Automating image builds using Jenkins and Packer
Based on the specified configuration, Packer creates VM disk images in Compute Cloud. Jenkins helps build a continuous update delivery process.
You can use images to create a cloud infrastructure, for example, using Terraform
To install and configure Jenkins, Packer, GitHub, and Terraform to work together:
- Prepare your cloud.
- Configure the environment.
- Create a service account.
- Create a VM with Jenkins.
- Install Packer to your VM.
- Configure Jenkins.
- Set up a Jenkins task.
- Configure the GitHub repository.
- Create an image using Jenkins.
- Deploy the images using Terraform.
If you no longer need the VM or the cluster you created, delete them.
Prepare your cloud
Sign up for Yandex Cloud and create a billing account:
- Go to the management console
and log in to Yandex Cloud or create an account if you do not have one yet. - On the Yandex Cloud Billing
page, make sure you have a billing account linked and it has theACTIVE
orTRIAL_ACTIVE
status. If you do not have a billing account, create one.
If you have an active billing account, you can go to the cloud page
Learn more about clouds and folders.
Required paid resources
The cost of this infrastructure includes:
- Fee for continuously running virtual machines (see Yandex Compute Cloud pricing).
- Fee for storing created images (see Yandex Compute Cloud pricing).
- Fee for using a dynamic public IP address (see Yandex Virtual Private Cloud pricing).
Configure the environment
Set the software up to run:
- Install the Yandex Cloud command line interface.
- Install
Terraform. See also Getting started with Terraform. - Download
the jq utility. - Configure
Git. If you are running Windows, use Git Bash. - Create
a repository branch with examples in your GitHub account. - Prepare an SSH key to access the virtual machines.
Create a service account
Jenkins uses service accounts to perform actions in your cloud and folder. To create a service account:
-
Get the IDs of the folder and cloud by running
yc config list
. -
Create a service account and pass its ID to the environment variable using the following commands:
yc iam service-account create --name <username> yc iam key create --service-account-name <username> -o <username.json> SERVICE_ACCOUNT_ID=$(yc iam service-account get --name <username> --format json | jq -r .id)
This will create a JSON file containing login credentials in the current folder.
-
Assign the service account the
admin
role for the folder where operations will be performed:yc resource-manager folder add-access-binding <folder_name> --role admin --subject serviceAccount:$SERVICE_ACCOUNT_ID
Create a VM with Jenkins
Jenkins will get VM image configuration changes from GitHub and then use Packer to create images in the cloud.
To create a virtual machine with Jenkins:
-
On the folder page in the management console
, click Create resource and select Virtual machine. -
In the Name field, enter a name for the VM:
jenkins-tutorial
. -
Select an availability zone to put your virtual machine in.
-
Under Image/boot disk selection, click the Cloud Marketplace tab and then Show more. In the window that opens, select a Jenkins image.
Note
If you are configuring the Jenkins VM manually, follow the procedure
. -
Under Disks, enter 15 GB for the size of the boot disk:
-
Under Computing resources:
- Select the platform: Intel Ice Lake.
- Specify the number of vCPUs and the amount of RAM:
- vCPU: 2.
- Guaranteed vCPU share: 20%
- RAM: 2 GB.
-
Under Network settings, click Add network and choose the subnet to connect the virtual machine to. Under Public IP, assign a public address to the VM automatically or select a reserved address.
-
Under Access, specify the data required to access the VM:
- Enter the username in the Login field.
- In the SSH key field, paste the contents of the public key file.
You need to create a key pair for SSH connection yourself.
-
Click Create VM.
Install Packer
Packer enables you to create virtual machine disk images with parameters specified in a configuration file.
Note
Yandex Cloud requires Packer 1.5 or higher.
-
Download the Packer
distribution for Linux. -
Upload Packer to the VM you created:
scp packer_<Packer version>_linux_amd64.zip <Login>@<Public IP address of your VM>:~/
-
Connect to the VM over SSH. You can use the
ssh
utility in Linux or macOS, orPuTTY
in Windows. -
Create a new folder, move the Packer executables there, and unpack the archive:
sudo mkdir /opt/yandex-packer/ sudo mv packer_<Packer version>_linux_amd64.zip /opt/yandex-packer/ unzip packer_<Packer version>_linux_amd64.zip
-
All Jenkins system activity is performed on behalf of the
jenkins
user. Grant this user rights to launch Packer:sudo chmod u+x /opt/yandex-packer/packer* sudo chown jenkins:jenkins /opt/yandex-packer/packer*
Configure Jenkins
To build images based on configurations from GitHub, configure Jenkins:
-
Connect to the VM over SSH. You can use the
ssh
utility in Linux or macOS, orPuTTY
in Windows. -
Open the password file needed to launch the configuration and copy the password:
sudo cat /var/lib/jenkins/secrets/initialAdminPassword
-
In your browser, go to
http://<Jenkins VM public IP>
. Open the Jenkins management console. -
Enter the copied password in the Administrator password field and click Continue.
-
Choose Select plugins to install.
You will need the following plugins:
Pipeline
: The plugin for getting the source code from the VCS and assembling, testing, and deploying it.Git
: The plugin for working with git repositories.Credentials Binding
: The plugin for creating environment variables with authentication data.
-
Click Install. The selected components start to install.
-
When the installation is complete, you are prompted to create an administrator account. Fill in the form fields and click Save and Continue.
-
You are prompted to create a URL for Jenkins. Leave the URL as
http://<VM public IP address>/
. Click Save and finish. -
Click Start using Jenkins to complete the installation and go to the Jenkins administration panel.
Set up a Jenkins tasks
Enter your Yandex Cloud authorization data and create a task to download changes from the github repository so that Jenkins can build images. The authorization data is used in the variables stored in the Packer configuration files.
-
Open the Jenkins administration panel.
-
In the top-right corner, click the username.
-
Select Credentials.
-
Under Stores scoped to Jenkins, click the
Global
link. -
Get the ID of the subnet where images will be built by running the
yc vpc subnet list
command. -
Click Add credentials. Specify the following parameters:
- In the Kind list, click
Secret text
. - In the Scope list, leave
Global
. - In the Secret field, enter the ID of your folder.
- In the Id field, enter
YC_FOLDER_ID
. Click OK.
- In the Kind list, click
-
Create another secret with the following parameters:
- Kind:
Secret text
. - Scope:
Global
. - Secret: ID of the subnet where the Jenkins VM is hosted.
- ID:
YC_SUBNET_ID
.
- Kind:
-
Create another secret with the following parameters:
- Kind:
Secret file
. - Scope:
Global
. - File: File named
<usrname>.json
from step 1. - ID:
YC_ACCOUNT_KEY_FILE
.
- Kind:
-
Go back to the main page of the administration panel and select New item.
-
Enter a name for the task, like
jenkins-tutorial
, and select Pipeline as the task type. Click OK. -
In the window that opens, select the GitHub hook trigger for GITScm polling checkbox. This option lets you run the build every time you
push
to themaster
branch of your git repository. -
Under Pipeline, select
Pipeline script from SCM
from the Definition list. -
In the SCM list, select
Git
. -
In the Report URL field, enter the URL of your GitHub fork.
-
In the Script path field, enter
jenkins-packer/Jenkinsfile
. -
Leave the other fields unchanged and click Save.
Configure the GitHub repository
In the GitHub repository's settings, set up a webhook to initiate a Jenkins build and add the public SSH key for authorization.
Enable Webhook
- Open the fork of your GitHub repository in the browser.
- Click the Settings tab.
- Select Webhooks and click Add webhook.
- In the Payload URL field, enter
http://<VM public IP address>/github-webhook/
. - Click Add webhook.
Add an SSH key to GitHub
- Click your GitHub avatar. In the menu that opens, select Settings.
- Click SSH and GPG keys.
- Click New SSH key.
- In the Title field, enter a name for your key.
- Paste your SSH key into the Key box.
- Click Add SSH key.
Create an image using Jenkins
The image is built in Jenkins automatically after you push
to the master
branch of your GitHub repository.
-
Clone the examples
repository fork you created while getting started, to your computer:git clone git@github.com:<GitHub login>/examples.git
-
Make changes to the Packer templates hosted in the
jenkins-packer/packer/
folder. You can find Packer template documentation on the developer's website . In theimage_family
andsource_image_family
parameters, specify the families of images to be built by Jenkins. For more detail on families, please see Image families. -
Make changes to the Jenkinsfile Pipeline description file for
Jenkins
located in the root of the repository. For the Pipeline documentation, see the developer's website . -
Upload the changes to Github:
git add -A git commit -m "Build update" git push
-
Open the Jenkins administration panel and check the task status.
-
If all the settings are correct, the image assembly is launched. You can see the result in the build logs.
Note
When configuring a Jenkins job under GitHub Hook log, you may encounter the Polling has not run yet
error. If this happens, you should run a manual build the first time around.
Then there are three new images in Compute Cloud under Images:
Debian
: The basic image with the latest updates.Nginx
:Debian
-based image containing nginx web server.Django
: An image with theDjango
framework, based on the Debian image.
Deploy the images
Once the images are created, you can use them to create your virtual machines. Create a test infrastructure using Terraform:
-
In the folder with the fork, go to the directory with the Terraform files:
cd examples/jenkins-packer/terraform
-
Rename the
terraform.tfvars_example
file:mv terraform.tfvars_example terraform.tfvars
-
Fill in the file fields with the applicable values. See also the Terraform
and Yandex Cloud provider documentation. -
Initialize the Terraform provider by running
terraform init
. -
Run
terraform plan -var-file="terraform.tfvars"
. Check the created configuration. -
Run
terraform apply
and confirm you want to create the infrastructure by typingyes
into the terminal prompt.
This will create:
- A cloud network.
- Subnets in all availability zones.
- Virtual machines from images created by Packer. Virtual machines with nginx get public IP addresses. All virtual machines are connected to subnets.
How to delete the resources you created
Some resources are not free of charge. To avoid paying for them, delete the resources you no longer need:
- Delete the created VMs.
- Delete the created images.
- Delete the service account and
<uername.json>
. - Delete the network and the subnets.
To delete the resources created with Terraform, run terraform destroy
.