Skip to content

Stuff to provision Jenkins/SonarQube/Environments for attendees of a Jenkins workshop

Notifications You must be signed in to change notification settings

ToulouseJAM/jam-workshop-infra

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

24 Commits
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Toulouse JAM Workshop infrastructure

About

This repository contains all the stuff needed to provision a Jenkins master, a SonarQube instance and some staging/"prod" environments for a workshop usecase.

All machines are provisioned using Terraform/Ansible and Docker on the DigitalOcean cloud.

Jenkins master is automatically configured with the DigitalOcean Plugin which permits to dynamically provision Jenkins agents on demand.

Prerequisites

It’s assume that :

  • you are on a Linux system (only tested on Fedora 25)

  • you have ansible and terraform installed locally (tested with ansible==2.3.0 and terraform==0.7.10)

  • a variable DO_API with DigitalOcean credentials is exported on the current shell

  • a ssh key pair is available on the root of this repository (id_rsa_jam, id_rsa_jam.pub), and must be added to your DigitalOcean settings

Since the SSH key pair is created on your own laptop, you need to adapt provisoning files with your own credentials.

  • Update ssh_keys property of jenkins-masters/jenkins-masters.tf, environments/environments.tf and sonarqube/sonarqube.tf Terraform provisioning files with the fingerprint of the dedicated SSH public key (you can easily get it from DigitalOcean settings)

Machines creation

Inside each directory (jenkins-masters, sonarqube, environments), you can access some kind of provisioning commands.

Display terraform execution plan to provision X machines :
$> make plan n=X
Trigger provisioning of X machines :
$> make provision n=X

This action will create (or update) X new machines on DigitalOcean cloud accordingly to the configuration specified into jenkins-masters/jenkins-masters.tf, environments/environments.tf or sonarqube/sonarqube.tf files. Then, a provisioning with Ansible playbooks (see *.yml files inside each directory) is triggered on all created/updates machines with a dynamic inventory of Ansible.

Caution
this action is strictly idempotent. It means that if you start with "make provision n=5" and then execute "make provision n=4", the fifth machine will be directly deleted by terraform !! To be sure, first run "make plan n = X" and read carefully what are Terraform’s plans before a "make provision" action.

What’s the username/password of my instance ?

By default, Jenkins master are provisioned with :

  • login = jenkins-${counter}

  • password = ${digitalocean_droplet_id}

You can display all ip/login/password provisioned with Terraform using the following command :
$> make infos

Display Jenkins logs of a target machine

Assuming you have direct access to target machine (ssh key pushed), you can execute the following command :
$> make logs jenkins-2

Connect to a target machine

Assuming you have direct access to target machine (ssh key pushed), you can execute the following command :
$> make go jenkins-10

Generate all informations for attendees

You can launch the script gen-txt.sh to create one file per attendee containing all dedicated instances informations. All files are created inside a _dist directory.

Known limitations

Jenkins DigitalOcean Plugin needs to have your "ssh_key_id" number during provisioning (see jenkins-masters/jenkins-provisioning.yml#14). This is a DigitalOcean specific number and it’s completely dependant of your DigitalOcean settings. To retrieve this number, the only way I found is to configure manually the plugin the first time, retrieve the config.xml of Jenkins and get this number from the file.

Caution
DigitalOcean sets a limit of number of Droplets. You need to increase both on DigitalOcean side (a dedicated form is available on DigitalOcean website) and on the file jenkins-masters/jenkins-provisioning.yml depending on the number of attendees.
Caution
Since all Jenkins instances share the same DigitalOcean API key, you are limited by DigitalOcean API Rate Limit.
Caution
the instanceCap property specified inside the Jenkins DigitalOcean plugin configuration is global to all attendees (since it’s the same API key for each attendee).

Further improvements

There are some "code duplication" and limitations that could be improved here.

  • We could have a "meta" Makefile on the root and add a kind of action targeting a specific directory. For example : make jenkins provision n=2

  • The script terraform-inventory.py used to create a dynamic inventory of Ansible and Terraform is currently duplicated on each subdirectory

  • The SSH key pair informations specified could be specified more dynamically using Terraform variables.

  • The digitalocean.tf file is also duplicated on each subdirectory

Yeah, it’s a little dirty, but those scripts have been evolved/improved in hurry ! And PRs are always welcome :-)

About

Stuff to provision Jenkins/SonarQube/Environments for attendees of a Jenkins workshop

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • Python 84.9%
  • Groovy 4.9%
  • Makefile 4.3%
  • HCL 3.1%
  • Shell 2.8%