Plan
The project consists of two big parts. The first part is the manual installation of components, the second is the automated(scripted) installation.
Used components and tools for the first part:
- Google Compute Engine
- Ubuntu 18.04
- Nginx
- Jenkins
- Docker
- Kubernetes
- Nexus
Used components and tools for the second part:
- Terraform
- Ansible
- Google Compute Engine
- Ubuntu 18.04
- Nginx
- Jenkins
- Docker
- Kubernetes
- Nexus
Part 1.1
Installation
Docker Installation
We are going to install Docker by official documentation: https://docs.docker.com/engine/install/ubuntu/
- Uninstall old versions
sudo apt remove docker docker-engine docker.io containerd runc
- Install packages to allow apt to use a repository over HTTPS:
sudo apt install apt-transport-https ca-certificates curl gnupg-agent software-properties-common
- Add Docker’s official GPG key:
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
- Set up the repository
sudo apt-key fingerprint 0EBFCD88 sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu \ $(lsb_release -cs) \ stable"
- Install Docker Engine
sudo apt update sudo apt install docker-ce docker-ce-cli containerd.io
Jenkins Installation
We are going to install Jenkins by official documentation: https://jenkins.io/doc/book/installing/#debianubuntu
- Install OpenJDK-8
sudo apt install openjdk-8-jdk
- Set up the repository
wget -q -O - https://pkg.jenkins.io/debian/jenkins.io.key | sudo apt-key add -
sudo sh -c 'echo deb https://pkg.jenkins.io/debian binary/ > \ /etc/apt/sources.list.d/jenkins.list'
- Install Docker Engine
sudo apt update sudo apt install jenkins
- Adding Jenkins user to the Docker group
sudo usermod -a -G docker jenkins
- Copy Jenkins default password
cat /var/lib/jenkins/secrets/initialAdminPassword
- Install suggested plugins
- Create Admin user
Nginx Installation and configuration
Configs: https://github.com/Thalamus-am/CI-CD-for-Java-Project/tree/master/Nginx%20configs
- Create SSL Certificate
openssl req -x509 -nodes -days 1095 -newkey rsa:2048 -keyout /etc/ssl/private/thalamus.key -out /etc/ssl/certs/thalamus.crt
- Nginx Installation
sudo apt install nginx
- Removing default configs
sudo rm /etc/nginx/sites-available/default || sudo rm /etc/nginx/sites-enabled/default || true
- Creating Nginx config file for Jenkins
sudo vim /etc/nginx/sites-available/jenkins
Add the following configs to the file.
server {
listen 80;
listen [::]:80;
server_name jenkins.thalamus.am;
return 301 https://jenkins.thalamus.am$request_uri;
}
server {
listen 443 ssl;
server_name jenkins.thalamus.am;
ssl on;
ssl_certificate /etc/ssl/certs/thalamus.crt;
ssl_certificate_key /etc/ssl/private/thalamus.key;
access_log /var/log/nginx/jenkins.access.log;
error_log /var/log/nginx/jenkins.error.log;
location / {
proxy_pass http://127.0.0.1:8080;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
- Enable the config file
sudo ln -s /etc/nginx/sites-available/jenkins /etc/nginx/sites-enabled/
- Rebooting Nginx service
systemctl restart nginx
Nexus Installation and configuration
We are going to run Nexus as Docker container: https://hub.docker.com/r/sonatype/nexus3/
- Running Container
docker volume create nexus docker run -d -p 8081:8081 -p 8123:8123 --name nexus --restart=always -v nexus:/nexus-data sonatype/nexus3
- Creating Nginx config file for Nexus
sudo vim /etc/nginx/sites-available/nexus
Add the following configs to the file.
server {
listen 80 default;
server_name nexus.thalamus.am;
return 301 https://nexus.thalamus.am$request_uri;
}
server {
listen 443 ssl default;
server_name nexus.thalamus.am;
ssl on;
ssl_certificate /etc/ssl/certs/thalamus.crt;
ssl_certificate_key /etc/ssl/private/thalamus.key;
access_log /var/log/nginx/nexus.access.log;
error_log /var/log/nginx/nexus.error.log;
location / {
proxy_pass http://127.0.0.1:8081;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
- Enable the config file
sudo ln -s /etc/nginx/sites-available/nexus /etc/nginx/sites-enabled/
- Rebooting Nginx service
systemctl restart nginx
- Getting Nexus admin password
cat $(docker inspect -f '{{ (index .Mounts 0).Source }}' nexus)/admin.password
- Setup
- Change Admin Password
- Create Docker repository
5. Choose any unique name for your repo
6. Choose connector port (default for docker registry is 5000 but we are going to use 8123)
7. Enable docker V1 (optional)
- Creating Nginx config for Nexus Docker repo
sudo vim /etc/nginx/sites-available/dockerhub
Add the following configs to the file.
server {
listen 80;
server_name dockerhub.thalamus.am;
return 301 https://dockerhub.thalamus.am$request_uri;
}
server {
listen 443 ssl;
server_name dockerhub.thalamus.am;
proxy_send_timeout 120;
proxy_read_timeout 300;
proxy_buffering off;
tcp_nodelay on;
server_tokens off;
client_max_body_size 1G;
ssl on;
ssl_certificate /etc/ssl/certs/thalamus.crt;
ssl_certificate_key /etc/ssl/private/thalamus.key;
keepalive_timeout 60;
ssl_ciphers HIGH:!kEDH:!ADH:!MD5:@STRENGTH;
ssl_session_cache shared:TLSSSL:16m;
ssl_session_timeout 10m;
ssl_prefer_server_ciphers on;
access_log /var/log/nginx/dockerhub.access.log;
error_log /var/log/nginx/dockerhub.error.log;
location / {
proxy_pass http://127.0.0.1:8123;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_read_timeout 90;
}
}
- Enable the config file
sudo ln -s /etc/nginx/sites-available/dockerhub /etc/nginx/sites-enabled/
- Rebooting Nginx service
systemctl restart nginx
Installing kubectl
- Set up the repository
curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo apt-key add - cat << EOF | sudo tee /etc/apt/sources.list.d/kubernetes.list deb https://apt.kubernetes.io/ kubernetes-xenial main EOF
- Install kubectl
sudo apt update apt install -y kubectl=1.15.7-00
Thank you for reading!