GithubHelp home page GithubHelp logo

joseberrocal / able_project_infraestructure_01 Goto Github PK

View Code? Open in Web Editor NEW
0.0 1.0 0.0 464 KB

Deploy an infraestructure with load balancer, priv/pub network using cloudformation and adding jumpserver using jenkins

Makefile 62.21% Shell 37.79%
cloudformation infraestructure aws-cli

able_project_infraestructure_01's Introduction

CircleCI WorkFlow Actions Status

Able_Project_Infraestructure_01

Using my Udacity project as a base I prepare for the interview testing cloudformation circleci and github jobs

Overview

The main focus for this project is to deploy a webserver in a VPC, inside a subnet. Only a personal PC will be able to reach the webserver. The CI will be important to check in this project.

Project Tasks

This project goal is to prepare for the Able interview, create different possible scenarios and be ready during the execution. In this project you will:

  • Create a new user
  • Provide roles to the new user
  • Test your project code using linting
  • Configure CI using CircleCi and Github Jobs
  • Deploy the infraestructure using cloudformation
  • Deploy the network using cloudformation
  • Create the appropiate permitions to deploy the complete infraestructure
  • Deploy jump server using cloudformation

Project Plan

Pre-requisites

  1. Create the user
  2. Create a policy with the following permissions:
    • iam:CreateInstanceProfile
    • iam:DeleteInstanceProfile
    • iam:PassRole
    • iam:DeleteRolePolicy
    • iam:RemoveRoleFromInstanceProfile
    • iam:CreateRole
    • iam:DeleteRole
    • iam:PutRolePolicy
    • iam:AddRoleToInstanceProfile
  3. Add the following policies to a user:
    • AmazonEC2FullAccess
    • AWSCloudFormationFullAccess
    • Policy from point 2.
  4. Configure the user in aws cli in your standalone environment
  5. Configure the user in aws cli in your jenkins environment
  6. Create a KeyPair (For this case I use "jb_aws_keypair.pem")

Instructions

  • Architectural Diagram alt text

1. Running the infraestructure in a standalone environment

a. Clone this repository in your local environment

b. Configure the user in your aws cli

c. Execute the following commands

cd infraestructure
sh create.sh  Able-Infra able-infra.yml able-infra-param.json
sh create.sh  Able-servers able-servers.yml able-servers-param.json
# To create the jumpserver
cd ../jumpserver
sh create.sh Able-jumpserv able-jump.yml able-jump-param.json

d. Test connection to the webserver, use the following URL

(.able-infra) [casita@localhost infraestructure]$ aws cloudformation list-exports  | grep -A1 "Able-Project-WebAppLBDNSName"
            "Name": "Able-Project-WebAppLBDNSName",
            "Value": "http://Able-WebAp-1GNX8CGTJLCXE-605727472.us-west-2.elb.amazonaws.com"
(.able-infra) [casita@localhost infraestructure]$

2. Running the infraestructure using a pipeline

a. The repository is associated to a jenkins server, the CD will be automated.

  • To deploy the infraestructure and the network, run the jenkins branch
  • To create the jumpserver, run the jump branch

b. Test connection to the webserver, use the following URL

(.able-infra) [casita@localhost infraestructure]$ aws cloudformation list-exports  | grep -A1 "Able-Project-WebAppLBDNSName"
            "Name": "Able-Project-WebAppLBDNSName",
            "Value": "http://Able-WebAp-1GNX8CGTJLCXE-605727472.us-west-2.elb.amazonaws.com"
(.able-infra) [casita@localhost infraestructure]$

The output will be the following: alt text

3. Connect to the servers in the Private Network

a. Create KeyPairs (In my case I will use only one KeyPairs for both "jb_aws_keypair.pem")

  • For the Jump Server in the Public Network
  • For the Servers in the Private Network
#Stablish the connection to the Jump Server
ssh -i "jb_aws_keypair.pem" [email protected]
exit
#Copy the KeyPairs to the Jump Server
scp -i "jb_aws_keypair.pem" jb_aws_keypair.pem  [email protected]:/home/ubuntu
#Connect to the Jump Server
ssh -i "jb_aws_keypair.pem" [email protected]
#Connect to one of the servers in the Private Network
ssh -i "jb_aws_keypair.pem" [email protected]

Enhancements

To improve the project it will be required to deploy new scenarios, like deploy subnets inside AZ

able_project_infraestructure_01's People

Contributors

joseberrocal avatar

Watchers

avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.