Monday, October 14, 2019

CI / CD pipeline using Jenkins with Github and Ansible

Summary :

Jenkins is a free and open source automation server written in Java. Jenkins helps to automate the non-human part of the software development process, with continuous integration and facilitating technical aspects of continuous delivery. 

This post will explain the process of how to integrate CI/CD pipeline using Jenkins, GitHub, and Ansible.
 
Environment :

Ansible playbook to deploy two apache web servers with HAproxy load balancer.
 
  • GCP environment
  • github for SCM
  • host1: Centos 7 + jenkins + ansible + git --> used for jenkins server
  • host2: Centos 7 + ansible + git --> used for jump host
  • host3: Centos 7 --> Apache web server1
  • host4: Centos 7 --> Apache web server2
  • host5: Centos 7 --> HAproxy load balancer server

 Install jenkins server:

yum install httpd -y
systemctl enable httpd
systemctl start httpd

yum -y install java-1.8.0-openjdk

wget -O /etc/yum.repos.d/jenkins.repo http://pkg.jenkins-ci.org/redhat-stable/jenkins.repo

rpm --import https://jenkins-ci.org/redhat/jenkins-ci.org.key

yum -y install jenkins-2.164.2

systemctl enable jenkins
systemctl start jenkins





Check jenkins port status and open firewall ports :

 # netstat -na | grep 8080
tcp6       0      0 :::8080     :::*    LISTEN    
 
# iptables-save | grep 8080

# firewall-cmd --zone=public --add-port=8080/tcp --permanent success
# firewall-cmd --reload
success

# netstat -na | grep 8080
tcp6       0      0 :::8080     :::*    LISTEN  

Note:- Allow port 8080 on GCP - VPC firewall rules


Install required packages and plugins :

# yum install git -y

# yum install ansible -y

Generate ssh key
Copy ssh key to remote machine where Ansible playbook to be run

Install git,Ansible plugin, and publish over ssh from jenkins gui

# vim /etc/ansible/ansible.cfg
# *****uncomment this to disable SSH key host checking****
host_key_checking = False



First time login to jenkins GUI :







 







 






Integrate github with jenkins :


Github --> Setting --> Developer settings --> Personal access tokens --> Generate new token






Generate token and copy it



Manage Jenkins --> Configure system



Select credentials as Jenkins

 
 Key in the secret which you copied from github

 


Select Manage hook and Test the connection

 



Creating Jenkins job (project) :
 
Enter project name and select Freestyle project



On Source Code Management select Git and key in corresponding git repository url

On Build Triggers select " Github hook trigger for GitScm polling "




On build select option "Invoke Ansible Playbook"

Specify appropriate playbook path and host file 



Configure Global Security :





Verify integration between github and jenkins :


Testing :

 Copy necessary jenkins ssh key to remote hosts where ansible play book to be run.

 Console output from Jenkins project while code push to github repository master origin

 Started by GitHub push by vdsridevops
Running as SYSTEM
Building in workspace /var/lib/jenkins/workspace/web-haproxy
No credentials specified
 > git rev-parse --is-inside-work-tree # timeout=10
Fetching changes from the remote Git repository
 > git config remote.origin.url https://github.com/vdsridevops/web-haproxy.git # timeout=10
Fetching upstream changes from https://github.com/vdsridevops/web-haproxy.git
 > git --version # timeout=10
 > git fetch --tags --progress https://github.com/vdsridevops/web-haproxy.git +refs/heads/*:refs/remotes/origin/*
 > git rev-parse refs/remotes/origin/master^{commit} # timeout=10
 > git rev-parse refs/remotes/origin/origin/master^{commit} # timeout=10
Checking out Revision 7b6047a5b55f1884c9a6dd3e554c0af62b0d295b (refs/remotes/origin/master)
 > git config core.sparsecheckout # timeout=10
 > git checkout -f 7b6047a5b55f1884c9a6dd3e554c0af62b0d295b
Commit message: "3rd commit"
 > git rev-list --no-walk 8f4a280a813c5506ac5c951490d637fac5068e8c # timeout=10
[web-haproxy] $ sshpass ******** /usr/bin/ansible-playbook /var/lib/jenkins/workspace/web-haproxy/main.yml -i /var/lib/jenkins/workspace/web-haproxy/hosts -f 5 -u root -k

PLAY [Install apache] **********************************************************

TASK [Gathering Facts] *********************************************************
ok: [ansible-node1]

ok: [ansible-node2]

TASK [apache : install apache on web server] ***********************************
ok: [ansible-node1] => (item=httpd)
ok: [ansible-node2] => (item=httpd)

ok: [ansible-node1] => (item=httpd-tools)
ok: [ansible-node2] => (item=httpd-tools)

TASK [apache : copy php file] **************************************************

ok: [ansible-node1]
ok: [ansible-node2]

PLAY [install and configure Loadbalancer] **************************************

TASK [Gathering Facts] *********************************************************

ok: [haproxy]

TASK [haproxy : Install haproxy] ***********************************************

ok: [haproxy]

TASK [haproxy : Copy haproxy config file] **************************************
ok: [haproxy]

PLAY RECAP *********************************************************************
ansible-node1              : ok=3    changed=0    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0  
ansible-node2              : ok=3    changed=0    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0  
haproxy                    : ok=3    changed=0    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0  

Finished: SUCCESS
on 2 comments:
Subscribe to: Posts (Atom)