-
Notifications
You must be signed in to change notification settings - Fork 306
/
Copy pathec2.tf
133 lines (104 loc) · 3.01 KB
/
ec2.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
# configured aws provider with proper credentials
provider "aws" {
region = "ap-south-1"
profile = "mr-cloud-book"
}
# create default vpc if one does not exit
resource "aws_default_vpc" "default_vpc" {
tags = {
Name = "default vpc"
}
}
# use data source to get all avalablility zones in region
data "aws_availability_zones" "available_zones" {}
# create default subnet if one does not exit
resource "aws_default_subnet" "default_az1" {
availability_zone = data.aws_availability_zones.available_zones.names[0]
tags = {
Name = "default subnet"
}
}
# create security group for the ec2 instance
resource "aws_security_group" "ec2_security_group" {
name = "ec2 security group"
description = "allow access on ports 8080 and 22"
vpc_id = aws_default_vpc.default_vpc.id
# allow access on port 8080
ingress {
description = "http proxy access"
from_port = 8080
to_port = 8080
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
# allow access on port 22
ingress {
description = "ssh access"
from_port = 22
to_port = 22
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
egress {
from_port = 0
to_port = 0
protocol = -1
cidr_blocks = ["0.0.0.0/0"]
}
tags = {
Name = "jenkins server security group"
}
}
# use data source to get a registered amazon linux 2 ami
data "aws_ami" "amazon_linux_2" {
most_recent = true
owners = ["amazon"]
filter {
name = "owner-alias"
values = ["amazon"]
}
filter {
name = "name"
values = ["amzn2-ami-hvm*"]
}
}
# launch the ec2 instance and install website
resource "aws_instance" "ec2_instance" {
ami = data.aws_ami.amazon_linux_2.id
instance_type = "t2.micro"
subnet_id = aws_default_subnet.default_az1.id
vpc_security_group_ids = [aws_security_group.ec2_security_group.id]
key_name = "mumbai"
# user_data = file("install_jenkins.sh")
tags = {
Name = "Jenkins serrver"
}
}
# an empty resource block
resource "null_resource" "name" {
# ssh into the ec2 instance
connection {
type = "ssh"
user = "ec2-user"
private_key = file("~/Downloads/mumbai.pem")
host = aws_instance.ec2_instance.public_ip
}
# copy the install_jenkins.sh file from your computer to the ec2 instance
provisioner "file" {
source = "install_jenkins.sh"
destination = "/tmp/install_jenkins.sh"
}
# set permissions and run the install_jenkins.sh file
provisioner "remote-exec" {
inline = [
"sudo chmod +x /tmp/install_jenkins.sh",
"sh /tmp/install_jenkins.sh",
]
}
# wait for ec2 to be created
depends_on = [aws_instance.ec2_instance]
}
# print the url of the jenkins server
output "website_url" {
value = join("", ["http://", aws_instance.ec2_instance.public_dns, ":", "8080"])
}