Jenkins is one of the most popular, free, open, Java coded CI/CD tool in the industry used by some big MNCs like Netflix, LinkedIn, eBay, Nintendo etc to small startups. Even me as DevOps Engineer Intern use Jenkins in Techolution for automating the non-human part of the software development process, with continuous integration and facilitating technical aspects of continuous delivery. We integrate our Jenkins with source/version control system like Github, Gitlab, Bitbucket, and can execute Apache Ant, Apache Maven and sbt based projects as well as arbitrary shell scripts and Windows batch commands.
Google Compute Engine — physical servers that you’re used to running inside the Google environment with several different configurations. Both predefined and custom machine types allow you to choose how much memory and how much CPU you want. You choose the type of disk you want, whether you want to just use standard hard drives, SSDs, local SSDs or a mix. You can even configure the networking and run a combination of Linux or Windows machines.
In this blog, I’ll tell you how to set up Jenkins on Google Compute Engine so that it will be available on static IP so that there is no issue of server starting and available every time for N number of automation task.
For this tutorial blog, I assume you have a GCP account and Compute Engine API is enabled.
Creating a Compute Engine Instance
The first thing we need is to create GCE Virtual Machine, creating a VM on GCE is very easy. Just go to GCP Compute Engine from the navigation menu and click Create Instance with following:
Enter the name of instance as you want
Set region and zone suitably
For machine configuration — Machine Family: General-Purpose; Generation: First; Machine type: n1-standard-1(you can change the machine type configuration according to the number the service you are triggering in the Jenkins)
For Boot Disk — Change it to Ubuntu 18.04 LTS; Boot disk type: Standard Persistent disk and Size(GB) as much as you want(you can change the boot disk according to your project need)
For Firewall — check both allow HTTP traffic, allow HTTPS traffic
For Management, security, disks, networking, sole tenancy — on the security tab, check SSH Keys-Block project-wide SSH keys and entire key data generated from this link. On the networking, tab enter http-server,https-server in Network tag(network tag assign on VM to apply firewall on particular VM)
Now hit Create. It will take a couple of minutes to create a VM.
You can create this VM via Google Cloud Shell with below command:
gcloud beta compute — project=demo-project instances create instance-1 — zone=us-central1-a — machine-type=n1-standard-1 — subnet=default — network-tier=PREMIUM — maintenance-policy=MIGRATE — — tags=http-server,https-server — image=ubuntu-1804-bionic-v20190918 — image-project=ubuntu-os-cloud — boot-disk-size=10GB — boot-disk-type=pd-standard — boot-disk-device-name=instance-1 — reservation-affinity=any
Creating Firewall rules
Create a firewall to control incoming or outgoing traffic to an instance. By default, incoming traffic from outside your network is blocked.
Go to Firewall under VPC network in Networking section of navigation and create a firewall with the following values:
Enter the name of the firewall as you want
Ensure the network, priority, direction of traffic, action on match, targets is the default, 1000, ingress, allow and specified target tags respectively.
For Target tags — enter http-server,https-server
For Source filter — IP ranges and 0.0.0.0/0 in Source IP ranges(Traffic is only allowed from sources within these IP address ranges)
For Protocols and ports — Specified protocols and ports must be selected and then check tcp and enter 8080
Now hit Create. It will take a couple of minutes to create a Firewall rule.
You can create this firewall with Google cloud shell with below command:
gcloud compute — project=demo-project firewall-rules create instance-1 — direction=INGRESS — priority=1000 — network=default — action=ALLOW — rules=tcp:8080 — source-ranges=0.0.0.0/0 — target-tags=http-server,https-server
So now your VM and firewall are created, it’s time to install Jenkins in VM.
To install Jenkins, click on the SSH button at the extreme right of the instance, an ssh terminal will open and enter the following command:
- Since Jenkins Java coded, we need to install Java first.
sudo apt update
sudo apt install openjdk-8-jdk
- Add repository key to the system which we do by importing the GPG keys of the Jenkins.
wget -q -O — https://pkg.jenkins.io/debian/jenkins.io.key | sudo apt-key add -
This command will give the OK output.
- Now we need to append the Debian package repository address to the server’s sources.list
sudo sh -c ‘echo deb http://pkg.jenkins.io/debian-stable binary/ > /etc/apt/sources.list.d/jenkins.list’
- Now install Jenkins as both things are in their proper place
sudo apt update
sudo apt install jenkins
- Let’s start Jenkins using
sudo systemctl start jenkins
Since the above command doesn’t display output, we can use its status command for verification that Jenkins started successfully
sudo systemctl status jenkins
If everything went well, below o/p will come
Output● jenkins.service - LSB: Start Jenkins at boot time
Loaded: loaded (/etc/init.d/jenkins; generated)
Active: active (exited) since Mon 2018-07-09 17:22:08 UTC; 6min ago
Tasks: 0 (limit: 1153)
Now that Jenkins is running, let’s adjust our firewall rules so that we can reach it from a web browser to complete the initial setup
- First, we need to enable ufw
sudo ufw enable
- By default, Jenkins runs on the port 8080, so let’s open that port using ufw
sudo ufw allow 8080
- Check ufw’s status to confirm the new rules:
sudo ufw status
You will see that traffic is allowed to port 8080 from anywhere
OutputStatus: activeTo Action From
-- ------ ----
OpenSSH ALLOW Anywhere
8080 ALLOW Anywhere
OpenSSH (v6) ALLOW Anywhere (v6)
8080 (v6) ALLOW Anywhere (v6)
- Now open enter https://<External_IP of instance>:8080 in browser or run
curl -vvv <External_IP of instance>:8080
If you perform all steps correctly Unlock Jenkins page will appear
For the administrator password, go to the path mention in Unlock Jenkins in VM ssh and you will get a password something like 194a22b78d474334b4972f57bc69008, once entered correctly follow the step to set up Jenkins.
Once this page I recommend you to select Install Suggested Plugins because it will install all necessary plugin, otherwise you can customize the installation of plugins.
You see this dashboard after setting up Jenkins properly.
Monitoring of Jenkins Server
Having Jenkins running on GCE have one more advantage and that is monitoring and getting logs your Jenkins Server so you can take necessary steps if something goes out of the way…
For proper monitoring of your instance, Google has a tool name Stackdriver which provide monitoring and management for services, containers, applications, and infrastructure. It is one of the perfect tools which we are using for monitoring all our services at GCP. I would recommend people reading this to use this tool exhaustively to leverage all the services they have offered.
For logs for Jenkins Server, you can go into Logging->Logs Viewer in Stackdriver section of Navigation. In logs viewer, you have to first select the GCE VM Instance from resource and then your Jenkins VM instance
For monitoring your VM, find Monitoring tab in the StackDriver section of GCP navigation, you’ll be redirected to a new tab, log in with your credentials.
In the navigation of stackdriver, find Resources-Metrics Explorer.
After that write GCE VM Instance in Resource type and instance/cpu/utilization in Metric.
In filter, write intance_name and then your Jenkins VM Instance name in value section and the graph will be loaded.
That’s how you set up Jenkins with GCE and Monitor it. You can also install the Jenkins with the help of Docker on GCE and Jenkins on Kubernetes too.
I’ll separate blog for both very soon.
Give it a clap, if you find it useful.
To join our community Slack 🗣️ and read our weekly Faun topics 🗞️, click here⬇