OCI Automate Jenkins Server/Private Docker Registry

*Disclaimer! This is not production level code. Should be treated as a resource on how to automate Jenkins and a Docker Registry on Oracle Cloud Infrastructure.

Modify the env.sh file to match your configurations to point to your cloud environment.

###################### Environment Setup  ####################################3

export TF_VAR_tenancy_ocid="ocid1.tenancy.oc1.xxx"
#Enter Your Compartment OCID
export TF_VAR_compartment_ocid="ocid1.compartment.oc1..aaxxx"
#Enter Your User OCID
export TF_VAR_user_ocid="ocid1.user.oc1..aaaaaaaacnlcisahxxx"
#Enter Your Fingerprint
export TF_VAR_fingerprint="fb:93:b0:6c:ac:f2:42xxx"
#Enter Your Region
export TF_VAR_region="us-ashburn-1"

#Change following fields to point to correct keys
export TF_VAR_private_key_path="userdata/eshneken-bmcs.pem"
export TF_VAR_ssh_public_key_path="userdata/eshneken-opc.pub"
export TF_VAR_ssh_public_key=$(cat userdata/eshneken-opc.pub)
export TF_VAR_ssh_authorized_private_key=$(cat userdata/eshneken-opc)

export TF_VAR_docker_user="demouser"
export TF_VAR_docker_password=""

Missing directories :

• userdata

Check the userdata directory for more information on what to add.

The userdata directory contains your APIkey.pem (logs you into your cloud account) as well as your public and private ssh keys you will use to log into your newly created instances. If you need help creating either of these take a look at Oracle's documentation: https://docs.us-phoenix-1.oraclecloud.com/Content/API/Concepts/apisigningkey.htm.

• Create the APIkey.pem file.
• Don't forget to also add your private and public ssh keys into the userdata directory.

terraform plan -out=plan.out

terraform apply plan.out

DESTROY EVERYTHING!

terraform destroy ... yes

This repo covers these steps from https://github.com/eshneken/terraform-bmcs-weblogic-jenkins-chef:

Environment Setup

First, make sure that you have an Oracle OCI account and know all the important things like tenancy OCID, compartment OCID, User OCID, User fingerprint, etc.

Next, make sure you have visited Hosted Chef and create an account for yourself with an organization. Alternatively, you can always use a Chef instance that you set up on a local server but this seems silly given the ease of using the hosted version.

After that, make sure that you've installed the Chef development kit on your local machine by following these instructions.

Finally, you probably want to fork this repository since you'll want to make changes in GitHub for your own environment. Because we're demonstrating IaC principles, Jenkins pulls from a Git repo so you will actually need to make changes in Git to point to your own stuff to make things work

Install a Jenkins Server and Private Docker Registry

I recommend doing this in OCI (after all, why not?) so create a VCN, make sure your security list allows 8080 (default Jenkins port) & 5000 (docker registry port), and create a compute instance. Log into that instance and make sure to disable the local firewall; here are the sample commands for OEL/RHEL/CentOS 7:

sudo service firewalld stop
sudo systemctl disable firewalld

Now, SSH into your new instance and do the following:

Install Jenkins

wget -O bitnami-jenkins-linux-installer.run https://bitnami.com/stack/jenkins/download_latest/linux-x64
chmod 755 bitnami-jenkins-linux-installer.run
./bitnami-jenkins-linux-installer.run

Install Private Docker Registry

First, install the Docker binaries on this instance:

curl -sSL https://get.docker.com/ | sh
sudo usermod -aG docker opc

Then, create a /etc/docker/daemon.json file and add the following config:

{ "insecure-registries":["REGISTRY_IP:5000"] }

where REGISTRY_IP is replaced with the public ip address of the instance you're connected to. Then, execute the following commans to complete the installation:

sudo systemctl enable docker
sudo systemctl start docker
sudo docker run -d -p 5000:5000 --restart=always --name registry registry:2

Copy Terraform userdata to the Jenkins build server

Once you've populated your local contents of the /terraform/userdata directory with the correct files (and correct file permissions for keys) based on the contents of readme.txt you will need to move them up to your Jenkins build server. Here is a sample of how I did it:

scp -r -i ~/Keys/eshneken-opc userdata opc@129.213.60.3:/home/opc

Install Terraform & OCI Provider

Install Terraform binary and OCI provider by following the instructions here. Make sure to put the Terraform binaries in the OPC user home directory.

Install OCI Command Line Interface (CLI)

Install the OCI CLI by following the instructions here. Make sure to put the OCI provider plugin in the OPC user home directory.

Populate the Docker Registry

Now that you have a private registry configured in the cloud, you want to put an image into it that can be pulled by Chef during environment configuration. In a real workflow this can be pushed as part of a CI/CD flow but for this sample we assumed a base Weblogic 12.2.1.2 image pulled from the Docker Store.

First, navigate to the Docker Store in your favorite browser, get the official Weblogic image, and accept all the license conditions.

Then, execute the following in your local Docker environment (which should be tied to your DockerHub account thereby enabling you to access items you've regisatered for in the Docker Store):

docker pull store/oracle/weblogic:12.2.1.2
docker tag  store/oracle/weblogic:12.2.1.2 REGISTRY_IP:5000/weblogic-1221
docker push REGISTRY_IP:5000/weblogic-1221
docker image rm REGISTRY_IP:5000/weblogic-1221
docker image rm store/oracle/weblogic:12.2.1.2

where REGISTRY_IP is replaced with the public ip address of the instance on which you've set up the Docker Registry.