Thursday, March 4, 2021

How to upload Docker images to Azure Container Registry | Hosting Docker images in Azure Container Registry

Azure Container Registry is a managed, private docker registry service. You can create and maintain Azure container registries to store and manage your private Docker container images.

It is alternative to Docker Hub. Azure Container Registry allows you to build, store, and manage container images and artifacts in a private registry for all types of container deployments.

Let us see how to upload a docker images from your VM into ACR.

Watch the steps below in YouTube channel:


Pre-requisites:
Make sure you have docker installed on your VM.
 
Step 1 - Create Azure Container Registry (ACR)

Go to https://portal.azure.com/
Create a Resource, Give container registry as a name

Click on Create

  
Enter values as mentioned below:
Give registry name, resource group and choose Enable admin user and SKU as Basic 



 Click on Review and then create, now your container registry is been created.

Step 2 - Download sample Python App

Go to your machine where you have docker images stored. perform below command to download sample pythonapp which is already dockerized.
 
git clone https://bitbucket.org/ananthkannan/mydockerrepo/src/master/pythonApp/ 

cd  pythonApp/pythonApp

Step 3 - Create docker image

docker build . -t mypythonapp

type below command:
sudo docker images

this should show docker images you have created locally.

Now go to ACR, click on docker registry you created. Click on access keys under Settings.


Copy value under login server 
Login to Azure Container Registry through command line.
sudo docker login mydockerazureregistry.azurecr.io
Username: mydockerazureregistry

Enter password by copying value below password


Step 4 - Tag and Push your docker image to ACR
Now tag the docker image per as below:
sudo docker tag mypythonapp mydockerazureregistry.azurecr.io/mypythonapp

sudo docker push mydockerazureregistry.azurecr.io/mypythonapp


That's it..Docker image is pushed into ACR. 
You can see the Docker image uploaded under Services--> repositories


Wednesday, March 3, 2021

Deploy Springboot Microservices App into Amazon EKS Cluster using Jenkins Pipeline | Containerize Springboot App and Deploy into EKS Cluster using Jenkins Pipeline

We will learn how to automate Docker builds using Jenkins and Deploy into AWS EKS - Kubernetes Cluster. 

We will use Springboot Microservices based Java application. I have already created a repo with source code + Dockerfile. The repo also have Jenkinsfile for automating the following:

- Automating builds using Jenkins
- Automating Docker image creation
- Automating Docker image upload into Docker Hub
- Automating Deployments to Kubernetes Cluster
 
 

Please watch the above steps in YouTube channel:
 
Pre-requisites:
1. Amazon EKS Cluster is setup and running. Click here to learn how to create Amazon EKS cluster.
3. Setup Jenkins slave, install docker in it.
4. Docker, Docker pipeline and Kubernetes Deploy plug-ins are installed in Jenkins



5. Docker hub account setup in https://cloud.docker.com
6. Install kubectl on your instance


Step #1 -Make sure Jenkins can run Docker builds after validating per pre-requisites

Step #2 - Create Credentials for Docker Hub
Go to Jenkins UI, click on Credentials -->


Click on Global credentials
Click on Add Credentials


Now Create an entry for your Docker Hub account. Make sure you enter the ID as dockerhub

Step #3 - Create Credentials for Kubernetes Cluster
Click on Add Credentials, use Kubernetes configuration from drop down.


execute the below command to get kubeconfig info, copy the entire content of the file:
sudo cat ~/.kube/config


Enter ID as K8S and choose enter directly and paste the above file content and save.

Step #4 - set a clusterrole as cluster-admin

By default, clusterrolebinding has system:anonymous set which blocks the cluster access. Execute the following command to set a clusterrole as cluster-admin which will give you the required access.

kubectl create clusterrolebinding cluster-system-anonymous --clusterrole=cluster-admin --user=system:anonymous

Step # 5 - Create a pipeline in Jenkins
Create a new pipeline job.


Step # 6 - Copy the pipeline code from below
Make sure you change red highlighted values below:
Your docker user id should be updated.
your registry credentials ID from Jenkins from step # 1 should be copied

node ("slave") {
  def image
  def mvnHome = tool 'Maven3'
     stage ('checkout') {
        checkout([$class: 'GitSCM', branches: [[name: '*/master']], doGenerateSubmoduleConfigurations: false, extensions: [], submoduleCfg: [], userRemoteConfigs: [[credentialsId: '', url: 'https://bitbucket.org/ananthkannan/myawesomeangularapprepo/']]])      
        }
   
    stage ('Build') {
            sh 'mvn -f MyAwesomeApp/pom.xml clean install'           
        }
       
       
    stage ('Docker Build') {
         // Build and push image with Jenkins' docker-plugin
            withDockerRegistry([credentialsId: "dockerhub", url: "https://index.docker.io/v1/"]) {
            image = docker.build("akdevopscoaching/mywebapp", "MyAwesomeApp")
            image.push()    
            }
        }

      stage ('K8S Deploy') {
       
                kubernetesDeploy(
                    configs: 'MyAwesomeApp/springboot-lb.yaml',
                    kubeconfigId: 'K8S',
                    enableConfigSubstitution: true
                    )           
        }
}

Step # 7 - Build the pipeline
Once you create the pipeline and changes values per your Docker user id and credentials ID, click on 


Step # 8 - Verify deployments to K8S

kubectl get pods



kubectl get deployments

kubectl get services



Steps # 9 - Access SpringBoot App in K8S cluster
Once build is successful, go to browser and enter master or worker node public ip address along with port number mentioned above
http://master_or_worker_node_public_ipaddress:port_no_from_above

You should see page like below:




How to Configure GitHub Advanced Security for Azure DevOps | How to Perform Security scan for Azure Repos using GitHub Advanced Security

GitHub Advanced Security for Azure DevOps brings the  secret scanning, dependency scanning  and  CodeQL code scanning  solutions already ava...