Terraform part9

By

CI/CD with Terraform

An end-to-end pipeline below stages a typical example will have

Where Provision Server step Terraform, integration is required. To execute Terraform commands in Jenkins we need to do 4 steps

  • install Terraform in Jenkins container.
  • Prepare ssh key pair
  • Write TF scripts
  • Write a stage to execute terraform apply

Create SSH Key Pair

we need to create ssh key in Jenkin server and use the same in terraform config file. An alternative we can create one key pair in  AWS manually and create a credential in Jenkins from that key pair.

The username ec2-user. And the private key, we’re going to just paste in the contents of the pem file inside here.

So now we can associate this key with an instance when we create it with Terraform and Jenkins server will be able to SSH into the server to deploy the application using this private key.

Install Terraform inside Jenkins Container

Login to inside the Jenkins container and we’re going to install terraform

we are inside Jenkins container now as a root user.

So the first command is going to add the key which is the Hashicorp key and write it to a file on our Jenkins server. so the next command is going to add the official Hashicorp repository to the list of installation sources.

Terraform Configuration Files

Terraform Meta here we are configuring remote state store as s3 bucket .

Provider and vpc ,subnet configuration

Configuration settings in IGW  default route table

Configuration settings in vpc default Security group where allowed traffic form jenkins machine and Laptop IP

Read latest AMI

Create EC2 instance and execute below script file on remote machine to install Docker and Docker compose.

Provision Stage in Jenkinsfile

To connect to terraform to AWS we need to configure AWS environment variables

AWS_ACCESS_KEY_ID ,  AWS_SECRET_ACCESS_KEY  from credential store .

To move to terraform folder dir()

To capture the output to environment variable 

sh(   script: “terraform output ec2-public_ip”,  returnStdout: true    ).trim()

Deploy Stage in Jenkinsfile

Docker compose file and server-cmd.sh files content below:

DOCKER_CREDS = credentials(‘docker-hub-repo’)

  • Retrieves Docker Hub credentials from Jenkins credentials store.
  • Provides username and password securely for Docker authentication.

Sleeps for 90 seconds to allow EC2 instance to boot properly.

sshagent([‘server-ssh-key’]): Loads SSH key stored in Jenkins credentials (server-ssh-key).

Copy server-cmds.sh to EC2:

Copy docker-compose.yaml to EC2:

In EC2 run server-cmds.sh  passing 3 parameters ImageName , docker login username , password

code repo