/docker-jenkins-bootstrap

Bootstrapping Jenkins with Terraform, Ansible, Docker Compose, and Groovy init scripts

Primary LanguageGroovyApache License 2.0Apache-2.0

docker-jenkins-bootstrap

Bootstraps a dockerized Jenkins master/slave setup on Goocle Cloud Platform using Terraform, Ansible, Docker Compose, Træfik, Let’s Encrypt. Jenkins is completely configured with Groovy init scripts and Job DSL.

Prerequisites

Secret files are encrypted with git-crypt using a shared key. For this sample repo, the key file (git-crypt.key) is committed to Git, something you should not to for real-world stuff. You may use git-crypt via Docker container with the script git-script.sh.

./git-crypt.sh unlock git-crypt.key
./git-crypt.sh lock

Before you run scripts, make sure you unlock the repo in order to decrypt files. Files containing secrets in ansible/roles/docker_config/files are encrypted.

Create a Google service account key and store it as account.json in the repo root.

Terraform

Terraform is used to provision a GCP instance and the DNS setup. Once Google’s name servers are assigned to the DNS zone, they must be configured with the domain registrar. The setup is split up into network and compute. This allows the instance can be destroyed and recreated without touching network resources. This is important because recreating the DNS managed zone most certainly assignes a different set of name servers which would require reconfiguring name servers with the domain registrar.

The wrapper script terraform/tf is used to run Terraform.

 ./tf --help
Usage: tf <options> <terraform args>
    -h, --help             Display help
    -v, --verbose          Display verbose output
    -i, --init             Run 'terraform init' before executing the actual command
    -d, --directory        The directory to run Terraform in (must be relative to this script)
    --                     End of all options

State

Terraform state is stored in a GCS bucket which needs to be created before any network and compute resources so their state can be stored in this bucket.

./terraform/tf --directory base --init apply

Network

Creates a static IP address and the DNS managed zone. To keep things simple, the default network is used.

./terraform/tf --directory network --init apply

Compute

Creates a VM instance, firewall rules, and an A record for the Jenkins subdomain.

./terraform/tf --directory compute --init apply

Ansible

Ansible is used to install everything that’s needed to run Jenkins and also spins up Jenkins and Træfik using Docker Compose. Before running Ansible make sure you have the SSH key added to the SSH agent.

ssh-add ~/.ssh/google_compute_engine

The wrapper script for Ansible reads the IP address of the Jenkins instance from the Tarraform state and passes it as an extra var.

./ansible/playbook
💡
 A note for Mac users:
Shell scripts use readlink with the -f parameter. This parameter is not supported by the Mac version of readlink. You must install coreutils and put that first on the PATH.
:license apache 2.0 blue