How do I integrate hosted Azure DevOps and on-Premises Octopus Deploy to automate my CI/CD pipeline

azure-devops
(Derek Campbell) #1

Hi

We are using hosted Azure DevOps and an on-premises Octopus Deploy instance, and I am struggling with my Operations team to allow inbound connections to Octopus Deploy. Is there any way to connect Azure DevOps and Octopus Deploy without opening up ports?

(Derek Campbell) #3

Hi,

The best way to achieve this would be to install a Self-Hosted Azure DevOps Agent. There is a great document on how to do this on the Microsoft website on https://docs.microsoft.com/en-us/azure/devops/pipelines/agents/v2-windows?view=azure-devops.

We’d recommend running through the installation and a configuration on a server locally on your network and install any dependencies on the server such as MSBuild etc…

The caveat here is that you will need to ensure the server hosting the agent has outbound connectivity to connect to the following URLs:

https://dev.azure.com
https://*.dev.azure.com
https://login.microsoftonline.com
https://management.core.windows.net

If you need to go through a Proxy server, then configure it in line with https://docs.microsoft.com/en-us/azure/devops/pipelines/agents/proxy?view=azure-devops&tabs=windows.

Once you have configured the agent with your dependencies, you can register it in Azure DevOps in the default pool, or as an “On-Premises” Pool or similar. I configured an example for you, and you can see it below:

If you then click in to to the On-Premises Agent, you should see your agent as connected and Online.

Once this is in place, you will need to update the location of your job to run on the On-Premises Agent/Agent Pool. To do this, browse to the Project, Select Pipelines, then select your Pipeline and select Edit.

From the Pipeline section under Tasks, select the correct Agent Pool, and then run your Pipeline, and the process should run on your On-Premises agent as below:

One thing to be aware of, make sure that under the section “Agent Job 1” step, to select inherit from the Pipeline, so that it uses the same agent for the entire step.

Run the Pipeline on the agent and ensure it works successfully, and you may need to install additional dependencies if there are any errors.

This approach will run your agent on your On-Premises server and allow you to push packages and use the Octopus Azure DevOps extension to create a release, deploy a release, etc… from inside your local network without having to open up any network ports to the Public Internet.

Please let me know how you get on.

Thanks