Configure Default VPC Firewall rules
Create a GCP VM
On the VM instances creation page, Make sure you select the CentoOS Image and check the checkbox to allow HTTP traffic under the firewall section as below.
In the advanced section
Add this script in the startup script of the VM
sudo apt update sudo apt install openjdk-11-jre -y curl -fsSL https://pkg.jenkins.io/debian-stable/jenkins.io-2023.key | sudo tee \ /usr/share/keyrings/jenkins-keyring.asc > /dev/null echo deb [signed-by=/usr/share/keyrings/jenkins-keyring.asc] \ https://pkg.jenkins.io/debian-stable binary/ | sudo tee \ /etc/apt/sources.list.d/jenkins.list > /dev/null sudo apt-get update sudo apt-get install jenkins -y
Using gcloud command
gcloud compute instances create jenkins-server-template-1 --project=$GCP_PROJECT_ID --zone=us-central1-a --machine-type=e2-medium --network-interface=network-tier=PREMIUM,stack-type=IPV4_ONLY,subnet=default --metadata=startup-script=sudo\ apt\ update$'\n'sudo\ apt\ install\ git\ -y$'\n'sudo\ apt\ install\ openjdk-11-jre\ -y$'\n'curl\ -fsSL\ https://pkg.jenkins.io/debian-stable/jenkins.io-2023.key\ \|\ sudo\ tee\ \\$'\n'\ \ /usr/share/keyrings/jenkins-keyring.asc\ \>\ /dev/null$'\n'echo\ deb\ \[signed-by=/usr/share/keyrings/jenkins-keyring.asc\]\ \\$'\n'\ \ https://pkg.jenkins.io/debian-stable\ binary/\ \|\ sudo\ tee\ \\$'\n'\ \ /etc/apt/sources.list.d/jenkins.list\ \>\ /dev/null$'\n'sudo\ apt-get\ update$'\n'sudo\ apt-get\ install\ jenkins\ -y --maintenance-policy=MIGRATE --provisioning-model=STANDARD --service-account=1008566890267-compute@developer.gserviceaccount.com --scopes=https://www.googleapis.com/auth/devstorage.read_only,https://www.googleapis.com/auth/logging.write,https://www.googleapis.com/auth/monitoring.write,https://www.googleapis.com/auth/servicecontrol,https://www.googleapis.com/auth/service.management.readonly,https://www.googleapis.com/auth/trace.append --tags=jenkins,http-server,https-server --create-disk=auto-delete=yes,boot=yes,device-name=instance-template-1,image=projects/debian-cloud/global/images/debian-11-bullseye-v20230411,mode=rw,size=10,type=projects/$GCP_PROJECT_ID/zones/us-central1-a/diskTypes/pd-balanced --no-shielded-secure-boot --shielded-vtpm --shielded-integrity-monitoring --labels=ec-src=vm_add-gcloud --reservation-affinity=any
Using Terraform
# This code is compatible with Terraform 4.25.0 and versions that are backward compatible to 4.25.0.
# For information about validating this Terraform code, see https://developer.hashicorp.com/terraform/tutorials/gcp-get-started/google-cloud-platform-build#format-and-validate-the-configuration
resource "google_compute_instance" "jenkins-server-1" {
boot_disk {
auto_delete = true
device_name = "instance-template-1"
initialize_params {
image = "projects/debian-cloud/global/images/debian-11-bullseye-v20230411"
size = 10
type = "pd-balanced"
}
mode = "READ_WRITE"
}
can_ip_forward = false
deletion_protection = false
enable_display = false
labels = {
ec-src = "vm_add-tf"
}
machine_type = "e2-medium"
metadata = {
startup-script = "sudo apt update\nsudo apt install git -y\nsudo apt install openjdk-11-jre -y\ncurl -fsSL https://pkg.jenkins.io/debian-stable/jenkins.io-2023.key | sudo tee \\\n /usr/share/keyrings/jenkins-keyring.asc > /dev/null\necho deb [signed-by=/usr/share/keyrings/jenkins-keyring.asc] \\\n https://pkg.jenkins.io/debian-stable binary/ | sudo tee \\\n /etc/apt/sources.list.d/jenkins.list > /dev/null\nsudo apt-get update\nsudo apt-get install jenkins -y"
}
name = "jenkins-server-1"
network_interface {
access_config {
network_tier = "PREMIUM"
}
subnetwork = "projects/${var.project_id}/regions/us-central1/subnetworks/default"
}
scheduling {
automatic_restart = true
on_host_maintenance = "MIGRATE"
preemptible = false
provisioning_model = "STANDARD"
}
service_account {
email = "1008566890267-compute@developer.gserviceaccount.com"
scopes = ["https://www.googleapis.com/auth/devstorage.read_only", "https://www.googleapis.com/auth/logging.write", "https://www.googleapis.com/auth/monitoring.write", "https://www.googleapis.com/auth/service.management.readonly", "https://www.googleapis.com/auth/servicecontrol", "https://www.googleapis.com/auth/trace.append"]
}
shielded_instance_config {
enable_integrity_monitoring = true
enable_secure_boot = false
enable_vtpm = true
}
tags = ["http-server", "https-server", "jenkins"]
zone = "us-central1-a"
}
ย