Upload
jimmy-ray
View
447
Download
4
Embed Size (px)
Citation preview
Central VA AWS UGJenkins in AWS
1 7 F E B R U A R Y 2 0 1 6
2
Agenda
Tonight’s AWS Architecture
Installation Options
Jenkins Overview
Security Options
Plugins
EC2 Integration (Roles, Users, Policies)
3
Jenkins Overview
“Jenkins is an open source continuous integration tool written in Java. The project was forked from Hudson after a dispute with Oracle. Jenkins provides continuous integration services for software development. It is a server-based system running in a servlet container such as Apache Tomcat.” - https://en.wikipedia.org/wiki/Jenkins_(software)
Easy Integration
900+ Plugins
Easy Installation
Customization
4
Tonight’s Architecture
5
Tonight’s Architecture
6
Tonight’s Architecture
7
Jenkins Installation Options
LTS Version*
Java, Git, Maven
Yum (AWS 64bt Linux AMI) or AWS Marketplace (Bitnami Jenkins on Ubuntu)
8
Groovy Startup ScriptPerforms post initialization tasks
Jenkins.properties/init.groovy in $JENKINS_HOME
9
Jenkins Plugins
Plugins are the key to enhancing Jenkins functionality, usability, and interoperability. Most plugins are OSS.
Cloudbees - https://www.cloudbees.com/products/cloudbees-jenkins-platform/enterprise-edition/features
Some are better supported than others.
Integration
900+
Customization
10
Jenkins Security
Authorization
Test with Mock Realm
Realms (test with Mock Realm)
Combine with AWS Shared Responsibility Model
11
EC2 Plugin
Easy to use EC2 IAM Roles
EC2 instances and IAM Roles (Don’t use *s)
Starting and managing slaves, to achieve dynamic horizontal scaling across the AWS cloud.
Setup AWS CLI as Jenkins user (sudo su -s /bin/bash jenkins, aws configure)
Demo
12
CodeDeploy Setup
IAM Users, Groups, Roles, Policies, Trust Relationships (resources that can assume the role)
AWS CodeDeploy Plugin
Deployment target EC2 instances run codedeploy-agent, and use IAM Role
Code deployment agent will run on deployment targets
Setup S3 bucket for Jenkins Code Deployment Plugin
13
CodeCommit Setup
Create IAM user, with groups and permissions (polices).
Use as Git repository.
Deployment target EC2 instances run codedeploy-agent, and use IAM Role
Use aws-cli that supports CodeCommit and Credential Helper commands.
Disable OSX Keychain Access Utility (Code Commit 15 minute password expiration)
14
Syncing Jenkins Config to AWS Code Commit
SCM Sync Config shared additionnal includes
SCM Sync configuration plugin
15
AWS CodePipeline
Visualization of CD stages
CD Service
Requires role with appropriate CodePipeline policies
Requires S3 bucket versioning enabled.
Can be integrated with remote Jenkins via AWS CodePipeline Plugin
16
Questions?
THANK YOU.