Using Jenkins to Build Infrastructure with Terraform and Configure with Ansible

Learn how to automate infrastructure provisioning using Jenkins, Terraform, and Ansible, including secure repository access through a GitHub App Token.

Using Jenkins to Build Infrastructure with Terraform and Configure with Ansible

January 28, 2025
Posted by Luca Berton
Jenkins, Terraform, Ansible, DevOps, Infrastructure Automation, CI/CD

Introduction

Modern DevOps practices rely heavily on automation tools to streamline infrastructure provisioning and configuration management. Jenkins, Terraform, and Ansible are widely used tools that work seamlessly to accomplish these tasks. In this guide, we demonstrate how to orchestrate the process using Jenkins, provision the infrastructure with Terraform, and finalize configurations with Ansible. We also integrate GitHub securely using a GitHub App Token.

1. Workflow Overview

The workflow involves three primary tools:

Jenkins: CI/CD orchestrator that triggers and manages the process.
Terraform: Automates infrastructure provisioning (e.g., servers, networks).
Ansible: Configures the provisioned infrastructure (e.g., installing software, managing services).

Key Benefits

Automation: Eliminates manual effort, reducing errors.
Scalability: Easily adaptable to different environments.
Security: Uses GitHub App Tokens for secure repository access.

2. Setting Up Jenkins

Installation

Download and install Jenkins from the official Jenkins site.
Configure Jenkins with necessary plugins:
- Terraform
- Ansible
- GitHub Integration

Configure GitHub Token in Jenkins

Create a GitHub App Token:
- Go to Settings > Developer Settings > Personal Access Tokens > Fine-grained Tokens.
- Generate a token with read-only access to repositories.
Add the token to Jenkins:
- Navigate to Manage Jenkins > Credentials > Global Credentials.
- Add the GitHub token with an appropriate ID (e.g., github-token).

3. Writing the Terraform Configuration

Example Terraform Script

Here’s a sample configuration to create an AWS EC2 instance:

provider "aws" {
  region = "us-west-2"
}

resource "aws_instance" "web" {
  ami           = "ami-0c55b159cbfafe1f0"
  instance_type = "t2.micro"

  tags = {
    Name = "MyTerraformInstance"
  }
}

Store this Terraform script in a GitHub repository (e.g., infrastructure/terraform).

4. Writing Ansible Playbooks

Example Playbook

The playbook below installs Apache on the provisioned server:

---
- name: Configure Web Server
  hosts: all
  become: yes
  tasks:
    - name: Install Apache
      apt:
        name: apache2
        state: present

    - name: Start Apache Service
      service:
        name: apache2
        state: started

Store this playbook in the same GitHub repository under infrastructure/ansible.

5. Creating the Jenkins Pipeline

Pipeline Script

Below is the Jenkins pipeline script:

pipeline {
    agent any
    environment {
        GITHUB_TOKEN = credentials('github-token') // Use the GitHub token stored in Jenkins
    }
    stages {
        stage('Clone Repository') {
            steps {
                script {
                    sh 'git clone https://${GITHUB_TOKEN}@github.com/username/repository.git'
                }
            }
        }
        stage('Terraform Init') {
            steps {
                dir('repository/infrastructure/terraform') {
                    sh 'terraform init'
                }
            }
        }
        stage('Terraform Apply') {
            steps {
                dir('repository/infrastructure/terraform') {
                    sh 'terraform apply -auto-approve'
                }
            }
        }
        stage('Run Ansible Playbook') {
            steps {
                dir('repository/infrastructure/ansible') {
                    sh '''
                    ansible-playbook -i inventory playbook.yml
                    '''
                }
            }
        }
    }
}

Replace username and repository with your GitHub details.

6. Running the Pipeline

Triggering the Pipeline

Navigate to the Jenkins job.
Click Build Now to trigger the pipeline.
Monitor the logs to ensure successful execution of each stage.

Expected Output

Terraform provisions the infrastructure.
Ansible configures the infrastructure (e.g., installs and starts Apache).
Logs display successful completion messages for each stage.

7. Best Practices

Secure Credentials: Always use Jenkins secrets to store sensitive information.
Use Modules and Roles: Modularize Terraform configurations and Ansible playbooks for better maintainability.
Test Locally: Validate Terraform plans and Ansible playbooks locally before running them in Jenkins.

Conclusion

By combining Jenkins, Terraform, and Ansible, you can build a robust automation pipeline for infrastructure provisioning and configuration. Leveraging GitHub App Tokens enhances security, while the modularity of the tools ensures scalability and flexibility. Start integrating these tools into your DevOps practices today for efficient and reliable automation!

Subscribe to the YouTube channel, Medium, and Website, X (formerly Twitter) to not miss the next episode of the Ansible Pilot.

Academy

Learn automation technology with real-life examples in my Udemy 300+ Lessons Video Course.

BUY the Complete Udemy 300+ Lessons Video Course

My book Ansible By Examples: 200+ Automation Examples for System Administrators and DevOps

BUY the Complete PDF BOOK to easily Copy and Paste the 250+ Ansible code

Donate

Want to keep this project going? Please donate

Patreon Buy me a Pizza