The image consists of Tomcat, Java, MySQL which will be running on an Alibaba Elastic Compute Instance (ECS). Here, Infrastructure as Code (IaC) tool, “Ansible” and an open-source Continuous Integration and Continuous Delivery (CICD) tool, “Jenkins” are being used for provisioning.
Jenkins
It’s an open-source automation server which enables you to reliably build, test, and deploy software as well the infrastructure for an application. Jenkins is a continuous integration build tool which builds and releases application code after any change is made to the code and, pushed to the codebase. It saves development time by running automated testing against the code at every change pushed to the repos.
Firstly, we require a few prerequisite setups to be established to achieve the environment.
Prerequisite
- Jenkins Server (Master only or Master/Slave setup) Link
Once Jenkins server master/slave (agent) environment is established, make sure the agents are up and running fine by checking the status. In my setup, I’m using a master node as Jenkins server and an agent machine for Ansible. If required, you can have only one machine by installing Ansible on the master itself.
Next, install Ansible Tool in the master and agent machines.
Ansible
Ansible is a powerful tool for IT automation and can be used in a CI/CD process to provision the target environment and to then deploy the application on it. Ansible is cumbersome to maintain and reuse scripts in the long run.
It helps you perform the same set of tasks across different servers/environment from the centralized server where Ansible is installed. Ansible is completely agentless, which is an advantage over other IaC tools like chef, Puppet, etc. It implies no agent needs to be installed on client systems where the automation needs to be taken through provided SSH communication between client and server. All the automation will be easier when there are hundreds of instances in the specified region. Ansible playbooks are written are YAML/YML language.
Ansible’s few important notes
Control node
Machine where Ansible is installed and responsible for servers you are managing.
Inventory
An Ansible inventory file defines the hosts and groups of hosts upon which commands, modules, and tasks in a playbook operate. The file can be in one of many formats depending on your Ansible environment and plugins. It’s used to create project-specific inventory files in alternate locations.
Playbook
Playbooks are Ansible’s configuration, deployment, and orchestration language. They can describe a policy you want your remote systems to enforce or a set of steps.
Install “Ansible” and “Ansible Alicloud Module”
Install Ansible plugin on Jenkins
- Click on “Manage Jenkins” in the dashboard.
- Click on “Manage Plugins” and look for “Ansible” plugin on the search bar which is on the top right of the page.
- Select Ansible and click on “Download now and install after restart”.
Note
Don’t install Ansible Tower, which is not required for the current setup.
After a successful install of Ansible plugin in Jenkins, install Ansible in Client/Agent machine.
Install Ansible in Client/Agent machine
Alibaba Ansible Modules are frequently updated hence refer to the GitHub
link.
Open a terminal window in the agent machine and execute below commands.
For CentOS 7.4
sudo yum check-update; sudo yum install -y gcc libffi-devel python-devel openssl-devel epel-release
sudo yum install -y python-pip python-wheel
For Ubuntu 16.04 LTS
sudo apt-get update && sudo apt-get install -y libssl-dev libffi-dev python-dev python-pip
Enter the following command to install the required packages Ansible for Alibaba
sudo pip install ansible
sudo pip install ansible_alicloud
sudo pip install ansible_alicloud_module_utils
Variable in Ansible Playbook.
I have created an Ansible playbook script to provision an Alibaba ECS
Link. you can fork the source code and modify the parameter values as per your environment.
alicloud_access_key: <Alibaba Access Key>
alicloud_secret_key: <Alibaba Secret Key>
alicloud_region: <Alibaba Region for your resource> e.g. - ap-south-1
alicloud_zone: <Alibaba Zone for your resource> e.g. ap-south-1a
password: <New VM Password>
image: "m-a2d4qmk8v2w9s5wmh0rw"
Note
I’m importing an image from Alibaba Application Stacks provided by Zhuyun. It consists of Linux, Nginx, MySQL and Jdk-Tomcat (Nginx1.6-jdk1.7-tomcat7-mysql5.5-vsFTPd2.2.2)>
Link
Generate Access Key and Secret
Step 1
To get access_key and secret_key, go to Alibaba console
Link and select “Resource Access Management (RAM)” in “Product” menu.
Step 2
Click on the “Users” option on the left blade and select “Create User”.
Step 3
Create a new user by providing a login name and display name. Under “Access Mode” check on “Programmatic Access”. It's not required to provide “Console Password Logon” access.
Note
No user will be able to login to Alibaba console using this user, which provides an extra level of security.
Step 4
Copy “AccessKeyId” and “AccessKeySecret”, which will be your “alicloud_access_key” and “alicloud_secret_key” value in the playbook.
Note
The AccessKey information will not be available again after the dialog box is closed. Hence copy and save it before you close the dialog box.
Step 5
Provide appropriate permission to provide the resources like VPC, V-Switch, Security group, and ECS instance I have provided.
AdministratorAccess
Provides full access to Alibaba Cloud services and resources.
Below are the regions and zone available on Alibaba Cloud.
|
Region
|
"cn-qingdao"
|
"cn-beijing"
|
"cn-zhangjiakou"
|
"cn-huhehaote"
|
"cn-huhehaote"
|
|
Zone
|
"cn-qingdao-b"
"cn-qingdao-c"
|
"cn-beijing-a"
"cn-beijing-b"
"cn-beijing-c"
"cn-beijing-d"
"cn-beijing-e"
"cn-beijing-f"
"cn-beijing-g"
|
"cn-zhangjiakou-a"
"cn-zhangjiakou-b"
|
"cn-huhehaote"
|
"cn-huhehaote-a"
"cn-huhehaote-b"
|
|
Region
|
"cn-hangzhou"
|
"cn-shanghai"
|
"cn-shenzhen"
|
"cn-hongkong"
|
"ap-northeast-1"
|
|
Zone
|
"cn-hangzhou-b"
"cn-hangzhou-c"
"cn-hangzhou-d"
"cn-hangzhou-e"
"cn-hangzhou-f"
"cn-hangzhou-g"
"cn-hangzhou-h"
|
"cn-shanghai-a"
"cn-shanghai-b"
"cn-shanghai-c"
"cn-shanghai-d"
"cn-shanghai-e"
"cn-shanghai-f"
|
"cn-shenzhen-a"
"cn-shenzhen-b"
"cn-shenzhen-c"
"cn-shenzhen-d"
|
"cn-hongkong-a"
"cn-hongkong-b"
"cn-hongkong-c"
|
"ap-northeast-1a"
|
|
Region
|
"ap-southeast-1"
|
"ap-southeast-2"
|
"ap-southeast-3"
|
"ap-southeast-5"
|
"ap-south-1"
|
|
Zone
|
"ap-southeast-1a"
"ap-southeast-1b"
"ap-southeast-1c"
|
"ap-southeast-2a"
"ap-southeast-2b"
|
"ap-southeast-3a"
"ap-southeast-3b"
|
"ap-southeast-5a"
|
"ap-south-1a"
"ap-south-1b"
|
|
Region
|
"us-east-1"
|
"us-west-1"
|
"eu-west-1"
|
"me-east-1"
|
"eu-central-1"
|
|
Zone
|
"us-east-1a"
"us-east-1b"
|
"us-west-1a"
"us-west-1b"
|
"eu-west-1a"
"eu-west-1b"
|
"me-east-1a"
|
"eu-central-1a"
"eu-central-1b"
|
Note
To get the full list, you will need to pull it down with their Ali Cloud CLI tool. It will spit out a wall of JSON, so it is also helpful to be on *nix and have the jq tool available. Given all that, all you need is this short shell script,
- #!/usr/bin/env bash
- for region in $( aliyun ecs DescribeRegions | jq '.Regions.Region[].RegionId' )
- do
- echo $region
- reg=$( echo $region | sed s/\"
- echo '---'
- for zone in $( aliyun ecs DescribeZones --RegionId $reg | jq '.Zones.Zone[].ZoneId' | sort )
- do
- echo $zone
- done
- echo ''
- done
If you want to provision resource in below region/ zone, then you required to complete real name registration
Link
alicloud_region: cn-beijing
alicloud_zone: cn-beijing-a
Image ID corresponding to each region ( of Linux, Nginx, MySQL, and Jdk-Tomcat Image), change the image ID according to your region.
|
Region
|
Image ID
|
|
Asia Pacific SE 2 (Sydney)
|
m-p0w27ppevw6pzi8h7ixm
|
|
Middle East 1 (Dubai)
|
m-eb38cmoa7usjddka52to
|
|
EU Central 1 (Frankfurt)
|
m-gw8dq50o59ikctae82pb
|
|
North China 2
|
m-25l8e5b2z
|
|
US West 1 (Silicon Valley)
|
m-u1h8ath3c
|
|
South China 1
|
m-94hr7sfyv
|
|
North China 1
|
m-289tm7b8j
|
|
East China 2
|
m-11swttqae
|
|
cn-hongkong
|
m-624gp4an3
|
|
East China 1
|
m-23ghrg3oc
|
|
China North 5 (Huhehaote)
|
m-hp37548apzhyhy6h4zff
|
|
Asia Pacific SE 1 (Singapore)
|
m-22ezfa3pg
|
|
Asia Pacific SE 5 (Jakarta)
|
m-k1abjw6qg2os0uyoto1p
|
|
Asia Pacific SE 3 (Kuala Lumpur)
|
m-8psfvkmwkkojyjsfk0x4
|
|
UK(London)
|
m-d7ob7i6ms5e9udog6lbw
|
|
Asia Pacific SOU 1 (Mumbai)
|
m-a2d4qmk8v2w9s5wmh0rw
|
|
China North 3 (Zhangjiakou)
|
m-8vb2zl8zhx0yqlbpoz5p
|
|
US East 1 (Virginia)
|
m-0xiiujpvgj49t2a4dnmj
|
|
Asia Pacific NE 1 (Tokyo)
|
m-6we3lcusxctdmkrokfoc
|
|
East China 1
|
m-23iy97rxq
|
How to Create and Deploy an Alibaba VM using Jenkins job
Step 1
From Jenkins dashboard, select New Item.
Step 2
Enter a name, select “Freestyle project” and click OK.
Step 3
Under General give a brief description for your reference (optional).
Step 4
Select Source Code Management (SCM) tab on the top or scroll down and, enter the following details.
SCM: - Git
Repository URL: - your GitHub link with modified parameter
e.g. https://github.com/nadaraj15/alibaba_ansible/
Credentials: - none (since it’s a public repository if private then store your credentials in Jenkins)
Branch Specifier (blank for 'any'): - */master
Step 5
Next, skip build trigger for now and go to build environment. There are a number of settings available when you create a new project. On this configuration page, you also have the option to Add build step to perform extra actions like running scripts. I will execute a shell script, which will download the Ansible Playbook file from GitHub.
Command
sudo apt-get update (Optional)
sudo apt-get install -y libssl-dev libffi-dev python-dev python-pip (Optional)
sudo pip install ansible[azure]==2.7.0rc2 (Optional)
sudo apt-get install -y maven (Optional)
cd /usr/bin
sudo wget https://raw.githubusercontent.com/nadaraj15/alibaba_ansible/master/AliVM.yml
Step 6
Invoke “Ansible playbook” by adding a build step. This step will execute the Ansible playbook.
Enter the following details,
Playbook path: - AliVM.yml (Playbook Name)
Inventory: - Select “Do not specify Inventory”
Credentials: - Select “None” (I have embedded the credentials on the deployment file, you can pass the credentials as environment variable)
Step 7
Clean up the workspace after the deployment. Add an “execute a shell script” step.
Note
If jenkins_home is your location than default path is set to: /var/jenkins_home, else if you have custom location then provide that location.
Command
sudo rm -rf /var/jenkins_home/workspaces/<workspace_name>
Step 8
Add, Post-built Action if required, else click on save once all the steps are configured.
Step 9
Navigate to Jenkins project dashboard and trigger your build manually by clicking “Build now”
Step 10
Go to console output to check triggered build status. Once all the resources have been provisioned successfully, you we can see a success status on the output.
Step 11
Go to Alibaba Console to check the provisioned Alibaba ECS and the configuration.
Now we have deployed an instance with Tomcat, Java, MySQL installed. Enter the public IP in the browser and we can see Apache Tomcat page running, since the webserver is exposed through port 80 on the Public IP of the VM.
Reference
- https://www.alibabacloud.com/blog/ci%2Fcd-with-jenkins---part-1%3A-install-jenkins-on-ubuntu_593717
- https://www.alibabacloud.com/blog/continuous-integration-with-jenkins-on-alibaba-cloud_594512
- https://www.alibabacloud.com/blog/594449
- https://github.com/alibaba/ansible-provider
- https://mohitgoyal.co/2017/02/14/add-linux-slave-node-in-the-jenkins/
- https://marketplace.alibabacloud.com/products/56728001/Tomcat_Nginx_My_SQL_Stack_Package_on_Ubuntu-cmjj011399.html?innerSource=search#product-details