Building a private CI/CD pipeline with Java and Docker in the cloud as presented at OSCON 2017

whoami
Baruch Sadogursky, JFrog Developer Advocate, @jbaruch

Shownotes!
• www.jfrog.com/shownotes
– Slides
– Video (tomorrow)
– Links
– Feedback
– Raffle

Poll Time!
üHeard about Docker
üCan do the tutorial
üPoCing, playing etc.
üProduction, baby!
@jbaruch #oscon www.jfrog.com/shownotes

Union File System

Image Layers - OpenJDK

Getting Started with Docker

JFrog Artifactory + Docker

Who’s using Docker and nothing else?

The Promotion Pyramid
Development builds
Dev Integration tests
Integr. tests
Staging
Pre-Prod
Prod
Amount of builds
Build/Deploy time
Amount of
binaries

Pipeline: Quality Gates and Visibility
Source: Agile ALM, Michael Hüttermann, Manning Publications Co.

$docker build

Too easy!

That’s why.
FROM ubuntu
RUN apt-get install -y software-properties-common python
RUN apt-get install -y nodejs
RUN mkdir /var/www
ADD app.js /var/www/app.js
CMD ["/usr/bin/node", "/var/www/app.js"]
Latest version
Latest version
Latest version
Latest version

That’s why.
FROM ubuntu:14.04
RUN mkdir /var/www
Better now?

That’s why.
FROM ubuntu:4033353383af19ec179c01dda7f355a246c6adcafaf93c8f98
RUN mkdir /var/www
And now?

That’s why.
RUN mkdir /var/www
And now?What about those?

That’s why.
RUN mvn clean install
CMD ”java –jar Main.class"
What about this?

That’s why.
RUN download_random_sh*t_from_the_internet.sh
And how about this?

That’s why you don’t trust Docker

Traditional Server Pattern
http://martinfowler.com/bliki/ImmutableServer.html

Immutable Server Pattern
http://martinfowler.com/bliki/ImmutableServer.html

What’s up with the gates?!
- QA shouldn’t test dev images

- non-tested images shouldn't be
staged

- non-tested images shouldn't be
staged
- non-staged, non-tested or dev
images shouldn’t end up in
production!!!

The Anatomy of Docker Tag

Wait a second, how can I
have more than one
repository per host now?!

How can we support this?
https://host:8081/artifactory/docker-dev/busybox
https://host:8081/artifactory/docker-staging/busybox
https://host:8081/artifactory/docker-qa/busybox
https://host:8081/artifactory/docker-prod/busybox

“ONEREGISTRYPERHOSTOUGHTTOBEENOUGHFORANYBODY.”

Panic!

Virtual hosts/ports to the rescue
Registry host Tag name
docker tag host:port/busybox

https://host:port/v2/busybox

https://host:8081/artifactory/docker-dev/busybox
Virtual repository name Tag name
https://host:port/v2/busybox
Context name

server {
listen 5001;
server_name 192.168.99.100;
if ($http_x_forwarded_proto = '') {
set $http_x_forwarded_proto $scheme;
}
rewrite ^/(v1|v2)/(.*) /artifactory/api/docker/docker-dev/$1/$2;
…
}
}

But then you realize…
Wait a second, now I need
to pull, retag and push for
every step?!

Anatomy of a container

Our Layers
Application:
••.war file
Framework:
••JDK8 + Wildfly
Base:
••CentOS

Framework build
- Verified base image
- Add system dependencies
from artifactory
- JDK
- wildfly
- Own it!

Minimal Framework build Dockerfile
FROM centos:7
MAINTAINER you@yourorg.com

Application build
- Framework is your base
- Run a java build
- Add a file to base
- Done!

Application build Dockerfile
FROM yourorg-docker.jfrog.io/yourorg/framework:latest
MAINTAINER you@yourorg.com
ADD https://yourorg.jfrog.io/yourorg/java-release-local/…/app-[RELEASE].war
/opt/jboss/wildfly/standalone/deployments/app.war

Framework Pipeline
Application Pipeline

Q&A Time!
• www.jfrog.com/shownotes
– Slides
– Video (tomorrow)
– Links
– Feedback
– Raffle
• http://swampUP.jfrog.com
– Devops and JFrog leaders
– Devops and JFrog content
– Napa Valley in May!

Building a private CI/CD pipeline with Java and Docker in the cloud as presented at OSCON 2017

More Related Content

What's hot

Similar to Building a private CI/CD pipeline with Java and Docker in the cloud as presented at OSCON 2017

More from Baruch Sadogursky

Recently uploaded

Building a private CI/CD pipeline with Java and Docker in the cloud as presented at OSCON 2017