Continuous Delivery in Enterprise Environments using Docker, Ansible and Jenkins_
Dennis Schulte, Marcel Birkner codecentric AG 2 Our Project Experience
3 Our experiences using Docker_
Build/Test/Deployment Getting Started with Docker Infrastructure
Standardization, Conformity, Compliance JBoss / Java EE (Security)
Microservices, Lightweight, Technology Dashboard Flexibility
Greenfield Enterprise Speed, Flexibility, Duplicated Environments
20 % Learning / using new technologies
4 Our experiences using Docker_
Build/Test/Deployment Getting Started with Docker Infrastructure
Standardization, Conformity, Compliance JBoss / Java EE (Security)
Microservices, Lightweight, Technology Dashboard Flexibility
Greenfield Enterprise Speed, Flexibility, Duplicated Environments
20 % Learning / using new technologies
5 JBoss / Java EE_
CI/CD Pipeline
Jenkins GitLab SonarQube Nexus SeleniumHub
Applications Backend
JBoss EE JBoss EE JBoss EE JBoss EE JBoss EE DB2
JBoss EE JBoss EE JBoss EE JBoss EE JBoss EE ERP
JBoss EE JBoss EE JBoss EE JBoss EE JBoss EE LDAP
JBoss EE JBoss EE JBoss EE JBoss EE JBoss EE IMS
Platform Vagrant VMWare Our experiences using Docker_
Build/Test/Deployment Getting Started with Docker Infrastructure
Standardization, Conformity, Compliance JBoss / Java EE (Security)
Microservices, Lightweight, Technology Dashboard Flexibility
Greenfield Enterprise Speed, Flexibility, Duplicated Environments
20 % Learning / using new technologies
7 Dashboard_
CI/CD Pipeline
Jenkins SonarQube Nexus SeleniumHub GitHub EE
Application Backend
ReactJS Spring Boot Cassandra Spring Boot JIRA
AngularJS Scala Postgres Spring Boot WordPress
Static HTML NodeJS SpringBatch Keycloak Xing
ReactJS Neo4J JBoss EE Nginx IMS
Platform OpenStack Our experiences using Docker_
Build/Test/Deployment Getting Started with Docker Infrastructure
Standardization, Conformity, Compliance JBoss / Java EE (Security)
Microservices, Lightweight, Technology Dashboard Flexibility
Greenfield Enterprise Speed, Flexibility, Duplicated Environments
20 % Learning / using new technologies
9 Greenfield Enterprise_
CI/CD Pipeline
Jenkins SonarQube Nexus SeleniumHub GitHub EE
Application Backend
WebServices Spring Boot ReactJS Spring Boot DB2 Admin
Oracle Nginx Postgres SpringBatch SpringBatch SpringBatch SpringBatch SpringBatch SAP SpringBatch Spring Boot SpringBatch HSQL SpringBatch
LDAP
Platform Vagrant OpenStack VMWare INFRASTRUCTURE AS CODE
11 WRITE, PLAN, AND CREATE INFRASTRUCTURE AS CODE
12 Infrastructure Automation_
Platform Compute JBoss EE Instances
OpenStack Compute Spring Boot AWS Instances
VMWare Compute Instances ReactJS
Compute Neo4j Instances
13 Terraform :: Define Region & SSH Key Pair_
14 Terraform :: Define Security Group_
15 Terraform :: Define Resource_
16 Terraform :: Roll out_
• terraform plan • terraform apply
17 APP DEPLOYMENT, CONFIGURATION MANAGEMENT AND ORCHESTRATION
18 Infrastructure Automation_
Platform Compute JBoss EE Instances
OpenStack Compute Spring Boot AWS Instances
VMWare Compute Instances ReactJS
Compute Neo4j Instances
19 Ansible :: CD Infrastructure Provisioning_
CI/CD Pipeline
Jenkins GitLab SonarQube Nexus SeleniumHub
• ansible-playbook site.yml
20 Ansible :: Jenkins Role (directory listing)_
21 Ansible :: Jenkins Role (Ansible Task Excerpt)_
22 Ansible :: Application Provisioning_
Application
ReactJS Spring Boot Postgres
• ansible-playbook site.yml
23 Ansible :: Spring Boot Role (excerpt)_
24 Ansible :: Application Deployment_
ReactJS Spring Boot Postgres
• ansible-playbook deploy-example-application.yml --extra-vars "version=1.0.0"
• ansible-playbook undeploy-example-application.yml
25 Ansible :: Infrastructure Repository :: Inventory & Playbooks_
Environment specific settings { Ansible Playbooks & Settings {
26 Continuous Delivery using Docker
27 Software Development Process_
Prod Developer Build and Release Deployment Spring Boot
Nexus
Staging
GitLab Jenkins Docker Registry Jenkins Spring Boot
SonarQube Test GitLab Spring Boot
SeleniumHub
Dev
Spring Boot
28 Live Demo
29 Demo :: Links_
Tool URL Credentials
Jenkins http://jenkins.example.local OpenLDAP
Nexus http://nexus.example.local OpenLDAP
SonarQube http://sonarqube.example.local OpenLDAP
Gitlab http://git.example.local OpenLDAP
Docker Registry http://docker.example.local:5000/v2/_catalog no login required
Testserver http://testserver.example.local:8080 no login required
30 Jenkins :: Docker Images Build Jobs_
31 Jenkins :: Example App Build & Deploy Jobs_
32 Jenkins :: Application Deployment Job_
33 Jenkins :: Example Spring Boot Application_
34 Demo End
35 Docker :: Image Hierarchy_
centos:7
jdk:8 jre:8
example-application: jenkins-master:LTS nexus:LTS sonarqube:LTS example-application: example-application:1.0.0 example-application:1.0.0 example-application:1.0.0 1.0.0 36 1.0.0 Docker :: JRE & Example Application Dockerfile_
jre:8
example-application: 1.0.0
37 Docker :: Image Hierarchy :: JBoss Migration_
rhel:7.2
jdk:8 jre:8
jenkins-master:LTS nexus:LTS sonarqube:LTS eap:6.4
jboss-application: jboss-application: jboss-application: 1.0.0 1.1.0 1.2.0 Docker :: EAP Dockerfile_
eap:6.4
39 Docker :: JBoss Dockerfile_
jboss-application:1.0.0
40 Best Practices
41 Best practices_
Automate Everything •Everything is in version control •Use Ansible inventory for environment specific information •Use Ansible Vault for secure storage for passwords •Generate Jenkins Jobs automatically via Job DSL • GitLab REST API •One Click Release & Deployments
42 Docker_
Stable Docker Setup •All application run in Docker container •Environment independent Docker images •Use latest OS version (recent Kernel) •Use fixed Docker / Ansible versions •Have a clone of every system for testing new versions • incl. CI/CD Pipeline •Create User / Group (uid/gid) per Application Type • required for volume mount permissions •Do not run Docker Container under root!
43 44 Enterprise Environments_
Typical problems •Company Proxies • HTTPs / Man-in-the-Middle •Self-signed Certificates (HTTPs) •Freedom to spin up servers using Terraform •Automate network configuration •Docker Registry: "No space left on device" •Keynote • Jean-Jacques van Oosten: "Do not compromise!"
45 46 “Thanks for your attention.”
Dennis Schulte, Senior IT-Consultant codecentric AG Hochstraße 11 42697 Solingen, Deutschland [email protected] www.codecentric.de blog.codecentric.de denschu Marcel Birkner, Software-Consultant codecentric AG Hochstraße 11 42697 Solingen, Deutschland [email protected]
www.codecentric.de blog.codecentric.de marcelbirkner
47