Local: Vagrant You can view Vagrantfile for local machine configuration.
Production: Digital Ocean My droplets configuration like image above.
- Configure instance-a
- Register ssh-key jenkins and root in machine to github (manual).
- Run instance-a.sh for initial configuration before we fully use the ansible.
- Use certbot for free ssl configuration (manual). Choose the wildcard mask to support our Nginx reverse proxy.
- Create ansible roles for converting the infrastructure as code
- Write roles for docker configuration, docker elasticsearch, docker nginx, jenkins configuration, and elasticsearch firewall
- docker-nginx : configure the nginx reverse proxy on default.conf and ssl files. Both files on templates folder
- docker-elasticsearch : dockerfile for creating elasticsearch custom image with S3 Repository plugin and docker-compose for serving the custom image. Both files on template folder
- docker : installment and configuration for docker
- essential : mandatory application will be install here
- jenkins : installment and configuration for jenkins
- instance-b-fw : configuration firewall for instance-b which allow PORT 9200 from docker to instance IP Address
- instance-a-fw : configuration firewall for instance-a DROP any ICMP IN from any address
- Create ansible-playbook for execute targeted host with roles configuration
- But first i have to setup deployment machine manually for ansible and then we can move to essentials roles
- Configure jenkins and install plugins
- In this case i'm create freestyle jobs project on jenkins which run some command and invoke ansible-playbook
- Configure instance-b
- Register ssh-key jenkins@instance-a on DigitalOcean so this instance auto get ssh-key for deployment server
- Let the rest configuration executed in instance-a
You can view the result of this by visit:
- main url: https://hompimpah.xyz
- jenkins: https://jk.hompimpah.xyz
- elasticsearch: https://elastic.hompimpah.xyz
- testing: https://testing.hompimpah.xyz