xlarge" : { "Arch" : "HVM64" },
"r3.2xlarge" : { "Arch" : "HVM64" },
"r3.4xlarge" : { "Arch" : "HVM64" },
"r3.8xlarge" : { "Arch" : "HVM64" },
"i2.xlarge" : { "Arch" : "HVM64" },
"i2.2xlarge" : { "Arch" : "HVM64" },
"i2.4xlarge" : { "Arch" : "HVM64" },
"i2.8xlarge" : { "Arch" : "HVM64" },
"d2.xlarge" : { "Arch" : "HVM64" },
"d2.2xlarge" : { "Arch" : "HVM64" },
"d2.4xlarge" : { "Arch" : "HVM64" },
"d2.8xlarge" : { "Arch" : "HVM64" },
"hi1.4xlarge" : { "Arch" : "HVM64" },
"hs1.8xlarge" : { "Arch" : "HVM64" },
"cr1.8xlarge" : { "Arch" : "HVM64" },
"cc2.8xlarge" : { "Arch" : "HVM64" }
},
"CentOS6RegionArch2AMI" : {
"us-east-1" : {"PV64" : "NOT_SUPPORTED", "HVM64" : "ami-57cd8732", "HVMG2" : "NOT_SUPPORTED"},
"us-west-2" : {"PV64" : "NOT_SUPPORTED", "HVM64" : "NOT_SUPPORTED", "HVMG2" : "NOT_SUPPORTED"},
"us-west-1" : {"PV64" : "NOT_SUPPORTED", "HVM64" : "NOT_SUPPORTED", "HVMG2" : "NOT_SUPPORTED"},
"eu-west-1" : {"PV64" : "NOT_SUPPORTED", "HVM64" : "NOT_SUPPORTED", "HVMG2" : "NOT_SUPPORTED"},
"eu-central-1" : {"PV64" : "NOT_SUPPORTED", "HVM64" : "NOT_SUPPORTED", "HVMG2" : "NOT_SUPPORTED"},
"ap-northeast-1" : {"PV64" : "NOT_SUPPORTED", "HVM64" : "NOT_SUPPORTED", "HVMG2" : "NOT_SUPPORTED"},
"ap-southeast-1" : {"PV64" : "NOT_SUPPORTED", "HVM64" : "NOT_SUPPORTED", "HVMG2" : "NOT_SUPPORTED"},
"ap-southeast-2" : {"PV64" : "NOT_SUPPORTED", "HVM64" : "NOT_SUPPORTED", "HVMG2" : "NOT_SUPPORTED"},
"sa-east-1" : {"PV64" : "NOT_SUPPORTED", "HVM64" : "NOT_SUPPORTED", "HVMG2" : "NOT_SUPPORTED"},
"cn-north-1" : {"PV64" : "NOT_SUPPORTED", "HVM64" : "NOT_SUPPORTED", "HVMG2" : "NOT_SUPPORTED"}
},
"WindowsRegionArch2AMI" : {
"us-east-1" : {"PV64" : "NOT_SUPPORTED", "HVM64" : "ami-c9cea0ac", "HVMG2" : "NOT_SUPPORTED"},
"us-west-2" : {"PV64" : "NOT_SUPPORTED", "HVM64" : "NOT_SUPPORTED", "HVMG2" : "NOT_SUPPORTED"},
"us-west-1" : {"PV64" : "NOT_SUPPORTED", "HVM64" : "NOT_SUPPORTED", "HVMG2" : "NOT_SUPPORTED"},
"eu-west-1" : {"PV64" : "NOT_SUPPORTED", "HVM64" : "NOT_SUPPORTED", "HVMG2" : "NOT_SUPPORTED"},
"eu-central-1" : {"PV64" : "NOT_SUPPORTED", "HVM64" : "NOT_SUPPORTED", "HVMG2" : "NOT_SUPPORTED"},
"ap-northeast-1" : {"PV64" : "NOT_SUPPORTED", "HVM64" : "NOT_SUPPORTED", "HVMG2" : "NOT_SUPPORTED"},
"ap-southeast-1" : {"PV64" : "NOT_SUPPORTED", "HVM64" : "NOT_SUPPORTED", "HVMG2" : "NOT_SUPPORTED"},
"ap-southeast-2" : {"PV64" : "NOT_SUPPORTED", "HVM64" : "NOT_SUPPORTED", "HVMG2" : "NOT_SUPPORTED"},
"sa-east-1" : {"PV64" : "NOT_SUPPORTED", "HVM64" : "NOT_SUPPORTED", "HVMG2" : "NOT_SUPPORTED"},
"cn-north-1" : {"PV64" : "NOT_SUPPORTED", "HVM64" : "NOT_SUPPORTED", "HVMG2" : "NOT_SUPPORTED"}
}
},
"Resources" : {
"JenkinsRole": {
"Type": "AWS::IAM::Role",
"Properties": {
"AssumeRolePolicyDocument": {
"Version" : "2012-10-17",
"Statement": [ {
"Effect": "Allow",
"Principal": {
"Service": [ "ec2.amazonaws.com" ]
},
"Action": [ "sts:AssumeRole" ]
} ]
},
"Path": "/",
"Policies": [
{
"PolicyName": "jenkins-codepipeline",
"PolicyDocument": {
"Version": "2012-10-17",
"Statement": [
{
"Action": [
"codepipeline:AcknowledgeJob",
"codepipeline:GetJobDetails",
"codepipeline:PollForJobs",
"codepipeline:PutJobFailureResult",
"codepipeline:PutJobSuccessResult"
],
"Effect": "Allow",
"Resource": "*"
}
]
}
},{
"PolicyName": "jenkins-s3-artifact",
"PolicyDocument": {
"Version": "2012-10-17",
"Statement": [
{
"Action": [
"s3:ListAllMyBuckets"
],
"Effect": "Allow",
"Resource": "arn:aws:s3:::*"
},
{
"Action": "s3:*",
"Effect": "Allow",
"Resource": ["arn:aws:s3:::my-artifact-bucket", "arn:aws:s3:::my-artifact-bucket/*"]
}
]
}
}
]
}
},
"JenkinsInstanceProfile": {
"Type": "AWS::IAM::InstanceProfile",
"Properties": {
"Path": "/",
"Roles": [ {
"Ref": "JenkinsRole"
} ]
}
},
"JenkinsServer": {
"Type": "AWS::EC2::SecurityGroup",
"Properties": {
"GroupDescription": "Primary Zookeeper Security Group",
"SecurityGroupIngress": [
{
"IpProtocol": "tcp",
"FromPort": "8080",
"ToPort": "8080",
"CidrIp": { "Ref": "SSHLocation" }
},{
"IpProtocol": "tcp",
"FromPort": "22",
"ToPort": "22",
"CidrIp": { "Ref": "SSHLocation" }
}
]
}
},
"JenkinsGitUser" : {
"Type" : "AWS::IAM::User",
"Properties" : {
"Path" : "/",
"Policies" : [ {
"PolicyName" : "iampermissions",
"PolicyDocument" : {
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"iam:*LoginProfile",
"iam:*AccessKey*",
"iam:*SSHPublicKey*"
],
"Resource": { "Fn::Join" : ["", ["arn:aws:iam::", {"Ref" : "AWS::AccountId"}, ":user/${aws:username}" ] ] }
},
{
"Effect": "Allow",
"Action": [
"iam:ListAccount*",
"iam:GetAccountSummary",
"iam:GetAccountPasswordPolicy",
"iam:ListUsers"
],
"Resource": "*"
},{
"Effect" : "Allow",
"Action" : [
"codecommit:*"
],
"Resource" : "*"
}
]
}
} ]
}
},
"JenkinsAccessKey" : {
"Type" : "AWS::IAM::AccessKey",
"Properties" : {
"UserName" : { "Ref" : "JenkinsGitUser" }
}
},
"JenkinsInstance" : {
"Type" : "AWS::EC2::Instance",
"Properties" : {
"InstanceType" : { "Ref" : "InstanceType" },
"IamInstanceProfile" : { "Ref" : "JenkinsInstanceProfile" },
"SecurityGroups" : [
{ "Ref" : "JenkinsServer" }
],
"KeyName" : { "Ref" : "KeyName" },
"ImageId" : { "Fn::FindInMap" : [ "CentOS6RegionArch2AMI", { "Ref" : "AWS::Region" },
{ "Fn::FindInMap" : [ "AWSInstanceType2Arch", { "Ref" : "InstanceType" }, "Arch" ] } ] },
"Tags" : [
{ "Key" : "Name", "Value" : "jenkins" }
],
"UserData" : { "Fn::Base64" : { "Fn::Join" : ["", [
"#!/bin/bash -xe\n",
"get_jenkins_jar () { EX=; while [ \"${EX}\" != \"0\" ]; do curl -o /tmp/jenkins-cli.jar http://localhost:8080/jnlpJars/jenkins-cli.jar && EX=$? || EX=$?; if [ \"${EX}\" != \"0\" ]; then sleep 5; fi; done; }\n",
"install_plugin () { EX=; while [ \"${EX}\" != \"0\" ]; do java -jar jenkins-cli.jar -s http://localhost:8080/ install-plugin \"$1\" && EX=$? || EX=$?; if [ \"${EX}\" != \"0\" ]; then if [ \"${EX}\" == \"1\" ]; then get_jenkins_jar; fi; sleep 5; fi; done; }\n",
"yum install -y git java-1.7.0-openjdk-devel\n",
"iptables -I INPUT -p tcp -m tcp --dport 8080 -j ACCEPT\n",
"service iptables save\n",
"curl -o /etc/yum.repos.d/jenkins.repo http://pkg.jenkins-ci.org/redhat/jenkins.repo\n",
"rpm --import http://pkg.jenkins-ci.org/redhat/jenkins-ci.org.key\n",
"yum -y install jenkins\n",
"service jenkins start\n",
"get_jenkins_jar\n",
"cd /tmp\n",
"install_plugin codedeploy\n",
"install_plugin s3\n",
"install_plugin git\n",
"install_plugin job-dsl\n",
"install_plugin https://github.com/awslabs/aws-codepipeline-plugin-for-jenkins/raw/master/dist/aws-codepipeline-plugin-for-jenkins.hpi\n",
"java -jar /tmp/jenkins-cli.jar -s http://localhost:8080/ safe-restart\n",
"runuser -l jenkins -s /bin/bash -c '",
"mkdir $HOME/.ssh;",
"chmod 700 $HOME/.ssh;",
"ssh-keygen -b 2048 -t rsa -f $HOME/.ssh/id_rsa -q -N \"\";",
"chmod 600 $HOME/.ssh/id_rsa*",
"'\n",
"rpm -ivh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm\n",
"yum install -y python-pip\n",
"pip install --upgrade pip\n",
"pip install awscli\n",
"GIT_USER=$(runuser -l jenkins -s /bin/bash -c '",
"AWS_ACCESS_KEY_ID=", { "Ref" : "JenkinsAccessKey" },
" AWS_SECRET_ACCESS_KEY='", { "Fn::GetAtt" : [ "JenkinsAccessKey", "SecretAccessKey" ] }, "'",
" AWS_DEFAULT_REGION=", { "Ref" : "AWS::Region" },
" aws iam upload-ssh-public-key --user-name ", { "Ref" : "JenkinsGitUser" }, " --ssh-public-key-body \"$(cat $HOME/.ssh/id_rsa.pub)\" --output text --query \"SSHPublicKey.SSHPublicKeyId\"')\n",
"runuser -l jenkins -s /bin/bash -c '",
"cat <<EOF > $HOME/.ssh/config\n",
"Host git-codecommit.*.amazonaws.com\n",
" User '${GIT_USER}'\n",
" IdentityFile ~/.ssh/id_rsa\n",
" StrictHostKeyChecking no\n",
"EOF\n",
"chmod 600 $HOME/.ssh/config",
"'\n"
]]}}
}
},
"JenkinsEIP" : {
"Type" : "AWS::EC2::EIP",
"Properties" : {
"InstanceId" : { "Ref" : "JenkinsInstance" }
}
}
},
"Outputs" : {
"InstanceId" : {
"Description" : "InstanceId of the newly created Jenkins instance",
"Value" : { "Ref" : "JenkinsInstance" }
},
"PublicDNS" : {
"Description" : "Public DNSName of the newly created Jenkins instance",
"Value" : { "Fn::GetAtt" : [ "JenkinsInstance", "PublicDnsName" ] }
},
"PublicIP" : {
"Description" : "Public IP address of the newly created Jenkins instance",
"Value" : { "Fn::GetAtt" : [ "JenkinsInstance", "PublicIp" ] }
}
}
}
Copy link
Copy Markdown

ghost commented Oct 20, 2015

te, nem vagy. jeles!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment