How to Setup Jenkins on AWS Using CloudFormation

Mohammad Abu Mattar
AWS , Jenkins , CloudFormation , DevOps , CI/CD
Published: 11 Dec, 2022
05 Mins read

← Previous Part How to CI/CD AWS With Github using Jenkins

Introduction

In a previous blog post, we setup Jenkins on AWS using the AWS CLI (How to Install Jenkins on AWS EC2 Instance). In this blog post, we will be using CloudFormation to setup Jenkins on AWS. CloudFormation is a service that helps you model and set up your AWS resources so that you can spend less time managing those resources and more time focusing on your applications that run on AWS.

Prerequisites

AWS CLI installed and configured
IAM user with the following permissions:
- AmazonVPCFullAccess
- AmazonEC2FullAccess
- AmazonS3FullAccess

Create a CloudFormation

Step 1: Create a Key Pair

Create a key pair to access the EC2 instance via SSH.

1
# Create a key pair
2
aws ec2 create-key-pair \
3
  --key-name jenkins-server-key-pair \
4
  --query 'KeyMaterial' \
5
  --output text > jenkins-server-key-pair.pem
6

7
# Change the permission of the key pair
8
chmod 400 jenkins-server-key-pair.pem

Note

Store the key pair at a safe place. You will need it to access the EC2 instance via SSH.

Step 2: Create a CloudFormation Template

Create a file named jenkins-server.yml and add the following content:

1
touch jenkins-server.yml

1
AWSTemplateFormatVersion: 2010-09-09
2
Description: >-
3
  This template creates a VPC with a public subnet and an EC2 instance with
4
  Jenkins installed. The EC2 instance is accessible via SSH and HTTP.
5

6
Parameters:
7
  VPCCidrBlock:
8
    Description: CIDR block for the VPC
9
    Type: String
10
    Default: 15.0.0.0/16
11
    AllowedPattern: (\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})/(\d{1,2})
12
    ConstraintDescription: must be a valid IP CIDR range of the form x.x.x.x/x.
13
  VPCName:
14
    Description: Name of the VPC
15
    Type: String
16
    Default: jenkins-server-vpc
17
    AllowedPattern: ^[a-zA-Z0-9-]*$
18
    ConstraintDescription: must be a valid VPC name.
19
  PublicSubnetCidrBlock:
20
    Description: CIDR block for the public subnet
21
    Type: String
22
    Default: 15.0.1.0/24
23
    AllowedPattern: (\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})/(\d{1,2})
24
    ConstraintDescription: must be a valid IP CIDR range of the form x.x.x.x/x.
25
  PublicSubnetAvailabilityZone:
26
    Description: Availability zone for the public subnet
27
    Type: String
28
    Default: us-east-1a
29
  PublicSubnetName:
30
    Description: Name of the public subnet
31
    Type: String
32
    Default: jenkins-server-public-subnet
33
    AllowedPattern: ^[a-zA-Z0-9-]*$
34
    ConstraintDescription: must be a valid subnet name.
35
  InternetGatewayName:
36
    Description: Name of the internet gateway
37
    Type: String
38
    Default: jenkins-server-internet-gateway
39
    AllowedPattern: ^[a-zA-Z0-9-]*$
40
    ConstraintDescription: must be a valid internet gateway name.
41
  PublicRouteTableName:
42
    Description: Name of the public route table
43
    Type: String
44
    Default: jenkins-server-public-route-table
45
    AllowedPattern: ^[a-zA-Z0-9-]*$
46
    ConstraintDescription: must be a valid route table name.
47
  SecurityGroupName:
48
    Description: Name of the security group
49
    Type: String
50
    Default: jenkins-server-security-group
51
    AllowedPattern: ^[a-zA-Z0-9-]*$
52
    ConstraintDescription: must be a valid security group name.
53
  KeyPairName:
54
    Description: Name of an existing EC2 KeyPair to enable SSH access to the instances
55
    Type: AWS::EC2::KeyPair::KeyName
56
    Default: jenkins-server-key-pair
57
    ConstraintDescription: must be the name of an existing EC2 KeyPair.
58
  InstanceImageId:
59
    Description: Image ID of the instance
60
    Type: String
61
    Default: ami-0b0dcb5067f052a63
62
    AllowedPattern: ami-[a-z0-9]*
63
    ConstraintDescription: must be a valid AMI ID.
64
  InstanceType:
65
    Description: Enter the instance type for the instance
66
    Type: String
67
    Default: t2.micro
68
    AllowedValues:
69
      - t1.micro
70
      - t2.nano
71
      - t2.micro
72
      - t2.small
73
      - t2.medium
74
      - t2.large
75
      - m1.small
76
      - m1.medium
77
      - m1.large
78
      - m1.xlarge
79
      - m2.xlarge
80
      - m2.2xlarge
81
      - m2.4xlarge
82
      - m3.medium
83
      - m3.large
84
      - m3.xlarge
85
      - m3.2xlarge
86
      - m4.large
87
      - m4.xlarge
88
      - m4.2xlarge
89
      - m4.4xlarge
90
      - m4.10xlarge
91
      - c1.medium
92
      - c1.xlarge
93
      - c3.large
94
      - c3.xlarge
95
      - c3.2xlarge
96
      - c3.4xlarge
97
      - c3.8xlarge
98
      - c4.large
99
      - c4.xlarge
100
      - c4.2xlarge
101
      - c4.4xlarge
102
      - c4.8xlarge
103
      - g2.2xlarge
104
      - g2.8xlarge
105
      - r3.large
106
      - r3.xlarge
107
      - r3.2xlarge
108
      - r3.4xlarge
109
      - r3.8xlarge
110
      - i2.xlarge
111
      - i2.2xlarge
112
      - i2.4xlarge
113
      - i2.8xlarge
114
      - d2.xlarge
115
      - d2.2xlarge
116
      - d2.4xlarge
117
      - d2.8xlarge
118
      - hi1.4xlarge
119
      - hs1.8xlarge
120
      - cr1.8xlarge
121
      - cc2.8xlarge
122
      - cg1.4xlarge
123
    ConstraintDescription: must be a valid EC2 instance type.
124
  InstanceName:
125
    Description: Name of the instance
126
    Type: String
127
    Default: jenkins-server-instance
128
    AllowedPattern: ^[a-zA-Z0-9-]*$
129
    ConstraintDescription: must be a valid instance name.
130
  ElasticIPAddressName:
131
    Description: Name of the elastic IP address
132
    Type: String
133
    Default: jenkins-server-elastic-ip
134
    AllowedPattern: ^[a-zA-Z0-9-]*$
135
    ConstraintDescription: must be a valid elastic IP address name.
136

137
Resources:
138
  VPC:
139
    Type: AWS::EC2::VPC
140
    Properties:
141
      CidrBlock: !Ref VPCCidrBlock
142
      EnableDnsSupport: true
143
      EnableDnsHostnames: true
144
      Tags:
145
        - Key: Name
146
          Value: !Ref VPCName
147
  PublicSubnet:
148
    Type: AWS::EC2::Subnet
149
    Properties:
150
      VpcId: !Ref VPC
151
      CidrBlock: !Ref PublicSubnetCidrBlock
152
      AvailabilityZone: !Ref PublicSubnetAvailabilityZone
153
      MapPublicIpOnLaunch: true
154
      Tags:
155
        - Key: Name
156
          Value: !Ref PublicSubnetName
157
  InternetGateway:
158
    Type: AWS::EC2::InternetGateway
159
    Properties:
160
      Tags:
161
        - Key: Name
162
          Value: !Ref InternetGatewayName
163
  InternetGatewayAttachment:
164
    Type: AWS::EC2::VPCGatewayAttachment
165
    Properties:
166
      VpcId: !Ref VPC
167
      InternetGatewayId: !Ref InternetGateway
168
  PublicRouteTable:
169
    Type: AWS::EC2::RouteTable
170
    Properties:
171
      VpcId: !Ref VPC
172
      Tags:
173
        - Key: Name
174
          Value: !Ref PublicRouteTableName
175
  PublicRoute:
176
    Type: AWS::EC2::Route
177
    DependsOn: InternetGatewayAttachment
178
    Properties:
179
      RouteTableId: !Ref PublicRouteTable
180
      DestinationCidrBlock: 0.0.0.0/0
181
      GatewayId: !Ref InternetGateway
182
  PublicSubnetRouteTableAssociation:
183
    Type: AWS::EC2::SubnetRouteTableAssociation
184
    Properties:
185
      SubnetId: !Ref PublicSubnet
186
      RouteTableId: !Ref PublicRouteTable
187
  SecurityGroup:
188
    Type: AWS::EC2::SecurityGroup
189
    Properties:
190
      GroupDescription: Jenkins
191
      VpcId: !Ref VPC
192
      SecurityGroupIngress:
193
        - IpProtocol: tcp
194
          FromPort: 22
195
          ToPort: 22
196
          CidrIp: 0.0.0.0/0
197
        - IpProtocol: tcp
198
          FromPort: 80
199
          ToPort: 80
200
          CidrIp: 0.0.0.0/0
201
        - IpProtocol: tcp
202
          FromPort: 443
203
          ToPort: 443
204
          CidrIp: 0.0.0.0/0
205
        - IpProtocol: tcp
206
          FromPort: 8080
207
          ToPort: 8080
208
          CidrIp: 0.0.0.0/0
209
      Tags:
210
        - Key: Name
211
          Value: !Ref SecurityGroupName
212
  Instance:
213
    Type: AWS::EC2::Instance
214
    Properties:
215
      ImageId: !Ref InstanceImageId
216
      InstanceType: !Ref InstanceType
217
      KeyName: !Ref KeyPairName
218
      NetworkInterfaces:
219
        - DeviceIndex: 0
220
          SubnetId: !Ref PublicSubnet
221
          GroupSet:
222
            - !Ref SecurityGroup
223
      UserData:
224
        Fn::Base64: !Sub |
225
          #!/bin/bash
226
          sudo yum update -y
227
          sudo wget -O /etc/yum.repos.d/jenkins.repo https://pkg.jenkins.io/redhat-stable/jenkins.repo
228
          sudo rpm --import https://pkg.jenkins.io/redhat-stable/jenkins.io.key
229
          sudo yum upgrade
230
          sudo amazon-linux-extras install java-openjdk11 -y
231
          sudo yum install jenkins -y
232
          sudo systemctl start jenkins
233
          sudo systemctl enable jenkins
234
          sudo yum install git -y
235
      Tags:
236
        - Key: Name
237
          Value: !Ref InstanceName
238
  ElasticIP:
239
    Type: AWS::EC2::EIP
240
    Properties:
241
      Domain: vpc
242
      NetworkBorderGroup: !Ref AWS::Region
243
      Tags:
244
        - Key: Name
245
          Value: !Ref ElasticIPAddressName
246
  ElasticIPAssociation:
247
    Type: AWS::EC2::EIPAssociation
248
    Properties:
249
      InstanceId: !Ref Instance
250
      EIP: !Ref ElasticIP
251

252
Mappings:
253
  AWSRegionArch2AMI:
254
    us-east-1:
255
      HVM64: ami-0b69ea66ff7391e80
256
      HVMG2: ami-0b69ea66ff7391e80
257
    us-east-2:
258
      HVM64: ami-0b69ea66ff7391e80
259
      HVMG2: ami-0b69ea66ff7391e80
260

261
Outputs:
262
  GetJenkinsDashboard:
263
    Description: URL to use for Jenkins dashboard
264
    Value: !Join
265
      - ''
266
      - - 'http://'
267
        - !GetAtt Instance.PublicDnsName
268
        - ':8080'
269
  GitHubWebhookURL:
270
    Description: URL to use for GitHub webhooks
271
    Value: !Join
272
      - ''
273
      - - 'http://'
274
        - !GetAtt Instance.PublicDnsName
275
        - ':8080/github-webhook/'

Step 3: Create a CloudFormation Stack

Now that you have created a template, you can create a stack using the AWS CLI.

1
aws cloudformation create-stack \
2
    --stack-name jenkins-server \
3
    --template-body file://jenkins-server.yml

Step 4: Check the Status of the Stack

You can check the status of the stack using the AWS CLI.

1
aws cloudformation describe-stacks \
2
    --stack-name jenkins-server

Step 5: Access the Jenkins Server

You can access the Jenkins server using the public IP address of the instance.

1
# Get the public IP address of the Jenkins server instance
2
AWS_PUBLIC_IP=$(aws ec2 describe-instances \
3
  --filters "Name=tag:Name,Values=jenkins-server-instance" \
4
  --query "Reservations[*].Instances[*].PublicIpAddress" \
5
  --output text)
6

7
# Open the Jenkins dashboard in the browser
8
echo "http://${AWS_PUBLIC_IP}:8080"

Connect to the Jenkins Server, and Setup Jenkins

Step 1: Connect to the Jenkins Server

Connect to the Jenkins server using SSH.

1
# Get the public IP address of the Jenkins server instance
2
AWS_PUBLIC_IP=$(aws ec2 describe-instances \
3
  --filters "Name=tag:Name,Values=jenkins-server-instance" \
4
  --query "Reservations[*].Instances[*].PublicIpAddress" \
5
  --output text)
6

7
# Connect to the Jenkins server instance via SSH
8
ssh -i jenkins-server-key-pair.pem ec2-user@${AWS_PUBLIC_IP}

Step 6: Configure Jenkins

Connect to EC2 instance using SSH and run the following commands to configure Jenkins.

1
sudo cat /var/lib/jenkins/secrets/initialAdminPassword

jenkins-initial-password

Copy the initial password and paste it in the Jenkins login page.

jenkins-login

Select the recommended plugins and click on the Install button.

jenkins-install-plugins

Create an admin user and click on the Save and Finish button.

jenkins-create-admin-user

Done! You have successfully setup Jenkins on AWS using CloudFormation.

jenkins-dashboard

Cleanup

You can delete the stack using the AWS CLI.

1
# Delete the stack
2
aws cloudformation delete-stack \
3
    --stack-name jenkins-server
4

5
# Check the status of the stack
6
aws cloudformation describe-stacks \
7
    --stack-name jenkins-server
8

9
# Delete the key pair
10
aws ec2 delete-key-pair \
11
    --key-name jenkins-server-key-pair

Conclusion

In this article, we have learned how to setup Jenkins on AWS using CloudFormation. We have also learned how to create a CloudFormation template and create a stack using the AWS CLI.