Creating Pipelines
Create your container registry
After you open the Registry page, select the region as Dallas.
Go to the Namespaces tab.
Click to Create button, and name it
jenkins-workshop-<unique-name>.Namespace names should be unique across the region.
Create apikey for container registry
Go to Cloud Shell Tab. Click to
+sign to open a new session.Look on the top right and be sure that
Location is Dallas
Current account is your personal account (not DevAdv account)
If it is not, login with
ibmcloud login -a cloud.ibm.com -r us-souththen enter your ibm cloud email and password. Select the first account (your personal account, the one does not includes IBM)
Enter
ibmcloud targetto be sure. You should see your personal account's name and us-south region.Enter
ibmcloud iam api-key-create container-registry-keyCopy the apikey and note it to a notepad. (write container registry to not forget for which task you created it)
The infos we will need are:
us-south for region (us.icr.io)
jenkins-workspace as namespace name
apikey to access registry
Create apikey for kubernetes access
Open new terminal session
login with
ibmcloud login -a cloud.ibm.com -r us-souththen enter your ibm cloud email and password again. This time select IBM provided account.Enter
ibmcloud iam api-key-create container-registry-keyCopy the apikey and note it to a notepad. (write kubernetes to not forget for which task you created it)
Create kubernetes secrets
We will need 3 secrets to use in our pipeline
Secret for pushing to container registry
Secret for kubernetes deployment
Secret for pulling image to kubernetes
Open a new terminal in IBM Cloud shell.
Check targeted account, if it is the one provided from IBM, you don't need to login. If it is not, login as explained above.
Access to your cluster as explained in here.
To create the secret for pushing images:
This secret will be used when configuring private registry access in jenkins job.
kubectl create secret generic icr-apikey \
--from-literal apikey=<replace_your_api_key_for_registry> --namespace jenkinsTo create secret for kubernetes deployment
This secret will be used when configuring kubernetes cluster in jenkins job.
kubectl create secret generic ibmc-apikey \
--from-literal apikey=<replace_your_api_key_for_kubernetes> --namespace jenkinsTo create secret for pulling images
This secret will be added to default namespace and will be use inn pod template. When pod tries to pull the image from your private registry, it will use this secret.
kubectl create secret docker-registry icr-pull
--docker-server=us.icr.io \
--docker-username=iamapikey \
--docker-password=<replace_your_api_key_for_registry> \
--docker-email=<replace_your_ibm_cloud_email>Login to Jenkins
Go to Jenkins server tab that we have opened in the first section. If you have closed accidentally, Open you IBM Cloud Shell tab, press the eye button and then click to 8080.
Username is :
adminPassword is : you have wrote it down in the first section.
Create a new pipeline
On the left menu, you will see New Item. Click on that item.
Enter your pipeline name.
Select Pipeline item below
Click OK.
The options on the pipelines are not these workshop's topic. Scroll down to Pipeline section.
Here we will write our Jenkins script.
Since we are using Kubernetes, we will use kubernetes plugin. This is already installed and configured. We will check it after creating the pipeline.
First of all, we will define a PodTemplate.
This template will describe the pod that will be created by Jenkins.
podTemplate(
cloud: 'kubernetes',
label: 'workshop',
containers: [
containerTemplate(
name: 'nodejs',
image:'node:alpine',
ttyEnabled: true,
alwaysPullImage: false
),
containerTemplate(
name: 'build',
image: 'volaka/ibm-cloud-cli:1.2.1',
ttyEnabled: true,
alwaysPullImage: false,
envVars: [
secretEnvVar(
key: 'REGISTRY_TOKEN',
secretName: 'icr-apikey',
secretKey: 'apikey'
)
]
),
containerTemplate(
name: 'deploy',
image: 'volaka/ibm-cloud-cli:1.2.1',
ttyEnabled: true,
alwaysPullImage: false,
envVars: [
secretEnvVar(
key: 'IBMCLOUD_TOKEN',
secretName: 'ibmc-apikey',
secretKey: 'apikey'
)
]
),
],
volumes: [
hostPathVolume(
mountPath: '/var/run/docker.sock',
hostPath: '/var/run/docker.sock'
)
]
)Cloud: kubernetes. This is preconfigured for us in the jenkins installation. We will show this configuration after the pipeline.
Label: This is the tracking mechanism in Jenkins. We will target this pod later in the pipeline using this label.
Containers: this is the section we define containers in the pod. It uses ContainerTemplate
volumes: Volume binding configuration in kubernetes pod spec. Binding docker socket to pod so we can build docker containers in build stage.
Targeting the pod and tell Jenkins to create a pod
podTemplate(...)
{
node('workshop') {
...
}
}node script tells jenkins to target a pod. "workshop" is the label that we want jenkins to create for this pipeline.
Now, we will create our Test stage
podTemplate(...)
{
node('workshop') {
stage('Test') {
git url: 'https://github.com/volaka/jenkins-nodejs-app.git'
container('nodejs') {
sh 'npm install'
sh 'npm run test'
}
}
}
}stage: we define the stage name here.
git url: this script helps us to clone the git repo to our workdir.
container: we tell which container will be used for this stage. this is one of the containers we defined in podTemplate. We use the name info of the container
Now let's add Build Stage
podTemplate(...)
{
node("workshop") {
stage('Test') {
...
}
stage('Build') {
git url: 'https://github.com/volaka/jenkins-nodejs-app.git'
container('build') {
sh 'ibmcloud login -a cloud.ibm.com -r us-south --apikey ${REGISTRY_TOKEN}'
sh 'ibmcloud cr login'
sh 'ibmcloud cr build -t us.icr.io/<replace_your_namespace/<replace_your_image_name>:${BUILD_ID} .'
}
}
}
}In this container, we are using a special container created for ibmcloud cli automation. More detailed info is here.
sh 'ibmcloud login -a cloud.ibm.com -rus-south--apikey ${REGISTRY_TOKEN}'just be sure with the region. This region is the one your container registry is created in.sh 'ibmcloud cr build -tus.icr.io/volaka/application:${BUILD_ID} .'just be sure with the registry address. You can find more information about regions and urls in container registry docs.
Now let's Deploy our application to Kubernetes
podTemplate(...)
{
node("workshop") {
stage('Test') {
...
}
stage('Build') {
...
}
stage('Deploy') {
git url: 'https://github.com/volaka/jenkins-nodejs-app.git'
container('deploy') {
sh 'ibmcloud login -a cloud.ibm.com -r us-south --apikey ${IBMCLOUD_TOKEN}'
sh 'ibmcloud ks cluster config --cluster <replace_your_cluster_name>'
sh 'sed -i "s~^\\([[:blank:]]*\\)image:.*$~\\1image: us.icr.io/<replace_your_namespace>/<your_application_name>:${BUILD_ID}~" deployment.yml'
sh 'kubectl apply -f deployment.yml -n default'
sh 'kubectl get svc -n jenkins'
}
}
}
}Don't forget to check your region in login command. This is the region your kubernetes cluster is created in.
Replace your cluster name in the second command.
Check those parameters in third command. sed command replaces the appropriate line with your image name.
us.icr.io (your image registry, where you pushed in build stage)
your registry namespace
your application name.
Fourth command applies the deployment.yml to your kubernetes cluster and deploys your application.
Final version of the file
You should have something similar to the following file
podTemplate(
cloud: 'kubernetes',
label: 'workshop',
containers: [
containerTemplate(
name: 'nodejs',
image:'node:alpine',
ttyEnabled: true,
alwaysPullImage: false
),
containerTemplate(
name: 'build',
image: 'volaka/ibm-cloud-cli:1.2.1',
ttyEnabled: true,
alwaysPullImage: false,
envVars: [
secretEnvVar(
key: 'REGISTRY_TOKEN',
secretName: 'icr-volaka',
secretKey: 'apikey'
)
]
),
containerTemplate(
name: 'deploy',
image: 'volaka/ibm-cloud-cli:1.2.1',
ttyEnabled: true,
alwaysPullImage: false,
envVars: [
secretEnvVar(
key: 'IBMCLOUD_TOKEN',
secretName: 'ic20',
secretKey: 'apikey'
)
]
),
],
volumes: [
hostPathVolume(
mountPath: '/var/run/docker.sock',
hostPath: '/var/run/docker.sock'
)
]
)
{
node('workshop') {
stage('Test') {
git url: 'https://github.com/volaka/jenkins-nodejs-app.git'
container('nodejs') {
sh 'npm install'
sh 'npm run test'
}
}
stage('Build') {
git url: 'https://github.com/volaka/jenkins-nodejs-app.git'
container('build') {
sh 'ibmcloud login -a cloud.ibm.com -r eu-de --apikey ${REGISTRY_TOKEN}'
sh 'ibmcloud cr login'
sh 'ibmcloud cr build -t de.icr.io/volaka/jenkins-app:${BUILD_ID} .'
}
}
stage('Deploy') {
git url: 'https://github.com/volaka/jenkins-nodejs-app.git'
container('deploy') {
sh 'ibmcloud login -a cloud.ibm.com -r eu-de --apikey ${IBMCLOUD_TOKEN}'
sh 'ibmcloud ks cluster config --cluster volaka-k8s'
sh 'sed -i "s~^\\([[:blank:]]*\\)image:.*$~\\1image: de.icr.io/volaka/jenkins-app:${BUILD_ID}~" deployment.yml'
sh 'kubectl apply -f deployment.yml -n default'
sh 'kubectl get svc -n jenkins'
}
}
}
}Let's control our application
Go to your Kubernetes Cluster overview page in IBM Cloud Web.
Select your cluster.
Go to worker nodes tab from the left menu and copy the public ip.
Open the Kubernetes Dashboard to look for the service port.
In my case, I can access to my application via 169.50.53.68:31978
Last updated
Was this helpful?