Simple Jenkins EC2 Server deployment with AWS CloudFormation

Why are we using Cloudformation and not Packer or Terraform?

No particular reason.

CFT Instance Resource for Jenkins

Let us create the template for our Jenkins instance AND Security Group resources.

EC2InstanceJenkins:
Type: AWS::EC2::Instance
Properties:
IamInstanceProfile: !Ref "IAMInstanceProfileJenkins"
ImageId: "ami-062f7200baf2fa504" 
KeyName: !Ref "KeyPair" 
InstanceType: "t2.micro" 
SecurityGroupIds:
- !Fn::GetAtt "SecurityGroupID"
SubnetId: !Ref "SubnetID"

*I used a direct reference to the ami ID but you can always follow AWS suggestions to always have the latest ami using SSM Parameters.
** notice how I used parameter references for values that will change for your acct, make sure you include those parameters in the cloudformation

now for the fun part (user-data script):

1) Basic Tools and Dependencies

UserData:
Fn::Base64: !Sub |
#!/bin/bash -xe
sudo yum update -y
sudo amazon-linux-extras install corretto8
sudo yum install jq unzip git -y

Firstly, we want to make sure all is up to date and that we enable corretto8 . Also, we want to install basic tools such as: unzip, jq, and git

note: at the moment of this article v8 of Corretto was the only one that worked for Jenkins.

2) Jenkins Installation

#fetch jenkins repo entry
sudo wget -O /etc/yum.repos.d/jenkins.repo http://pkg.jenkins-ci.org/redhat/jenkins.repo
#import key info
sudo rpm --import https://pkg.jenkins.io/redhat/jenkins.io.key
#install jenkins
sudo yum install jenkins -y
#start jenkins service
sudo service jenkins start

3) Install Packer and Terraform

NOTE: Some may prefer to install the plugins. through the Jenkins console — I think that’s better too.

sudo wget https://releases.hashicorp.com/terraform/0.12.24/terraform_0.12.24_linux_amd64.zip -O terraform.zip
sudo unzip terraform.zip && rm terraform.zip -f && sudo mv terraform /bin/terraform
sudo wget https://releases.hashicorp.com/packer/1.5.5/packer_1.5.5_linux_amd64.zip -O packer.zip
sudo unzip packer.zip && rm packer.zip -f && sudo mv packer /bin/packer.io

Please notice that we renamed the packer binary to “packer.io”

4) Generate SSH Key and SSM Parameters

sudo ssh-keygen -t rsa -f /home/ec2-user/.ssh/id_rsa -q -P ""
sudo chmod 775 /home/ec2-user/.ssh/id_rsa && sudo chmod 775 /home/ec2-user/.ssh/id_rsa
JenkinsPWD="/var/lib/jenkins/secrets/initialAdminPassword"
PrvKey="/home/ec2-user/.ssh/id_rsa"
PubKey="/home/ec2-user/.ssh/id_rsa.pub"
aws ssm put-parameter --region us-east-1 --name /jenkins/initialAdminPassword --value file://$JenkinsPWD --type String --overwrite
aws ssm put-parameter --region us-east-1 --name /jenkins/SSH-Git-PrivateKey --value file://$PrvKey --type String --overwrite
aws ssm put-parameter --region us-east-1 --name /jenkins/SSH-Git-PublicKey --value file://$PubKey --type String --overwrite

NOTE: Remember to encrypt the parameter or better yet, use Secrets Manager!

Awesome, now your Jenkins server is ready for you to set it up using the parameters we just generated. No need to SSH and cat the values when you can access the console and view the parameters. Additionally, you can now add the SSH credentials to both Jenkins and Github and start building pipelines with Github as SCM.