by: KarolPosted on:

Self-hosted agent on Linux created in 3 minutes

Self-hosted agent on Linux In some cases is necessary, for example, you need to integrate with VNET – because the resources you want to access are not publicly accessible. This can be a storage account, container registry, or many others. Using my instruction you build and run a self-hosted agent in 3 minutes.

If you don’t want to read the full problem resolution, you can jump into GitHub for all needed commands and files: Azure Way github Azure DevOps agent

In that scenario you must:

  1. Create VNET in the same region as VNET you want to access
  2. Create a subnet in the newly created VNET, and remember to delegate the subnet to Microsoft.ContainerInstance/containerGroups
  3. Create Azure Container Registry (ACR)
  4. Build agent image and push it to Azure Container Registry
  5. Deploy your agent into created subnet using Azure Container Instances

Build and push agent image

First, you must install Azure CLI and logging using PowerShell or bash, check the instructions here https://learn.microsoft.com/en-us/cli/azure/install-azure-cli and https://learn.microsoft.com/en-us/cli/azure/authenticate-azure-cli

As you have logged you must select a proper subscription:

az account list
az account set --subscription ##SUBSCRIPTION##

In ##SUBSCRIPTION## put proper subscription guid, you can it in the “id” property.

To build your image, navigate to the console to the dockerfile directory and run:

az acr build --registry ##REGISTRY_NAME## --image adobuildagent:v1 .

Where:

##REGISTRY_NAME## is the name of your registry, without a domain. So if in portal URL for ACR is azurewayacr.azurecr.io, then the name will be just azurewayacr.

This command builds your image using Azure Container Registry, you don’t need docker installed on your machine. The image is also uploaded to ACR with tag v1.

Run agent in Azure Container Instances

Now its time to run Azure Container Instance:

az container create -g ##RESROUCE_GROUP##--registry-login-server ##ACR_URL## --registry-username ##ACR_USER## --registry-password ##ACR_USER_PASS## --name ##ACI_CONTAINER_NAME## --image ##IMAGE_ADDRESS## --vnet ##VNET_NAME## --subnet ##SUBNET_NAME## --environment-variables AZP_TOKEN=##DEVOPS_PERSONAL_TOKEN## AZP_URL=##DEVOPS_ORGANIZATION_URL##

Where

  • RESROUCE_GROUP – name of the resource group
  • ACR_URL – full URL of ACR instance
  • ACR_USER – admin name of the ACR, can be turn on “Access keys” -> “Admin user”
  • ACR_USER_PASS – password for admin user
  • ACI_CONTAINER_NAME – name of the created container, I prefer to put there e.g: ado-linux-agent-1
  • IMAGE_ADDRESS – image address contains full ACR URL and image name with tag, e.g: azurewayacr.azurecr.io/adobuildagent:v1
  • VNET_NAME – name of the VNET
  • SUBNET_NAME – subnet name, remember to choose one with proper delegation
  • DEVOPS_PERSONAL_TOKEN – personal token for ADO, check how to generate here
  • DEVOPS_ORGANIZATION_URL – organizing URL, e.g: https://dev.azure.com/myOrganiztion

After running the above command, an agent will be created and connected with the Default pool in your Azure DevOps. Remember to change the pool in your pipeline, and place it at the top of the yml file:

pool: Default

Reducing costs

If you don’t need your agnet for 24/7 then you can stop when you finish your work and run when you need it, use below commands:

az container stop --name ##ACI_CONTAINER_NAME## --resource-group ##RESROUCE_GROUP##

az container start --name ##ACI_CONTAINER_NAME## --resource-group ##RESROUCE_GROUP##

If you have any suggestions please leave a comment or use the contact form!

Leave a Reply

Your email address will not be published. Required fields are marked *