diff --git a/Devops-project1/Jenkinsfile b/Devops-project1/Jenkinsfile new file mode 100644 index 0000000..763a76c --- /dev/null +++ b/Devops-project1/Jenkinsfile @@ -0,0 +1,80 @@ + +pipeline { + + parameters { + string(name: 'environment', defaultValue: 'terraform', description: 'Workspace/environment file to use for deployment') + string(name: 'region', defaultValue: 'us-east-1', description: 'select region to deployment') + string(name: 'env', defaultValue: 'prod', description: 'select environment to deployment') + string(name: 'service', defaultValue: 'apache', description: 'please provide service name') + booleanParam(name: 'autoApprove', defaultValue: false, description: 'Automatically run apply after generating plan?') + + } + + + environment { + AWS_ACCESS_KEY_ID = credentials('AWS_ACCESS_KEY_ID') + AWS_SECRET_ACCESS_KEY = credentials('AWS_SECRET_ACCESS_KEY') + } + + agent any + options { + timestamps () + ansiColor('xterm') + } + stages { + stage('checkout') { + steps { + git branch: "devops1", url: "https://github.com/Kerem-Tokgoz/Terraform-Tutorial.git" + } + } + + stage('Plan') { + steps { + sh ''' + cd Devops-project1 ; + TF_LOG=DEBUG terraform init \ + -upgrade=true \ + -get=true \ + -input=true \ + -force-copy \ + -backend=true \ + -backend-config "bucket=aws-terraform-devops-backend-kerem" \ + -backend-config "key=terraform-${region}/${service}.tfstate" \ + -backend-config "region=${region}" \ + -backend-config "dynamodb_table=terraform" \ + -lock=true + ''' + sh """#!/bin/bash + cd Devops-project1 ; terraform workspace show | grep ${environment} ; if [ "\$?" == 0 ];then echo "workspace already exists ";else terraform workspace new ${environment}; fi; + + echo "INFO: Terraform -> Working for ${environment}"; + terraform plan -var region=${region} -out tfplan -lock=true; + terraform show -no-color tfplan > tfplan.txt; + """ + } + } + stage('Approval') { + when { + not { + equals expected: true, actual: params.autoApprove + } + } + + steps { + script { + def plan = readFile 'Devops-project1/tfplan.txt' + input message: "Do you want to apply the plan?", + parameters: [text(name: 'Plan', description: 'Please review the plan', defaultValue: plan)] + } + } + } + + stage('Apply') { + steps { + sh "cd Devops-project1 ; terraform apply -input=false tfplan " + } + } + + } + + } diff --git a/Devops-project1/apache_config.sh b/Devops-project1/apache_config.sh new file mode 100644 index 0000000..b4ca964 --- /dev/null +++ b/Devops-project1/apache_config.sh @@ -0,0 +1,6 @@ +#! /bin/bash +sudo yum update -y +sudo yum install -y httpd.x86_64 +sudo service httpd start +sudo service httpd enable +echo "

Welcome to apche server

" | sudo tee /var/www/html/index.html diff --git a/Devops-project1/output.tf b/Devops-project1/output.tf new file mode 100644 index 0000000..38a1773 --- /dev/null +++ b/Devops-project1/output.tf @@ -0,0 +1,3 @@ +output "user_data_example_input_file" { + value = "${aws_instance.user_data_example_input_file.public_ip}" +} diff --git a/Devops-project1/provider.tf b/Devops-project1/provider.tf new file mode 100644 index 0000000..0463061 --- /dev/null +++ b/Devops-project1/provider.tf @@ -0,0 +1,18 @@ +provider "aws" { + region = var.region + version = "~> 2.0" +} + +# data "terraform_remote_state" "network" { +# backend = "s3" +# config = { +# bucket = "aws-terraform-devops-backend" +# key = "network/terraform.tfstate" +# region = "us-east-1" +# } +# } + +terraform { + backend "s3" { + } +} diff --git a/Devops-project1/security_group.tf b/Devops-project1/security_group.tf new file mode 100644 index 0000000..6bbf55a --- /dev/null +++ b/Devops-project1/security_group.tf @@ -0,0 +1,28 @@ +resource "aws_security_group" "allow_ssh" { + name = "apche-sg" + description = "Allow SSH inbound traffic" + #vpc_id = aws_vpc.vpc_demo.id + + ingress { + # SSH Port 22 allowed from any IP + from_port = 22 + to_port = 22 + protocol = "tcp" + cidr_blocks = ["0.0.0.0/0"] + } + + ingress { + # SSH Port 80 allowed from any IP + from_port = 80 + to_port = 80 + protocol = "tcp" + cidr_blocks = ["0.0.0.0/0"] + } + + egress { + from_port = 0 + to_port = 0 + protocol = "-1" + cidr_blocks = ["0.0.0.0/0"] + } +} diff --git a/Devops-project1/user-data-file-input.tf b/Devops-project1/user-data-file-input.tf new file mode 100644 index 0000000..ac7cbce --- /dev/null +++ b/Devops-project1/user-data-file-input.tf @@ -0,0 +1,17 @@ + +resource "aws_instance" "user_data_example_input_file" { + ami = lookup(var.ami_id, var.region) + instance_type = var.instance_type +# subnet_id = aws_subnet.public_1.id + + # Security group assign to instance + vpc_security_group_ids = [aws_security_group.allow_ssh.id] + + # key name + key_name = var.key_name + user_data = "${file("apache_config.sh")}" + + tags = { + Name = "Apache-Server1" + } +} diff --git a/Devops-project1/variables.tf b/Devops-project1/variables.tf new file mode 100644 index 0000000..246c6d7 --- /dev/null +++ b/Devops-project1/variables.tf @@ -0,0 +1,20 @@ +variable "region" { + type = "string" + default = "us-east-2" +} +variable "ami_id" { + type = "map" + default = { + us-east-1 = "ami-035b3c7efe6d061d5" + eu-west-2 = "ami-132b3c7efe6sdfdsfd" + eu-central-1 = "ami-9787h5h6nsn75gd33" + } +} +variable "instance_type" { + type = "string" + default = "t2.micro" +} +variable "key_name" { + type = "string" + default = "ec2-demo" +} diff --git a/EC2withJenkins/ec2_jenkins.tf b/EC2withJenkins/ec2_jenkins.tf index b99c0ef..7c17958 100644 --- a/EC2withJenkins/ec2_jenkins.tf +++ b/EC2withJenkins/ec2_jenkins.tf @@ -20,6 +20,12 @@ resource "aws_instance" "ec2_jenkins" { curl --silent --location http://pkg.jenkins-ci.org/redhat-stable/jenkins.repo | sudo tee /etc/yum.repos.d/jenkins.repo sudo rpm --import https://jenkins-ci.org/redhat/jenkins-ci.org.key yum install -y jenkins + yum install -y git + + wget https://releases.hashicorp.com/terraform/0.12.29/terraform_0.12.29_linux_amd64.zip + unzip terraform_0.12.29_linux_amd64.zip + mv terraform /usr/bin + systemctl start jenkins systemctl status jenkins systemctl enable jenkins diff --git a/terraform-aws-ec2-userdata/Jenkinsfile b/terraform-aws-ec2-userdata/Jenkinsfile new file mode 100644 index 0000000..414b04b --- /dev/null +++ b/terraform-aws-ec2-userdata/Jenkinsfile @@ -0,0 +1,77 @@ + +pipeline { + + parameters { + string(name: 'environment', defaultValue: 'terraform', description: 'Workspace/environment file to use for deployment') + string(name: 'service', defaultValue: 'apache', description: 'please provide service name') + booleanParam(name: 'autoApprove', defaultValue: false, description: 'Automatically run apply after generating plan?') + + } + + + environment { + AWS_ACCESS_KEY_ID = credentials('AWS_ACCESS_KEY_ID') + AWS_SECRET_ACCESS_KEY = credentials('AWS_SECRET_ACCESS_KEY') + } + + agent any + options { + timestamps () + ansiColor('xterm') + } + stages { + stage('checkout') { + steps { + git branch: "devops1", url: "https://github.com/easyawslearn/Terraform-Tutorial.git" + } + } + + stage('Plan') { + steps { + sh ''' + cd terraform-aws-ec2-userdata ; + terraform init \ + -upgrade=true \ + -get=true \ + -input=false \ + -force-copy \ + -backend=true \ + -backend-config "bucket=aws-terraform-devops-backend" \ + -backend-config "key=terraform/${service}.tfstate" \ + -backend-config "region=us-east-1" \ + -backend-config "dynamodb_table=terraform" \ + -lock=true + ''' + sh """#!/bin/bash + cd terraform-aws-ec2-userdata ; terraform workspace show | grep ${environment} ; if [ "\$?" == 0 ];then echo "workspace already exists ";else terraform workspace new ${environment}; fi; + + cd terraform-aws-ec2-userdata ; echo "INFO: Terraform -> Working for ${environment}"; + terraform plan -input=false -out tfplan -lock=true; + terraform show -no-color tfplan > tfplan.txt; + """ + } + } + stage('Approval') { + when { + not { + equals expected: true, actual: params.autoApprove + } + } + + steps { + script { + def plan = readFile 'terraform-aws-ec2-userdata/tfplan.txt' + input message: "Do you want to apply the plan?", + parameters: [text(name: 'Plan', description: 'Please review the plan', defaultValue: plan)] + } + } + } + + stage('Apply') { + steps { + sh "cd terraform-aws-ec2-userdata ; terraform apply -input=false tfplan" + } + } + } + + } diff --git a/terraform-aws-ec2-userdata/provider.tf b/terraform-aws-ec2-userdata/provider.tf index b3e50a9..0463061 100644 --- a/terraform-aws-ec2-userdata/provider.tf +++ b/terraform-aws-ec2-userdata/provider.tf @@ -1,4 +1,18 @@ provider "aws" { - region = "${var.region}" + region = var.region version = "~> 2.0" } + +# data "terraform_remote_state" "network" { +# backend = "s3" +# config = { +# bucket = "aws-terraform-devops-backend" +# key = "network/terraform.tfstate" +# region = "us-east-1" +# } +# } + +terraform { + backend "s3" { + } +} diff --git a/terraform-aws-ec2-userdata/security_group.tf b/terraform-aws-ec2-userdata/security_group.tf index f0d59de..6bbf55a 100644 --- a/terraform-aws-ec2-userdata/security_group.tf +++ b/terraform-aws-ec2-userdata/security_group.tf @@ -1,5 +1,5 @@ resource "aws_security_group" "allow_ssh" { - name = "allow_SSH" + name = "apche-sg" description = "Allow SSH inbound traffic" #vpc_id = aws_vpc.vpc_demo.id