Skip to content

Instantly share code, notes, and snippets.

@joekiller

joekiller/jenkins.json

Created October 20, 2015 17:23
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save joekiller/644b41e5b7ae5f942edf to your computer and use it in GitHub Desktop.
Save joekiller/644b41e5b7ae5f942edf to your computer and use it in GitHub Desktop.
Download ZIP
Jenkins EC2 Centos 6 codepipeline and codecommit
Raw
jenkins.json
{
"AWSTemplateFormatVersion" : "2010-09-09",
"Description" : "Jenkins Stack. Using https://aws.amazon.com/marketplace/ordering/ref=dtl_psb_continue?ie=UTF8&productId=74e73035-3435-48d6-88e0-89cc02ad83ee&region=us-east-1 for CentOS 6",
"Parameters" : {
"KeyName": {
"Description" : "Name of an existing EC2 KeyPair to enable SSH access to the instance",
"Type": "AWS::EC2::KeyPair::KeyName",
"ConstraintDescription" : "must be the name of an existing EC2 KeyPair."
},
"InstanceType" : {
"Description" : "WebServer EC2 instance type",
"Type" : "String",
"Default" : "t2.micro",
"AllowedValues" : [ "t1.micro", "t2.micro", "t2.small", "t2.medium", "m1.small", "m1.medium", "m1.large", "m1.xlarge", "m2.xlarge", "m2.2xlarge", "m2.4xlarge", "m3.medium", "m3.large", "m3.xlarge", "m3.2xlarge", "c1.medium", "c1.xlarge", "c3.large", "c3.xlarge", "c3.2xlarge", "c3.4xlarge", "c3.8xlarge", "c4.large", "c4.xlarge", "c4.2xlarge", "c4.4xlarge", "c4.8xlarge", "g2.2xlarge", "r3.large", "r3.xlarge", "r3.2xlarge", "r3.4xlarge", "r3.8xlarge", "i2.xlarge", "i2.2xlarge", "i2.4xlarge", "i2.8xlarge", "d2.xlarge", "d2.2xlarge", "d2.4xlarge", "d2.8xlarge", "hi1.4xlarge", "hs1.8xlarge", "cr1.8xlarge", "cc2.8xlarge", "cg1.4xlarge"]
,
"ConstraintDescription" : "must be a valid EC2 instance type."
},
"SSHLocation" : {
"Description" : "The IP address range that can be used to SSH to the EC2 instances",
"Type": "String",
"MinLength": "9",
"MaxLength": "18",
"Default": "0.0.0.0/0",
"AllowedPattern": "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/(\\d{1,2})",
"ConstraintDescription": "must be a valid IP CIDR range of the form x.x.x.x/x."
}
},
"Mappings" : {
"AWSInstanceType2Arch" : {
"t1.micro" : { "Arch" : "PV64" },
"t2.micro" : { "Arch" : "HVM64" },
"t2.small" : { "Arch" : "HVM64" },
"t2.medium" : { "Arch" : "HVM64" },
"m1.small" : { "Arch" : "PV64" },
"m1.medium" : { "Arch" : "PV64" },
"m1.large" : { "Arch" : "PV64" },
"m1.xlarge" : { "Arch" : "PV64" },
"m2.xlarge" : { "Arch" : "PV64" },
"m2.2xlarge" : { "Arch" : "PV64" },
"m2.4xlarge" : { "Arch" : "PV64" },
"m3.medium" : { "Arch" : "HVM64" },
"m3.large" : { "Arch" : "HVM64" },
"m3.xlarge" : { "Arch" : "HVM64" },
"m3.2xlarge" : { "Arch" : "HVM64" },
"c1.medium" : { "Arch" : "PV64" },
"c1.xlarge" : { "Arch" : "PV64" },
"c3.large" : { "Arch" : "HVM64" },
"c3.xlarge" : { "Arch" : "HVM64" },
"c3.2xlarge" : { "Arch" : "HVM64" },
"c3.4xlarge" : { "Arch" : "HVM64" },
"c3.8xlarge" : { "Arch" : "HVM64" },
"c4.large" : { "Arch" : "HVM64" },
"c4.xlarge" : { "Arch" : "HVM64" },
"c4.2xlarge" : { "Arch" : "HVM64" },
"c4.4xlarge" : { "Arch" : "HVM64" },
"c4.8xlarge" : { "Arch" : "HVM64" },
"g2.2xlarge" : { "Arch" : "HVMG2" },
"r3.large" : { "Arch" : "HVM64" },
"r3.xlarge" : { "Arch" : "HVM64" },
"r3.2xlarge" : { "Arch" : "HVM64" },
"r3.4xlarge" : { "Arch" : "HVM64" },
"r3.8xlarge" : { "Arch" : "HVM64" },
"i2.xlarge" : { "Arch" : "HVM64" },
"i2.2xlarge" : { "Arch" : "HVM64" },
"i2.4xlarge" : { "Arch" : "HVM64" },
"i2.8xlarge" : { "Arch" : "HVM64" },
"d2.xlarge" : { "Arch" : "HVM64" },
"d2.2xlarge" : { "Arch" : "HVM64" },
"d2.4xlarge" : { "Arch" : "HVM64" },
"d2.8xlarge" : { "Arch" : "HVM64" },
"hi1.4xlarge" : { "Arch" : "HVM64" },
"hs1.8xlarge" : { "Arch" : "HVM64" },
"cr1.8xlarge" : { "Arch" : "HVM64" },
"cc2.8xlarge" : { "Arch" : "HVM64" }
},
"CentOS6RegionArch2AMI" : {
"us-east-1" : {"PV64" : "NOT_SUPPORTED", "HVM64" : "ami-57cd8732", "HVMG2" : "NOT_SUPPORTED"},
"us-west-2" : {"PV64" : "NOT_SUPPORTED", "HVM64" : "NOT_SUPPORTED", "HVMG2" : "NOT_SUPPORTED"},
"us-west-1" : {"PV64" : "NOT_SUPPORTED", "HVM64" : "NOT_SUPPORTED", "HVMG2" : "NOT_SUPPORTED"},
"eu-west-1" : {"PV64" : "NOT_SUPPORTED", "HVM64" : "NOT_SUPPORTED", "HVMG2" : "NOT_SUPPORTED"},
"eu-central-1" : {"PV64" : "NOT_SUPPORTED", "HVM64" : "NOT_SUPPORTED", "HVMG2" : "NOT_SUPPORTED"},
"ap-northeast-1" : {"PV64" : "NOT_SUPPORTED", "HVM64" : "NOT_SUPPORTED", "HVMG2" : "NOT_SUPPORTED"},
"ap-southeast-1" : {"PV64" : "NOT_SUPPORTED", "HVM64" : "NOT_SUPPORTED", "HVMG2" : "NOT_SUPPORTED"},
"ap-southeast-2" : {"PV64" : "NOT_SUPPORTED", "HVM64" : "NOT_SUPPORTED", "HVMG2" : "NOT_SUPPORTED"},
"sa-east-1" : {"PV64" : "NOT_SUPPORTED", "HVM64" : "NOT_SUPPORTED", "HVMG2" : "NOT_SUPPORTED"},
"cn-north-1" : {"PV64" : "NOT_SUPPORTED", "HVM64" : "NOT_SUPPORTED", "HVMG2" : "NOT_SUPPORTED"}
},
"WindowsRegionArch2AMI" : {
"us-east-1" : {"PV64" : "NOT_SUPPORTED", "HVM64" : "ami-c9cea0ac", "HVMG2" : "NOT_SUPPORTED"},
"us-west-2" : {"PV64" : "NOT_SUPPORTED", "HVM64" : "NOT_SUPPORTED", "HVMG2" : "NOT_SUPPORTED"},
"us-west-1" : {"PV64" : "NOT_SUPPORTED", "HVM64" : "NOT_SUPPORTED", "HVMG2" : "NOT_SUPPORTED"},
"eu-west-1" : {"PV64" : "NOT_SUPPORTED", "HVM64" : "NOT_SUPPORTED", "HVMG2" : "NOT_SUPPORTED"},
"eu-central-1" : {"PV64" : "NOT_SUPPORTED", "HVM64" : "NOT_SUPPORTED", "HVMG2" : "NOT_SUPPORTED"},
"ap-northeast-1" : {"PV64" : "NOT_SUPPORTED", "HVM64" : "NOT_SUPPORTED", "HVMG2" : "NOT_SUPPORTED"},
"ap-southeast-1" : {"PV64" : "NOT_SUPPORTED", "HVM64" : "NOT_SUPPORTED", "HVMG2" : "NOT_SUPPORTED"},
"ap-southeast-2" : {"PV64" : "NOT_SUPPORTED", "HVM64" : "NOT_SUPPORTED", "HVMG2" : "NOT_SUPPORTED"},
"sa-east-1" : {"PV64" : "NOT_SUPPORTED", "HVM64" : "NOT_SUPPORTED", "HVMG2" : "NOT_SUPPORTED"},
"cn-north-1" : {"PV64" : "NOT_SUPPORTED", "HVM64" : "NOT_SUPPORTED", "HVMG2" : "NOT_SUPPORTED"}
}
},
"Resources" : {
"JenkinsRole": {
"Type": "AWS::IAM::Role",
"Properties": {
"AssumeRolePolicyDocument": {
"Version" : "2012-10-17",
"Statement": [ {
"Effect": "Allow",
"Principal": {
"Service": [ "ec2.amazonaws.com" ]
},
"Action": [ "sts:AssumeRole" ]
} ]
},
"Path": "/",
"Policies": [
{
"PolicyName": "jenkins-codepipeline",
"PolicyDocument": {
"Version": "2012-10-17",
"Statement": [
{
"Action": [
"codepipeline:AcknowledgeJob",
"codepipeline:GetJobDetails",
"codepipeline:PollForJobs",
"codepipeline:PutJobFailureResult",
"codepipeline:PutJobSuccessResult"
],
"Effect": "Allow",
"Resource": "*"
}
]
}
},{
"PolicyName": "jenkins-s3-artifact",
"PolicyDocument": {
"Version": "2012-10-17",
"Statement": [
{
"Action": [
"s3:ListAllMyBuckets"
],
"Effect": "Allow",
"Resource": "arn:aws:s3:::*"
},
{
"Action": "s3:*",
"Effect": "Allow",
"Resource": ["arn:aws:s3:::my-artifact-bucket", "arn:aws:s3:::my-artifact-bucket/*"]
}
]
}
}
]
}
},
"JenkinsInstanceProfile": {
"Type": "AWS::IAM::InstanceProfile",
"Properties": {
"Path": "/",
"Roles": [ {
"Ref": "JenkinsRole"
} ]
}
},
"JenkinsServer": {
"Type": "AWS::EC2::SecurityGroup",
"Properties": {
"GroupDescription": "Primary Zookeeper Security Group",
"SecurityGroupIngress": [
{
"IpProtocol": "tcp",
"FromPort": "8080",
"ToPort": "8080",
"CidrIp": { "Ref": "SSHLocation" }
},{
"IpProtocol": "tcp",
"FromPort": "22",
"ToPort": "22",
"CidrIp": { "Ref": "SSHLocation" }
}
]
}
},
"JenkinsGitUser" : {
"Type" : "AWS::IAM::User",
"Properties" : {
"Path" : "/",
"Policies" : [ {
"PolicyName" : "iampermissions",
"PolicyDocument" : {
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"iam:*LoginProfile",
"iam:*AccessKey*",
"iam:*SSHPublicKey*"
],
"Resource": { "Fn::Join" : ["", ["arn:aws:iam::", {"Ref" : "AWS::AccountId"}, ":user/${aws:username}" ] ] }
},
{
"Effect": "Allow",
"Action": [
"iam:ListAccount*",
"iam:GetAccountSummary",
"iam:GetAccountPasswordPolicy",
"iam:ListUsers"
],
"Resource": "*"
},{
"Effect" : "Allow",
"Action" : [
"codecommit:*"
],
"Resource" : "*"
}
]
}
} ]
}
},
"JenkinsAccessKey" : {
"Type" : "AWS::IAM::AccessKey",
"Properties" : {
"UserName" : { "Ref" : "JenkinsGitUser" }
}
},
"JenkinsInstance" : {
"Type" : "AWS::EC2::Instance",
"Properties" : {
"InstanceType" : { "Ref" : "InstanceType" },
"IamInstanceProfile" : { "Ref" : "JenkinsInstanceProfile" },
"SecurityGroups" : [
{ "Ref" : "JenkinsServer" }
],
"KeyName" : { "Ref" : "KeyName" },
"ImageId" : { "Fn::FindInMap" : [ "CentOS6RegionArch2AMI", { "Ref" : "AWS::Region" },
{ "Fn::FindInMap" : [ "AWSInstanceType2Arch", { "Ref" : "InstanceType" }, "Arch" ] } ] },
"Tags" : [
{ "Key" : "Name", "Value" : "jenkins" }
],
"UserData" : { "Fn::Base64" : { "Fn::Join" : ["", [
"#!/bin/bash -xe\n",
"get_jenkins_jar () { EX=; while [ \"${EX}\" != \"0\" ]; do curl -o /tmp/jenkins-cli.jar http://localhost:8080/jnlpJars/jenkins-cli.jar && EX=$? || EX=$?; if [ \"${EX}\" != \"0\" ]; then sleep 5; fi; done; }\n",
"install_plugin () { EX=; while [ \"${EX}\" != \"0\" ]; do java -jar jenkins-cli.jar -s http://localhost:8080/ install-plugin \"$1\" && EX=$? || EX=$?; if [ \"${EX}\" != \"0\" ]; then if [ \"${EX}\" == \"1\" ]; then get_jenkins_jar; fi; sleep 5; fi; done; }\n",
"yum install -y git java-1.7.0-openjdk-devel\n",
"iptables -I INPUT -p tcp -m tcp --dport 8080 -j ACCEPT\n",
"service iptables save\n",
"curl -o /etc/yum.repos.d/jenkins.repo http://pkg.jenkins-ci.org/redhat/jenkins.repo\n",
"rpm --import http://pkg.jenkins-ci.org/redhat/jenkins-ci.org.key\n",
"yum -y install jenkins\n",
"service jenkins start\n",
"get_jenkins_jar\n",
"cd /tmp\n",
"install_plugin codedeploy\n",
"install_plugin s3\n",
"install_plugin git\n",
"install_plugin job-dsl\n",
"install_plugin https://github.com/awslabs/aws-codepipeline-plugin-for-jenkins/raw/master/dist/aws-codepipeline-plugin-for-jenkins.hpi\n",
"java -jar /tmp/jenkins-cli.jar -s http://localhost:8080/ safe-restart\n",
"runuser -l jenkins -s /bin/bash -c '",
"mkdir $HOME/.ssh;",
"chmod 700 $HOME/.ssh;",
"ssh-keygen -b 2048 -t rsa -f $HOME/.ssh/id_rsa -q -N \"\";",
"chmod 600 $HOME/.ssh/id_rsa*",
"'\n",
"rpm -ivh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm\n",
"yum install -y python-pip\n",
"pip install --upgrade pip\n",
"pip install awscli\n",
"GIT_USER=$(runuser -l jenkins -s /bin/bash -c '",
"AWS_ACCESS_KEY_ID=", { "Ref" : "JenkinsAccessKey" },
" AWS_SECRET_ACCESS_KEY='", { "Fn::GetAtt" : [ "JenkinsAccessKey", "SecretAccessKey" ] }, "'",
" AWS_DEFAULT_REGION=", { "Ref" : "AWS::Region" },
" aws iam upload-ssh-public-key --user-name ", { "Ref" : "JenkinsGitUser" }, " --ssh-public-key-body \"$(cat $HOME/.ssh/id_rsa.pub)\" --output text --query \"SSHPublicKey.SSHPublicKeyId\"')\n",
"runuser -l jenkins -s /bin/bash -c '",
"cat <<EOF > $HOME/.ssh/config\n",
"Host git-codecommit.*.amazonaws.com\n",
" User '${GIT_USER}'\n",
" IdentityFile ~/.ssh/id_rsa\n",
" StrictHostKeyChecking no\n",
"EOF\n",
"chmod 600 $HOME/.ssh/config",
"'\n"
]]}}
}
},
"JenkinsEIP" : {
"Type" : "AWS::EC2::EIP",
"Properties" : {
"InstanceId" : { "Ref" : "JenkinsInstance" }
}
}
},
"Outputs" : {
"InstanceId" : {
"Description" : "InstanceId of the newly created Jenkins instance",
"Value" : { "Ref" : "JenkinsInstance" }
},
"PublicDNS" : {
"Description" : "Public DNSName of the newly created Jenkins instance",
"Value" : { "Fn::GetAtt" : [ "JenkinsInstance", "PublicDnsName" ] }
},
"PublicIP" : {
"Description" : "Public IP address of the newly created Jenkins instance",
"Value" : { "Fn::GetAtt" : [ "JenkinsInstance", "PublicIp" ] }
}
}
}
Copy link

ghost commented Oct 20, 2015

te, nem vagy. jeles!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment