프로젝트/AWS Fargate in Jenkins
AWS Fargate를 사용해 jenkins master <-> agent를 구성해보자. Part 1.
Hwan2
2023. 4. 1. 23:35
반응형
목차.
- https://hwan-shell.tistory.com/375 (Jenkins ECS Fargate 설명)
- https://hwan-shell.tistory.com/376 (네트워크 구축)
- https://hwan-shell.tistory.com/377 (ECS, Cloud Map, EFS 구축)
- https://hwan-shell.tistory.com/378 (Jenkins Node 설정 및 테스트)
이번에는 Jenkins에서 사용할 Network를 Terraform으로 만들어 봅니다.
Terraform 구조는 다음과 같습니다.
|-- main.tf
|-- resources
| |-- cloud_map
| | `-- main.tf
| |-- ecs
| | `-- main.tf
| |-- efs
| | `-- main.tf
| |-- elb
| | `-- main.tf
| |-- sg
| | `-- main.tf
| `-- vpc
| `-- main.tf
`-- terraform.tfstate
IP대역은 다음과 같이 잡습니다.
- VPC IP : 10.0.0.0/16
- Public Subnet AZa : 10.0.0.0/24
- Public Subnet AZc : 10.0.1.0/24
- Private Subnet AZa : 10.0.10.0/24
- Private Subnet AZc : 10.0.11.0/24
그 후 Internet Gateway와 Nat Gateway를 만든 후 Route table에 association 해줍니다.
테라폼 코드는 다음과 같습니다.
variables.tf
# Define a variable to create resources in the Jenkins VPC.
variable "jenkins_vpc_cidr" {
type = string
default = "10.0.0.0/16"
}
variable "jenkins_vpc_public_subnet" {
type = map(any)
default = {
public_subnet_az_a = {
cidr_block = "10.0.0.0/24"
availability_zone = "ap-northeast-2a"
name = "Jenkins Public Subnet AZ a"
}
public_subnet_az_c = {
cidr_block = "10.0.1.0/24"
availability_zone = "ap-northeast-2c"
name = "Jenkins Public Subnet AZ c"
}
}
}
variable "jenkins_vpc_private_subnet" {
type = map(any)
default = {
private_subnet_az_a = {
cidr_block = "10.0.10.0/24"
availability_zone = "ap-northeast-2a"
name = "Jenkins Private Subnet AZ a"
}
private_subnet_az_c = {
cidr_block = "10.0.11.0/24"
availability_zone = "ap-northeast-2c"
name = "Jenkins Private Subnet AZ c"
}
}
}
vpc/main.tf
# Defined jenkins vpc
resource "aws_vpc" "jenkins" {
cidr_block = var.jenkins_vpc_cidr
enable_dns_support = true
enable_dns_hostnames = true
tags = {
Name = "Jenkins VPC"
}
}
# Defined jenkins vpc subnet
resource "aws_subnet" "jenkins_vpc_public" {
for_each = var.jenkins_vpc_public_subnet
vpc_id = aws_vpc.jenkins.id
cidr_block = each.value.cidr_block
map_public_ip_on_launch = false
availability_zone = each.value.availability_zone
tags = {
Name = each.value.name
}
}
resource "aws_subnet" "jenkins_vpc_private" {
for_each = var.jenkins_vpc_private_subnet
vpc_id = aws_vpc.jenkins.id
cidr_block = each.value.cidr_block
availability_zone = each.value.availability_zone
tags = {
Name = each.value.name
}
}
# Defined jenkins vpc internet gateway and nat gateway
resource "aws_internet_gateway" "jenkins_vpc" {
vpc_id = aws_vpc.jenkins.id
tags = {
Name = "Jenkins VPC Internet Gateway"
}
}
resource "aws_eip" "jenkins_vpc" {
for_each = var.jenkins_vpc_public_subnet
vpc = true
tags = {
Name = "Jenkins VPC NAT EIP (${each.key})"
}
}
resource "aws_nat_gateway" "jenkins_vpc" {
for_each = aws_subnet.jenkins_vpc_public
allocation_id = aws_eip.jenkins_vpc[each.key].id
subnet_id = each.value.id
tags = {
Name = "Jenkins VPC NAT Gateway (${each.key})"
}
}
# Defined jenkins vpc route table
resource "aws_route_table" "jenkins_vpc_public" {
vpc_id = aws_vpc.jenkins.id
route {
cidr_block = "0.0.0.0/0"
gateway_id = aws_internet_gateway.jenkins_vpc.id
}
tags = {
Name = "Jenkins VPC Public Subnet Route Table"
}
}
resource "aws_route_table" "jenkins_vpc_private" {
for_each = aws_nat_gateway.jenkins_vpc
vpc_id = aws_vpc.jenkins.id
route {
cidr_block = "0.0.0.0/0"
nat_gateway_id = each.value.id
}
tags = {
Name = "Jenkins VPC Private Subnet Route Table (${each.key})"
}
}
# Defined jenkins vpc route table association
resource "aws_route_table_association" "public_route_table_association" {
for_each = aws_subnet.jenkins_vpc_public
subnet_id = each.value.id
route_table_id = aws_route_table.jenkins_vpc_public.id
}
resource "aws_route_table_association" "private_route_table_association_a" {
subnet_id = aws_subnet.jenkins_vpc_private["private_subnet_az_a"].id
route_table_id = aws_route_table.jenkins_vpc_private["public_subnet_az_a"].id
}
resource "aws_route_table_association" "private_route_table_association_c" {
subnet_id = aws_subnet.jenkins_vpc_private["private_subnet_az_c"].id
route_table_id = aws_route_table.jenkins_vpc_private["public_subnet_az_c"].id
}
네트워크를 간단하게 구성했으니, 다음 Part 2에선 EFS, ECS, CloudMap을 만들어 보겠습니다.
반응형