Scribd
Upload
6 views10 pages

Comprehensive DevOps Task

The document outlines a two-phase infrastructure setup involving Jenkins and a web application on AWS. Phase 1 details the installation of Jenkins, Terraform, and PostgreSQL, along with the configuration of an EC2 instance and necessary IAM roles. Phase 2 focuses on creating a VPC, subnets, and load balancers, as well as deploying a web application and ensuring secure access via SSL/TLS certificates.

Uploaded by

satyaachilukurii
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
6 views10 pages

Comprehensive DevOps Task

The document outlines a two-phase infrastructure setup involving Jenkins and a web application on AWS. Phase 1 details the installation of Jenkins, Terraform, and PostgreSQL, along with the configuration of an EC2 instance and necessary IAM roles. Phase 2 focuses on creating a VPC, subnets, and load balancers, as well as deploying a web application and ensuring secure access via SSL/TLS certificates.

Uploaded by

satyaachilukurii
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 10

Infrastructure Setup

Phase-1:

Jenkins Setup
1.Create an EC2 instance in public subnet
2. Install AWS CLI
curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o
"awscliv2.zip"
sudo apt install unzip
unzip awscliv2.zip
sudo ./aws/install
aws configure

3. Install java17
sudo apt update
sudo apt install fontconfig openjdk-17-jre
java -version
openjdk version "17.0.8" 2023-07-18
OpenJDK Runtime Environment (build 17.0.8+7-Debian-1deb12u1)
OpenJDK 64-Bit Server VM (build 17.0.8+7-Debian-1deb12u1, mixed mode, sharing)

4.Install Jenkins
sudo wget -O /usr/share/keyrings/jenkins-keyring.asc \
https://pkg.jenkins.io/debian-stable/jenkins.io-2023.key
echo "deb [signed-by=/usr/share/keyrings/jenkins-keyring.asc]" \
https://pkg.jenkins.io/debian-stable binary/ | sudo tee \
/etc/apt/sources.list.d/jenkins.list > /dev/null
sudo apt-get update
sudo apt-get install jenkins
sudo systemctl enable Jenkins
sudo systemctl start jenkins
sudo systemctl status jenkins

5. Install terraform in EC2 Instance


sudo apt-get update && sudo apt-get upgrade -y
sudo apt-get install -y gnupg software-properties-common curl
curl -fsSL https://apt.releases.hashicorp.com/gpg | sudo apt-key add –
sudo apt-add-repository "deb [arch=amd64] https://apt.releases.hashicorp.com
$(lsb_release -cs) main"
sudo apt-get update
sudo apt-get install -y terraform
terraform -version
6.Create IAM user for CLI with necessary policies/permissions
7.Generate Access Keys and Secret Keys
8. Access Jenkins using <13.235.67.255:8080> and install Suggested Plugins
9. Create Target groups, Application Load Balancer for Jenkins

10. Create a Record for Application Load Balancer and generate SSL/TLS Certificate for the domain name.

11. Add the HTTPS Listener and attach the generated Certificate and also modify the HTTP listener to
redirect the Traffic to HTTPS.

12. Now Access the Jenkins using the domain name <jenkins.madhumadeep.world>

Phase-2:
Create VPC, Subnets, Routes, Internet Gateway, EC2 Instances, Security Groups:
Github Repo: https://github.com/Madeep9347/test-project.git
Created the Jenkins Job to automate the terraform commands
pipeline {
agent any

environment {
AWS_ACCESS_KEY_ID = credentials('AccesskeyID')
AWS_SECRET_ACCESS_KEY = credentials('Secretaccesskey')
AWS_REGION = "ap-south-1"
}

stages {
stage("Checkout from GIT") {
steps {
git branch: 'main', url: 'https://github.com/Madeep9347/test-project.git'
}
}

stage("Terraform Init") {
steps {
script {
//sh 'terraform init -reconfigure -input=false'
sh 'terraform init -reconfigure'

}
}
}
stage("Terraform Format") {
steps {
script {
sh 'terraform fmt'
}
}
}

stage("Terraform Validate") {
steps {
script {
sh 'terraform validate'
}
}
}

stage("Terraform Plan") {
steps {
script {
sh 'terraform plan'
}
}
}

stage("Terraform Apply") {
steps {
script {
sh 'terraform apply --auto-approve'
//sh 'terraform destroy --auto-approve'
}
}
}
}
}

STEPS:
Postgres Setup:
1.Connect to bastion_host EC2 Instance and add the pem file and change the file
permissions using chmod 400 <pemfile>
2.Using that pem file and connect to the Postgres Instance in the Private subnet and update
the packages
Sudo apt update
3. Install the postgres using “sudo apt-get install postgresql”
4. Set the New Password to the postgres
5. Move to this path /etc/postgresql/16/main and update the pg_hba.conf fle

Add the webapplication private Ip address


6.similarly update the postgresql.conf

7. Reststart the postgres


sudo systemctl restart postgresql
Web Application setup:
1.Connect to bastion_host EC2 Instance and add the pem file and change the file
permissions using chmod 400 <pemfile>
2.Using that pem file and connect to the web_application Instance in the Private subnet and
update the packages
Sudo apt update
3. Install the postgres using “sudo apt-get install postgresql”
4. Clone the Web Application into the web_application instance

Git clone https://github.com/Madeep9347/test-webapp.git


5. install the psycopg2-binary
pip3 install psycopg2-binary
6. Install the flask
sudo apt update
sudo apt install python3 python3-venv python3-pip
mkdir test-webapp
cd test-webapp
python3 -m venv venv
source venv/bin/activate
pip install flask
7. Now run the application in background
source venv/bin/activate
nohup python3 app.py > flask.log 2>&1 &
tail -f flask.log
Create LoadBalancer for web_application:
1. Create the Targets Group for the web_application Instance

2. Now Create the Application Load Balancer using the Webapp Target Groups
3. Allow the security ports 80, 443 for webapp ALB
4. Create the Simple record for ALB in route53
5. Generate SSL/TLS certificate for the webapp ALB using aws certificate manager and
certificate as a record in route53

6. Now Add the HTTPS Listener and attach the certificate to it


7. Update the HTTP Listerner as forward the Traffic to HTTPS
Now Access the Application using the domain name “webapp.madhumadeep.world”
8. All these data is stored in postgres database

Github Repositories:

Infrasetup: https://github.com/Madeep9347/test-project.git

WebApplication: https://github.com/Madeep9347/test-webapp.git

Domain Names:

https://jenkins.madhumadeep.world/

https://webapp.madhumadeep.world/

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy