6b53a4e3a3
* Make the resource group configurable * Update SDK to 0.9.4 * Fix: Token expiration was incorrectly calculated (API is named a bit oddly). * Fix: Token expiration is in seconds. * Change VM/deployment names to ones that are valid * Fix location + VM sizes It appears that that the location and VM size APIs do not currently support the AAD based authentication. The certificate is required. Rather than re-introduce the cert for just this limited UI scenario, I have decided to hard-code the list based on the returned info from current Azure. This is a decent short term solution, since a move to the 1.0.0 API (when released) will require that this code be changed anyway and presumably this problem should be fixed for good at that point. * Proper handling for custom image URIs * Asynchronous verification of the subscription info * Asynchronous verification of the azure templates * Asynchronous provisioning * Clean up resources after unsuccessful provisioning * Lots of logging updates * Fix: SSH launcher - Get channels before connection for exec channels Getting the channels after connection introduces a race where we could potentially fail to read from the input streams if they were obtained from the channel after the connection had completed. * Add diagnostics to image verification messages * Asynchronous deletion via UI * Update version of Jsch * Temporarily disable image verification for reference images * Allow for initialization scripts to be run as root * Cleanup of slaves now works properly * Doesn't clean up when node is taken offline by user * Post build tasks won't kill other runs or show errors in the job logging * Retention strategy now for online nodes, cleanup for offline nodes * Nodes that are marked to shut down on idle can now be restarted properly (before too many could be started) * Add option to treat failures of the initialization script as a reason to discard the VM (linux only currently) * Reenable Windows custom script extension for startup * Update documentation with new sample startup scripts Add setAcceptingTasks appropriately doc fixup |
||
---|---|---|
src/main | ||
.gitignore | ||
pom.xml | ||
README.md |
azure-slave-plugin
Jenkins Plugin to create Azure slaves.
Supports creating
- Windows slave on Azure Cloud using SSH and JNLP
- For windows images to launch via SSH, the image needs to be preconfigured with ssh.
For preparing custom windows image, refer to Azure documentation
- Linux slaves on Azure Cloud using SSH
- For preparing custom linux image, refer to Azure documentation
Pre-requirements
Register and authorize your client application.
Retrieve and use Client ID and Client Secret to be sent to Azure AD during authentication.
Refer to
How to install the Azure Slave plugin
- Within the Jenkins dashboard, click Manage Jenkins.
- In the Manage Jenkins page, click Manage Plugins.
- Click the Available tab.
- In the "Cluster Management and Distributed Build" section, select the Azure Slave plugin.
- Click either “Install without restart” or “Download now and install after restart”.
- Restart Jenkins if necessary.
Configure the plugin : Azure profile configuration
- Within the Jenkins dashboard, click Manage Jenkins --> Configure System --> Scroll to the bottom of the page and find the section with the dropdown "Add new cloud" --> click on it and select "Microsoft Azure"
- Enter the subscription ID, Client ID, Client Secret and the OAuth 2.0 Token Endpoint.
- Click on “Verify configuration” to make sure that the profile configuration is done correctly.
- Save and continue with the template configuration (See instructions below)
Configure the plugin : Template configuration.
- Click on the "Add" option to add a template. A template is used to define an Azure slave configuration, like its VM size, its region, or its retention time.
- Provide a name for your new template. This field is not used for slave provisioning.
- For the description, provide any remarks you wish about this template configuration. This field is not used for slave provisioning.
- For the label, provide any valid string. E.g. “windows” or “linux”. The label defined in a template can be used during a job configuration.
- Select the desired region from the combo box.
- Select the desired VM size.
- Specify the Azure Storage account name. Alternatively you can leave it blank to let Jenkins create a storage account by using the default name "jenkinsarmst".
- Specify the retention time in minutes. This defines the number of minutes Jenkins can wait before automatically deleting an idle slave. Specify 0 if you do not want idle slaves to be deleted automatically.
- Select a usage option:
- If "Utilize this node as much as possible" is selected, then Jenkins may run any job on the slave as long as it is available.
- If "Leave this node for tied jobs only" is selected, Jenkins will only build a project (or job) on this node when that project specifically was tied to that node.This allows a slave to be reserved for certain kinds of jobs.
- Specify your Image Family. Choose between two possible alternatives:
- use a custom user image (provide image URL and os type - note, your custom image has to be available into the same storage account in which you are going to create slave nodes);
- give an image reference (provide image reference by publisher, offer, sku and version).
- For the launch method, select SSH or JNLP.
- Linux slaves can be launched using SSH only.
- Windows slaves can be launched using SSH or JNLP. For Windows slaves, if the launch method is SSH then
image needs to be custom-prepared with an SSH server pre-installed.
When using the JNLP launch option, ensure the following:
- Jenkins URL (Manage Jenkins --> configure system --> Jenkins Location)
- The URL needs to be reachable by the Azure slave, so make sure to configure any relevant firewall rules accordingly.
- TCP port for JNLP slave agents (Manage Jenkins --> configure global security --> Enable security --> TCP port for JNLP slaves).
-
The TCP port needs to be reachable from the Azure slave launched using JNLP. It is recommended to use a fixed port so that any necessary firewall exceptions can be made.
If the Jenkins master is running on Azure, then open an endpoint for "TCP port for JNLP slave agents" and, in case of Windows, add the necessary firewall rules inside virtual machine (Run --> firewall.cpl).
-
-
For the Init script, provide a script to install at least a Java runtime if the image does not have Java
pre-installed.For the Windows JNLP launch method, the init script must be in PowerShell. Automatically passed to this script is: First argument - Jenkins server URL Second argument - VMName Third argument - JNLP secret, required if the server has security enabled. You need to install Java, download the slave jar file from: '[server url]jnlpJars/slave.jar'. The server url should already have a trailing slash. Then execute the following to connect:
java.exe -jar [slave jar location] [-secret [client secret if required]] [server url]computer/[vm name]/slave-agent.jnlp
Example script
Set-ExecutionPolicy Unrestricted $jenkinsServerUrl = $args[0] $vmName = $args[1] $secret = $args[2] $baseDir = 'C:\Jenkins' mkdir $baseDir # Download the JDK $source = "http://download.oracle.com/otn-pub/java/jdk/7u79-b15/jdk-7u79-windows-x64.exe" $destination = "$baseDir\jdk.exe" $client = new-object System.Net.WebClient $cookie = "oraclelicense=accept-securebackup-cookie" $client.Headers.Add([System.Net.HttpRequestHeader]::Cookie, $cookie) $client.downloadFile([string]$source, [string]$destination) # Execute the unattended install $jdkInstallDir=$baseDir + '\jdk\' $jreInstallDir=$baseDir + '\jre\' C:\Jenkins\jdk.exe /s INSTALLDIR=$jdkInstallDir /INSTALLDIRPUBJRE=$jdkInstallDir $javaExe=$jdkInstallDir + '\bin\java.exe' $jenkinsSlaveJarUrl = $jenkinsServerUrl + "jnlpJars/slave.jar" $destinationSlaveJarPath = $baseDir + '\slave.jar' # Download the jar file $client = new-object System.Net.WebClient $client.DownloadFile($jenkinsSlaveJarUrl, $destinationSlaveJarPath) # Calculate the jnlpURL $jnlpUrl = $jenkinsServerUrl + 'computer/' + $vmName + '/slave-agent.jnlp' while ($true) { try { # Launch & $javaExe -jar $destinationSlaveJarPath -secret $secret -jnlpUrl $jnlpUrl -noReconnect } catch [System.Exception] { Write-Output $_.Exception.ToString() } sleep 10 }
For more details about how to prepare custom images, refer to the below links:
-
Specify a user name and a password as per the rules explained in the help text.
-
Make sure to validate the template configuration by clicking on the link “Verify Template”. This will connect to your Azure account to verify the correctness of the supplied information.
Template Configuration for Ubuntu images.
- Configure an Azure profile and Template as per the above instructions.
- If the init script is expected to take a long time to complete, it is recommended to use a custom-prepared Ubuntu image that has the required software pre-installed, including a Java runtime
- For platform images, you may specify an Init script as below to install Java (may vary based on OS):
#Install Java
sudo apt-get -y update
sudo apt-get install -y openjdk-8-jre
Template configuration for Windows images with launch method JNLP.
-
Make sure to follow the instructions specified above for JNLP.
-
If the Jenkins master does not have a security configuration, leave the Init script blank for the default script to execute on the slave.
-
If the Jenkins master has a security configuration, then refer to the script at
https://gist.github.com/snallami/5aa9ea2c57836a3b3635 and modify the script with the proper Jenkins credentials.At a minimum, the script needs to be modified with the Jenkins user name and API token. To get the API token, click on your username --> configure --> show api token
The below statement in the script needs to be modified: $credentails="username:apitoken"
Create a Jenkins job that runs on a Linux slave node on Azure
- In the Jenkins dashboard, click New Item/Job.
- Enter a name for the task/Job you are creating.
- For the project type, select Freestyle project and click OK.
- In the task configuration page, select Restrict where this project can be run.
- In the Label Expression field, enter label given during template configuration.
- In the Build section, click Add build step and select Execute shell.
- In the text area that appears, paste the following script.
# Clone from git repo
currentDir="$PWD"
if [ -e sample ]; then
cd sample
git pull origin master
else
git clone https://github.com/snallami/sample.git
fi
# change directory to project
cd $currentDir/sample/ACSFilter
#Execute build task
ant
- Save Job and click on Build now.
- Jenkins will create a slave node on Azure cloud using the template created in the previous section and execute the script you specified in the build step for this task.
- Logs are available @ Manage Jenkins --> System logs --> All Jenkins logs.
- Once the node is provisined in Azure, which typically takes about 5 to 7 minutes, node gets added to Jenkins.