Jenkins setup in google cloud platform!

sadhan reddy
4 min readApr 22, 2021

--

Why Jenkins?

Jenkins gives you a common way to monitor a CI/CD pipeline (with many users watching the same important environment). There are many CI/CD tools in the market, but Jenkins; the java-based open-source tool tops the popularity list. Which has a lot of communication support, there are many plugins available like(slack, GitHub, GitLab, docker +more) and the project is well-maintained by a large community of developers.

why Jenkins in GCP?

Speed up your Jenkins builds with predictable performance and scalable infrastructure from Google Cloud. Automate your Jenkins installation, upgrade, and scaling by running Jenkins in Google Kubernetes Engine. Easily scale out your build farm by leveraging Compute Engine to seamlessly run your jobs.

Steps to integrate Jenkins in GCP

the diagram outlines the tutorial architecture

Setting up your environment

Open Cloud Shell

Configure IAM

Create an IAM service account to delegate permission to Jenkins and enable Jenkins to store data and launch instances in compute engine.

Create a service account

  1. Create an IAM service account using the below command in the cloud shell:

gcloud iam service-accounts create jenkins — display-name Jenkins

  1. Get your email id and project id, so that they are used later:

export SA_EMAIL=$(gcloud iam service-accounts list \

— filter=”displayName:jenkins” — format=’value(email)’)

export PROJECT=$(gcloud info — format=’value(config.project)’)

Bind the following roles to your service account:

gcloud projects add-iam-policy-binding $PROJECT \

— role roles/storage.admin — member serviceAccount:$SA_EMAIL

gcloud projects add-iam-policy-binding $PROJECT — role roles/compute.instanceAdmin.v1 \

— member serviceAccount:$SA_EMAIL

gcloud projects add-iam-policy-binding $PROJECT — role roles/compute.networkAdmin \

— member serviceAccount:$SA_EMAIL

gcloud projects add-iam-policy-binding $PROJECT — role roles/compute.securityAdmin \

— member serviceAccount:$SA_EMAIL

gcloud projects add-iam-policy-binding $PROJECT — role roles/iam.serviceAccountActor \

— member serviceAccount:$SA_EMAIL

Download the service account key

The service account key is used to configure jcloud plugin to authenticate with compute engine API. Download file using below commands:

  1. Create the key file:

gcloud iam service-accounts keys create jenkins-sa.json — iam-account $SA_EMAIL

  1. In Cloud Shell, click More more_vert, and then click Download file.

Type jenkins-sa.json.

Click Download to save the file locally.

Create a Jenkins agent image

create a compute engine image that contains software and tools to run as a Jenkins executor.

Create an SSH key for Cloud Shell

Here in this, we use packer to build images where we need ssh command to communicate with your build instance. To enable ssh, create and upload the ssh key in the cloud shell.

  1. Create a SSH key pair. If one already exists, this command uses that key pair; otherwise, it creates a new one:

ls ~/.ssh/id_rsa.pub || ssh-keygen -N “”

  1. Add the Cloud Shell public SSH key to your project’s metadata:

gcloud compute project-info describe \

— format=json | jq -r ‘.commonInstanceMetadata.items[] | select(.key == “ssh-keys”) | .value’ > sshKeys.pub

echo “$USER:$(cat ~/.ssh/id_rsa.pub)” >> sshKeys.pub

gcloud compute project-info add-metadata — metadata-from-file ssh-keys=sshKeys.pub

Create the baseline image

Now we use packer to create a baseline VM image for your build agents. The most basic Jenkins agent only requires java to be installed. You can customize your image by adding shell commands in the provisioner's section of the Packer configuration or by adding other Packer provisioners.

  1. In Cloud Shell, download and unpack the most recent release of Packer. The following example uses Packer 1.6.6. You can check the Hashicorp website to see if there’s a more recent version:

wget https://releases.hashicorp.com/packer/1.6.6/packer_1.6.6_linux_amd64.zip

unzip packer_1.6.6_linux_amd64.zip

  1. Create the configuration file for your Packer image builds:

export PROJECT=$(gcloud info — format=’value(config.project)’)

cat > jenkins-agent.json <<EOF

{

“builders”: [

{

“type”: “googlecompute”,

“project_id”: “$PROJECT”,

“source_image_family”: “ubuntu-2004-lts”,

“source_image_project_id”: “ubuntu-os-cloud”,

“zone”: “us-central1-a”,

“disk_size”: “10”,

“image_name”: “jenkins-agent-{{timestamp}}”,

“image_family”: “jenkins-agent”,

“ssh_username”: “ubuntu”

}

],

“provisioners”: [

{

“type”: “shell”,

“inline”: [“sudo apt-get update && sudo apt-get install -y default-jdk”]

}

]

}

EOF

  1. Build the image by running Packer:

./packer build jenkins-agent.json

When the build completes, the name of the disk image is displayed with the format jenkins-agent-[TIMESTAMP], where [TIMESTAMP] is the epoch time when the build started.

==> Builds finished. The artifacts of successful builds are:

→ googlecompute: A disk image was created: jenkins-agent-1612997575

Installing Jenkins

In this section, you use Cloud Marketplace to provision a Jenkins instance. You customize this instance to use the agent image you created in the previous section.

  1. Go to the Cloud Marketplace solution for Jenkins.
  2. Click Launch.
  3. Change the Machine Type field to 4 vCPUs 15 GB Memory, n1-standard-4.
  1. Click Deploy and wait for your Jenkins instance to finish being provisioned. When it is finished, you will see:
  2. Open your Jenkins instance in the browser by clicking the Site Address link.
  3. Log in to Jenkins using the Admin user and Admin password displayed in the details pane.
your Jenkins instance is ready to use

after clicking on the link, you will be popped up with login credentials, copy admin user, and admin password.

--

--

sadhan reddy
sadhan reddy

Written by sadhan reddy

0 Followers

Devops Engineer, MLOps, Founder of Infinite Epochs Labs , Researcher, LinkedIn: https://www.linkedin.com/in/sadhan-reddy-maddula-572837158