in jenkins-cdk/lib/jenkins-cdk-stack.ts [31:101]
constructor(scope: cdk.Construct, id: string, props?: cdk.StackProps) {
super(scope, id, props);
this.vpc = new ec2.Vpc(this, 'mac-vpc', {
cidr: "10.0.0.0/16",
maxAzs: 99,
});
this.jenkins_sg = new ec2.SecurityGroup(this, 'jenkins-sg', {
securityGroupName: "jenkins-sg",
vpc: this.vpc,
})
const lb = new elbv2.ApplicationLoadBalancer(this, 'alb-jenkins', {
vpc: this.vpc,
internetFacing: true
});
const listener = lb.addListener('alb-http-listener', {
port: 80,
open: true,
});
const userdata = ec2.UserData.forLinux()
userdata.addCommands(`
amazon-linux-extras install epel -y
wget -O /etc/yum.repos.d/jenkins.repo https://pkg.jenkins.io/redhat-stable/jenkins.repo
rpm --import https://pkg.jenkins.io/redhat-stable/jenkins.io.key
yum upgrade -y
yum install java-11-amazon-corretto-headless jenkins git -y
systemctl daemon-reload
systemctl start jenkins
systemctl status jenkins
`)
this.jenkins_sg.addIngressRule(this.jenkins_sg, ec2.Port.tcp(22), 'Allow ssh access from the Jenkins systems');
const asg = new autoscaling.AutoScalingGroup(this, 'jenkins-asg', {
vpc: this.vpc,
instanceType: ec2.InstanceType.of(ec2.InstanceClass.BURSTABLE3, ec2.InstanceSize.MEDIUM),
machineImage: new ec2.AmazonLinuxImage({
edition: AmazonLinuxEdition.STANDARD,
generation: AmazonLinuxGeneration.AMAZON_LINUX_2
}),
maxCapacity: 1,
minCapacity: 1,
desiredCapacity: 1,
userData: userdata,
securityGroup: this.jenkins_sg,
blockDevices: [{
deviceName: "/dev/xvda",
volume: autoscaling.BlockDeviceVolume.ebs(32, {volumeType: EbsDeviceVolumeType.GP2}),
}]
});
asg.role.addManagedPolicy(iam.ManagedPolicy.fromAwsManagedPolicyName('AmazonSSMManagedInstanceCore'))
listener.addTargets('jenkins-fleet', {
port: 8080,
targets: [asg],
healthCheck: {
path: '/login'
}
});
new cdk.CfnOutput(this, 'asg-url', {
value: lb.loadBalancerDnsName,
description: 'Loadbalancer url', // Optional
exportName: 'lb-url', // Registers a CloudFormation export named "TheAwesomeBucket"
});
}