Fork the CIOps repo (link)
Clone the CIOps repo which you forked in your local machine
Go to the CIOps repo and checkout UPYOG-Bootcamp branch
Change the docker Hub details at the following places:
1. Change the value of DOCKER_NAMESPACE in vars/jobBuilder.groovy (link)
2. Replace the {{DOCKER_ACCOUNT}} in vars/buildPipeline.groovy. Replace at all the places. (link1, link2, link3)Push the changes to the master branch of your forked CIOps repository
Fork the UPYOG-DevOps repo (link) and clone the repo in your local machine
Checkout UPYOG-Bootcamp-jenkins branch.
Go to UPYOG-DevOps/infra-as-code/terraform/egov-cicd/remote-state
Change the bucket name and aws_dynamo_table name. (Replace the try-cicd-workshop-yourname which is a placeholder value)
Set the AWS credentials and cross-check using aws configure list
Run terraform:
Code Block terraform init terraform plan terraform apply
12. Now cd to egov-cicd folder using cd ..
13. Change the bucket name in s3 backend to the name you have used in previous terraform
14. Change the value of cluster_name and ssh_key_name in variable.tf
15. Run terraform:
Code Block |
---|
terraform init
terraform plan
terraform apply |
16. Note down the volumeId on the terminal
17. Go to the UPYOG-DevOps/tree/UPYOG-Bootcamp-jenkins/config-as-code/environments folder and update the following values in ci.yaml and ci-secret.yaml:
ci.yaml
1. Add domain
2. Add volumeId
3. Change teams in ouath
4. Change repos in jobBuilder
5. Put emailId in cert-manager
ci-secret.yaml
1. Add clientId and clientSecret
2. Add gitReadSshPrivateKey
3. Add gitReadAccessToken
4. Add dockerConfigJson
5. Add docker userName and Password
Add Kubernetes config (Make sure you add namespace in context in kube config)
18. Now go to Github and generate clientId, client secret and git read access token as per this steps -
a. GitHub OAuth App Creation to get clientId and client secret key
1. Follow the GitHub OAuth app
2. Homepage URL:- mention your domain name eg. https://<your_domain_name>
3. Authorization callback URL:- https://<your_domain_name>/securityRealm/finishLogin
b. To create gitReadAccess token follow the below documentation
Creating a personal access token - GitHub Enterprise Server 3.4 Docs
19. Create a key pair and add the public key to github account -
a. Using online website (not recommended in prod setup. To be only used for demo setups): https://8gwifi.org/sshfunctions.jsp
b. Using openssl :
Code Block |
---|
openssl genpkey -algorithm RSA -out private_key.pem
openssl rsa -pubout -in private_key.pem -out public_key.pem |
20. Now go to UPYOG-DevOps/tree/UPYOG-Bootcamp-jenkins/config-as-code/helm/charts/backbone-services/jenkins and edit values.yaml
21. In values.yaml change the CIOps repo to your forked one (link)
22. In values.yaml change the Devops repo to your forked one(link)
23. In values.yaml change the job name to what you have added in ci-secret.yaml(link)(This is a sample job name against which the kube config is added)
24. Export the kube config using export KUBECONFIG=<path> (The kube config is generated and saved after you run terraform in egov-cicd folder)
25. Cross check using: kubectl config current-context
26. Go to UPYOG-DevOps/tree/UPYOG-Bootcamp-jenkins/deploy-as-code/deployer and run the following command:
Code Block |
---|
go run main.go deploy -c -e ci 'jenkins,kaniko-cache-warmer,ingress-nginx,cert-manager' |
27. Get the load balancer IP using:
Code Block |
---|
kubectl get svc nginx-ingress-controller -n jenkins -o jsonpath='{.status.loadBalancer.ingress[0].hostname}' |
28. Register the load balancer IP against the domain in your DNS provider.