Table of contents
Overview
This article will explain how to write an EC2 User script to download packages before logging into an EC2 instance. An Ubuntu instance will be used in this demonstration to download a software called Jenkins (1). Jenkins is a CI/CD tool used to create pipelines and automate processes by building, testing and deploying applications.
Procedure
Log in to the AWS Console
Launch an EC2 instance
Under "Application and OS Images", choose the AMI type
Under "Network Settings", create a Security Group or select an already created Security Group that has "Allow SSH traffic from" and "Allow HTTP traffic from the internet".
It is recommended to “Allow SSH traffic from” your IP address to make sure, only the machine that is currently being used can access Jenkins and “Allow HTTPS traffic from the internet” for secure connections if this application is run for production.
- After creating the security group or using an existing security group, edit the Inbound rules to also include a Custom TCP port to allow port 8080. Jenkins runs on port 8080 by default. A security group can be edited by going to the EC2 dashboard and selecting "Security Groups" or the sidebar under the category "Network & Security". Afterwards, select the Security Group ID that has the same Security group name that is being used to edit the inbound rules.
- Under "Advanced details", the "User data - optional" is where the shell script is placed (2) to download packages before accessing an EC2.
- The first line of the script should have the shebang and where the bash file is found to execute shell scripts. Most operating systems have the bash file in the "/bin" directory. A shebang is written by first declaring "#!" and then the directory of the bash file and the word "bash" is written afterwards. The full shebang that should be written if the directory of the bash file is in /bin is:
#!/bin/bash
Every script runs with administrator privileges so do not include the word sudo in the User data (2).
Depending which AMI was chosen, every command must be written in respect of the AMI's package manager. Ubuntu uses the "apt" package manager.
Good practice is every Linux operating system should be updated and upgraded before installing any commands
#!/bin/bash
apt-get update
apt-get upgrade -y
Some download or package commands ask the user to say yes or no before installing them, writing "-y" means yes to automatically download or run some commands, such as "apt-get upgrade -y" in this case.
To download Jenkins, their website (2) instructs to download the commands for Debian operating systems shown down below after updating and upgrading the system:
#!/bin/bash
apt-get update
apt-get upgrade -y
wget -O /usr/share/keyrings/jenkins-keyring.asc https://pkg.jenkins.io/debian/jenkins.io-2023.key
echo deb [signed-by=/usr/share/keyrings/jenkins-keyring.asc] https://pkg.jenkins.io/debian binary/ | sudo tee /etc/apt/sources.list.d/jenkins.list > /dev/null
apt-get update
apt-get install fontconfig -y
apt-get install openjdk-17-jre -y
apt-get install jenkins -y
systemctl enable jenkins
systemctl start jenkins
The systemctl commands are also included to ensure that the Jenkins service is enabled, is started and the software could be accessed
After creating an EC2, log in into the instance. To log into an Ubuntu AMI uses this syntax:
ssh -i "name_of_key_pair_file".pem ubuntu@"IPv4 Public IP"
After logging into the EC2, it takes the EC2 a couple of seconds to run and download the commands from the User data script.
Open a new tab in an Internet Browser, and type in the url:
IPv4PublicIP:8080
- Typing in the IPv4 Public IP address generated from AWS and the port 8080 allows the user to access Jenkins
- To find the administrator password, type the command down below in the Terminal where the computer runs Jenkins:
cat /var/lib/jenkins/secrets/initialAdminPassword
If the command above needs admin privileges, use "sudo" before writing the command.
Sources
https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/user-data.html#user-data-shell-scripts (2)
https://pkg.jenkins.io/debian/ (3)
Source Code
https://github.com/AndrewDass1/SCRIPTS/tree/main/AWS/User%20Data%20Scripts/Ubuntu/Install%20Jenkins