Welcome to the blog series OpenShift A-Z. If you are new here, please refer to my first blogpost OpenShift A-Z
In this blogpost we will take an real world use case and try to configure an CICD pipeline for a sample app. You may refer this as a step-by-step tutorial to achieve it.
Use case
In the use case for this demonstration, a developer wants to deploy a new CICD pipeline to manage and monitor the application development life cycle.
- In this scenario, the application goes through different stages and moves between them up to the production stage.
- Production deployments happen with an user's manual acceptance.
Following diagram shows the overall workflow that we are going to achieve.
1. Prerequisite to implement this demo
This demonstration requires preparation before the demonstration can start.
Please note the following:
1.1. Install Command Line Tools
- You can download OpenShift Command Line Tools from OpenShift web console.
- Unpack the file and copy the extracted oc file to /usr/bin
- You can test your ability to authenticate to OpenShift with the CLI tool:
$export REGION="na" ; export USERNAME=<your-username>
$ oc login https://master.${REGION}.openshift.opentlc.com:443 --username ${USERNAME}
Username:<your-username>
Password: **********
$ oc login https://master.${REGION}.openshift.opentlc.com:443 --username ${USERNAME}
Username:<your-username>
Password: **********
Login successful.
1.2. Create Projects for Demonstration
- Create a few projects for your demonstration:
#GUID=youruniquename
GUID=mydemo
oc new-project pipeline-${GUID}-dev --description="Cat of the Day Development Environment" --display-name="Cat Of The Day - Dev"
oc new-project pipeline-${GUID}-test --description="Cat of the Day Testing Environment" --display-name="Cat Of The Day - Test"
oc new-project pipeline-${GUID}-prod --description="Cat of the Day Production Environment" --display-name="Cat Of The Day - Prod"
GUID=mydemo
oc new-project pipeline-${GUID}-dev --description="Cat of the Day Development Environment" --display-name="Cat Of The Day - Dev"
oc new-project pipeline-${GUID}-test --description="Cat of the Day Testing Environment" --display-name="Cat Of The Day - Test"
oc new-project pipeline-${GUID}-prod --description="Cat of the Day Production Environment" --display-name="Cat Of The Day - Prod"
- Display your created projects:
oc get projects
Sample Output
oc get projects
NAME DISPLAY NAME STATUS
pipeline-mydemo-dev Cat Of The Day - Dev Active
pipeline-mydemo-prod Cat Of The Day - Prod Active
pipeline-mydemo-test Cat Of The Day - Test Active
NAME DISPLAY NAME STATUS
pipeline-mydemo-dev Cat Of The Day - Dev Active
pipeline-mydemo-prod Cat Of The Day - Prod Active
pipeline-mydemo-test Cat Of The Day - Test Active
- Switch back to your dev project where most of the work needs to be done:
oc project pipeline-${GUID}-dev
1.3. Deploy the CICD Environment
- Deploy Jenkins to control your builds and deployment pipeline:
oc new-app jenkins-persistent -n pipeline-${GUID}-dev
Sample Output
--> Deploying template "jenkins-persistent" in project "openshift" for "jenkins-persistent"
With parameters:
Jenkins Service Name=jenkins
Jenkins JNLP Service Name=jenkins-jnlp
Jenkins Password=openshiftpipelines
Memory Limit=512Mi
Volume Capacity=1Gi
Jenkins ImageStream Namespace=openshift
Jenkins ImageStreamTag=jenkins:latest
--> Creating resources ...
route "jenkins" created
persistentvolumeclaim "jenkins" created
deploymentconfig "jenkins" created
serviceaccount "jenkins" created
rolebinding "jenkins_edit" created
service "jenkins-jnlp" created
service "jenkins" created
--> Success
Run 'oc status' to view your app.
With parameters:
Jenkins Service Name=jenkins
Jenkins JNLP Service Name=jenkins-jnlp
Jenkins Password=openshiftpipelines
Memory Limit=512Mi
Volume Capacity=1Gi
Jenkins ImageStream Namespace=openshift
Jenkins ImageStreamTag=jenkins:latest
--> Creating resources ...
route "jenkins" created
persistentvolumeclaim "jenkins" created
deploymentconfig "jenkins" created
serviceaccount "jenkins" created
rolebinding "jenkins_edit" created
service "jenkins-jnlp" created
service "jenkins" created
--> Success
Run 'oc status' to view your app.
- You can login to Jenkins with OpenShift
- Enable the Jenkins service account to manage resources in the pipeline-${GUID}-test and pipeline-${GUID}-prod projects:
oc policy add-role-to-user edit system:serviceaccount:pipeline-${GUID}-dev:jenkins -n pipeline-${GUID}-test
oc policy add-role-to-user edit system:serviceaccount:pipeline-${GUID}-dev:jenkins -n pipeline-${GUID}-prod
oc policy add-role-to-user edit system:serviceaccount:pipeline-${GUID}-dev:jenkins -n pipeline-${GUID}-prod
- Enable the pulling of images from the pipeline-${GUID}-dev project to the pipeline-${GUID}-test and pipeline-${GUID}-prod projects:
oc policy add-role-to-group system:image-puller system:serviceaccounts:pipeline-${GUID}-test -n pipeline-${GUID}-dev
oc policy add-role-to-group system:image-puller system:serviceaccounts:pipeline-${GUID}-prod -n pipeline-${GUID}-dev
oc policy add-role-to-group system:image-puller system:serviceaccounts:pipeline-${GUID}-prod -n pipeline-${GUID}-dev
1.4. Deploy Mock Applications
- Before creating a pipeline, let’s try deploying an sample application by ourselves.
- Deploy the "Cat of The Day" (cotd) application in the dev project:
oc new-app https://github.com/swapnildahiphale/cotd.git -n pipeline-${GUID}-dev
- You can check logs of this build with:
oc logs -f build/cotd-1 -n pipeline-${GUID}-dev - Check that the build has completed and tag the image:
oc tag cotd:latest cotd:testready -n pipeline-${GUID}-dev
oc tag cotd:testready cotd:prodready -n pipeline-${GUID}-dev
oc tag cotd:testready cotd:prodready -n pipeline-${GUID}-dev
- Check the image stream to see that the tags were created:
oc describe is cotd -n pipeline-${GUID}-dev
Name: cotd
Created: About an hour ago
Labels: app=cotd
Annotations: openshift.io/generated-by=OpenShiftNewApp
Docker Pull Spec: 172.30.99.85:5000/pipeline-mydemo-dev/cotd
Tag Spec Created PullSpec Image
latest <pushed> About an hour ago 172.30.99.85:5000/pipeline-mydemo-dev/cotd@sha256:21c16f04309942... <same>
prodready cotd@sha256:21c16f04309942... About an hour ago 172.30.99.85:5000/pipeline-mydemo-dev/cotd@sha256:21c16f04309942... <same>
testready cotd@sha256:21c16f04309942... About an hour ago 172.30.99.85:5000/pipeline-mydemo-dev/cotd@sha256:21c16f04309942... <same>
Name: cotd
Created: About an hour ago
Labels: app=cotd
Annotations: openshift.io/generated-by=OpenShiftNewApp
Docker Pull Spec: 172.30.99.85:5000/pipeline-mydemo-dev/cotd
Tag Spec Created PullSpec Image
latest <pushed> About an hour ago 172.30.99.85:5000/pipeline-mydemo-dev/cotd@sha256:21c16f04309942... <same>
prodready cotd@sha256:21c16f04309942... About an hour ago 172.30.99.85:5000/pipeline-mydemo-dev/cotd@sha256:21c16f04309942... <same>
testready cotd@sha256:21c16f04309942... About an hour ago 172.30.99.85:5000/pipeline-mydemo-dev/cotd@sha256:21c16f04309942... <same>
- Deploy the cotd application in the test and prod projects:
oc new-app pipeline-${GUID}-dev/cotd:testready --name=cotd -n pipeline-${GUID}-test
oc new-app pipeline-${GUID}-dev/cotd:prodready --name=cotd -n pipeline-${GUID}-prod
oc new-app pipeline-${GUID}-dev/cotd:prodready --name=cotd -n pipeline-${GUID}-prod
- Create routes for all three applications:
oc expose service cotd -n pipeline-${GUID}-dev
oc expose service cotd -n pipeline-${GUID}-test
oc expose service cotd -n pipeline-${GUID}-prod
oc expose service cotd -n pipeline-${GUID}-test
oc expose service cotd -n pipeline-${GUID}-prod
- Disable automatic deployment for all deployment configurations in your demonstration:
oc get dc cotd -o yaml -n pipeline-${GUID}-dev | sed 's/automatic: true/automatic: false/g' | oc replace -f -
oc get dc cotd -o yaml -n pipeline-${GUID}-test| sed 's/automatic: true/automatic: false/g' | oc replace -f -
oc get dc cotd -o yaml -n pipeline-${GUID}-prod | sed 's/automatic: true/automatic: false/g' | oc replace -f -
oc get dc cotd -o yaml -n pipeline-${GUID}-test| sed 's/automatic: true/automatic: false/g' | oc replace -f -
oc get dc cotd -o yaml -n pipeline-${GUID}-prod | sed 's/automatic: true/automatic: false/g' | oc replace -f -
2. Demonstrate OpenShift Pipelines Integration
Before you continue, verify that Jenkins is deployed and make sure you can connect to the Jenkins Web Interface, to find out the route you can use:
oc get routes -n pipeline-${GUID}-dev
CICD Build Config Pipeline
apiVersion: v1
kind: BuildConfig
metadata:
name: pipeline-demo
namespace: pipeline-mydemo-dev
selfLink: /oapi/v1/namespaces/pipeline-mydemo-dev/buildconfigs/pipeline-demo
uid: 0a7eb238-83eb-11e7-bbc1-0682973451aa
resourceVersion: '12249059'
creationTimestamp: '2017-08-18T07:58:37Z'
spec:
triggers:
- type: GitHub
github:
secret: 5Mlic4Le
- type: Generic
generic:
secret: FiArdDBH
runPolicy: Serial
source:
type: None
strategy:
type: JenkinsPipeline
jenkinsPipelineStrategy:
jenkinsfile: |
node {
withEnv(['GUID=mydemo']) {
stage ("Build")
echo '*** Build Starting ***'
openshiftBuild bldCfg: 'cotd', buildName: '', checkForTriggeredDeployments: 'false', commitID: '', namespace: '', showBuildLogs: 'true', verbose: 'true'
openshiftVerifyBuild bldCfg: 'cotd', checkForTriggeredDeployments: 'false', namespace: '', verbose: 'false'
echo '*** Build Complete ***'
stage ("Deploy and Verify in Development Env")
echo '*** Deployment Starting ***'
openshiftDeploy depCfg: 'cotd', namespace: '', verbose: 'false', waitTime: ''
openshiftVerifyDeployment authToken: '', depCfg: 'cotd', namespace: '', replicaCount: '1', verbose: 'false', verifyReplicaCount: 'false', waitTime: ''
echo '*** Deployment Complete ***'
echo '*** Service Verification Starting ***'
openshiftVerifyService apiURL: 'https://openshift.default.svc.cluster.local', authToken: '', namespace: 'pipeline-${GUID}-dev', svcName: 'cotd', verbose: 'false'
echo '*** Service Verification Complete ***'
openshiftTag(srcStream: 'cotd', srcTag: 'latest', destStream: 'cotd', destTag: 'testready')
stage ('Deploy and Test in Testing Env')
echo '*** Deploy testready build in pipeline-${GUID}-test project ***'
openshiftDeploy apiURL: 'https://openshift.default.svc.cluster.local', authToken: '', depCfg: 'cotd', namespace: 'pipeline-${GUID}-test', verbose: 'false', waitTime: ''
openshiftVerifyDeployment apiURL: 'https://openshift.default.svc.cluster.local', authToken: '', depCfg: 'cotd', namespace: 'pipeline-${GUID}-test', replicaCount: '1', verbose: 'false', verifyReplicaCount: 'false', waitTime: '10'
sh 'curl http://cotd-pipeline-${GUID}-test.apps.na1.openshift.opentlc.com/data/ | grep cats -q'
stage ('Promote and Verify in Production Env')
echo '*** Waiting for Input ***'
input 'Should we deploy to Production?'
openshiftTag(srcStream: 'cotd', srcTag: 'testready', destStream: 'cotd', destTag: 'prodready')
echo '*** Deploying to Production ***'
openshiftDeploy apiURL: 'https://openshift.default.svc.cluster.local', authToken: '', depCfg: 'cotd', namespace: 'pipeline-${GUID}-prod', verbose: 'false', waitTime: ''
openshiftVerifyDeployment apiURL: 'https://openshift.default.svc.cluster.local', authToken: '', depCfg: 'cotd', namespace: 'pipeline-${GUID}-prod', replicaCount: '1', verbose: 'false', verifyReplicaCount: 'false', waitTime: '10'
sleep 10
sh 'curl http://cotd-pipeline-${GUID}-prod.apps.na1.openshift.opentlc.com/data/ | grep cats -q'
}
}
output: {}
resources: {}
postCommit: {}
nodeSelector: null
status:
lastVersion: 1
Method 1: Use the command line from any host with the OpenShift client:
- Create a file with the contents of the Build Config pipeline sample above.
- Use the oc create -f FILENAME.yaml command to create the Build Config pipeline.
Method 2: Use the OpenShift web console.
- Log in to the OpenShift web console.
- Select your dev project and click Add to Project.
- Select the Import YAML/JSON tab, paste the Build Config pipeline text in the text box and click Create:
Test the New Pipeline
Go to Builds > Pipelines > Start Pipeline
Whats happening in the pipeline?
- Build: OpenShift builds and verifies a successful build.
- Deploy and Verify in Development Env: OpenShift deploys the latest application in the development project, verifies that the container and service were deployed correctly, and tags the image as "testready".
- Deploy and Test in Testing Env: OpenShift deploys the image tagged "testready" in the testing project, runs different integration tests—in this case, just a cURL command—and tags the image as "prodready" if all tests pass.
- Promote and Verify in Production Env: OpenShift waits for a manual approval from authorized user, then deploys and verifies the container and service in the production project.
Successfull deployment:
Conclusion
In this tutorial, we went through the setup of complete CICD pipeline with jenkins and OpenShift.
May the PaaS be with you.
May the PaaS be with you.
Reference: Red Hat DELIVERY SPECIALIST - PLATFORM-AS-A-SERVICE Training.
Great, this article is quite awesome and I have bookmarked this page for my future reference. Keep blogging like this with the latest info.
ReplyDeleteDevOps course in Chennai
Best DevOps Training in Chennai
AWS Training in Chennai
AWS Certification in Chennai
Cloud Computing Courses in Chennai
Cloud Training in chennai
AWS Training in Anna Nagar
DevOps Training in Chennai
Please remove this copyrighted content.
ReplyDeleteGreat Article
ReplyDeleteIEEE Projects on Cloud Computing
Final Year Projects for CSE
JavaScript Training in Chennai
JavaScript Training in Chennai