In this post we will review the steps to deploy Jenkins on GCP cloud, and automatically allocated GCP compute instances for distributed build.
This post is mostly based on the document Using Jenkins for distributed builds on Compute Engine.
Create Image For Jenkins Distributed Agent
Add your SSH key for packer.
gcloud compute project-info describe --format=json | jq -r '.commonInstanceMetadata.items[] | select(.key == "ssh-keys") | .value' > sshKeys.pub
echo "$USER:$(cat ~/.ssh/id_rsa.pub)" >> sshKeys.pub
gcloud compute project-info add-metadata --metadata-from-file ssh-keys=sshKeys.pub
rm -f sshKeys.pub
Install packer.
wget https://releases.hashicorp.com/packer/1.6.6/packer_1.6.6_linux_amd64.zip
unzip packer_1.6.6_linux_amd64.zip
rm -f packer_1.6.6_linux_amd64.zip
sudo mv ./packer /usr/local/bin/
Create service account for packer.
export PROJECT="my-project"
export NAME="packer"
export ACCOUNT="${NAME}@${PROJECT}.iam.gserviceaccount.com"
gcloud iam service-accounts delete ${ACCOUNT} --quiet
gcloud iam service-accounts create ${NAME} --display-name ${NAME}
gcloud projects add-iam-policy-binding $PROJECT --member serviceAccount:$ACCOUNT --role roles/compute.admin
gcloud projects add-iam-policy-binding $PROJECT --member serviceAccount:$ACCOUNT --role roles/iam.serviceAccountUser
gcloud iam service-accounts keys create service-account.json --iam-account $ACCOUNT
Build image using packer.
export GOOGLE_APPLICATION_CREDENTIALS=./service-account.json
packer build template.json
Where the template.json is the following.
{
"builders": [
{
"type": "googlecompute",
"project_id": "radware-cto",
"source_image_family": "ubuntu-2004-lts",
"source_image_project_id": "ubuntu-os-cloud",
"zone": "us-central1-c",
"disk_size": "10",
"image_name": "jenkins-agent",
"image_family": "jenkins-agent",
"ssh_username": "ubuntu"
}
],
"provisioners": [
{
"type": "file",
"source": "ssh_config.txt",
"destination": "/tmp/ssh_config.txt"
},
{
"type": "shell",
"inline": ["sudo cp /tmp/ssh_config.txt /etc/ssh/ssh_config"]
},
{
"type": "shell",
"inline": ["sudo apt-get update && sudo apt-get install -y default-jdk"]
}
]
}
Create Service Account for Jenkins
To create service account for jenkins, update the project name, and run the following script.
export PROJECT="my-project"
export ACCOUNT="jenkins@${PROJECT}.iam.gserviceaccount.com"
gcloud iam service-accounts delete ${ACCOUNT} --quiet
gcloud iam service-accounts create jenkins --display-name jenkins
gcloud projects add-iam-policy-binding $PROJECT --member serviceAccount:$ACCOUNT --role roles/storage.admin
gcloud projects add-iam-policy-binding $PROJECT --member serviceAccount:$ACCOUNT --role roles/compute.instanceAdmin.v1
gcloud projects add-iam-policy-binding $PROJECT --member serviceAccount:$ACCOUNT --role roles/compute.networkAdmin
gcloud projects add-iam-policy-binding $PROJECT --member serviceAccount:$ACCOUNT --role roles/compute.securityAdmin
gcloud projects add-iam-policy-binding $PROJECT --member serviceAccount:$ACCOUNT --role roles/iam.serviceAccountActor
gcloud iam service-accounts keys create jenkins-service-account.json --iam-account $ACCOUNT
Install Jenkins from the Marketplace
Once installed, login to Jeknins, and install the following plugins:
- Google Compute Engine
- Cloud Storage
Next, configure the Jenkins plugin, ad mentioned in the document Using Jenkins for distributed builds on Compute Engine.
Assign Static IP For Jenkins
Update the Jenkins VM name, and the related region, an run the following script.
VM=jenkins-1-vm
REGION=us-central1
gcloud compute addresses create jenkins-static-ip --region=${REGION}
ADDRESS=$(gcloud compute addresses describe jenkins-static-ip --region=${REGION} | grep "address:" | cut -d' ' -f2)
INTERFACE_NAME=$(gcloud compute instances describe ${VM} | grep -A5 accessConfigs | grep name | cut -d: -f2 | cut -c2-100)
gcloud compute instances delete-access-config ${VM} --access-config-name=${INTERFACE_NAME}
gcloud compute instances add-access-config ${VM} --access-config-name=${INTERFACE_NAME} --address=${ADDRESS}
No comments:
Post a Comment