Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

The first goal is to build our image. In the case of the Natours repository, we don’t need any additional compile steps. All we need to do is run docker build with the appropriate commands

Creating

...

The first thing we need to do is create a Registry Account in FlexDeploy. This account contains the necessary information for pushing our image. Navigate to Topology->Integrations->Containers and click the Plus button.

...

Be sure to select the Provider as DockerRegistry and populate the information as necessary. In the above account it is configured to push to the joelwenzel account on dockerhub.com

Setting up the Project

Next, create a new Project in FlexDeploy. Give it a name that closely resembles your Git repository name and select Container as the Classification.

...

Done Offscreen

  • Create your SCM Instance and configure your Project to use it

After creating the Project, click on the Container Configuration tab. It is here where we specify the image tag information and build behavior.

Add the following configuration:

...

We will come back to image scanning, but for now lets continue on.

Creating the Build Workflow

...

the Build Workflow

The build workflow is only going to need two steps: clone the source code and build the image. The buildImage step is going to use the configuration done with project properties. As such, the default configuration is is fine for both steps, simply drag and drop.

...

Expand
titleWorkflow Source
Code Block
languagexml
<?xml version="1.0" encoding="UTF-8"?>
<ns0:WorkFlow xmlns:ns1="http://flexagon.com/flexdeploy/workflow/common" xmlns:ns0="http://flexagon.com/flexdeploy/workflow">
   <ns1:Name>BuildProjectImage</ns1:Name>
   <ns1:Description></ns1:Description>
   <ns0:Steps>
      <ns0:Step>
         <ns1:Name>cloneProjectSources</ns1:Name>
         <ns1:StepId>1</ns1:StepId>
         <ns0:InvokePlugin>
            <ns0:PluginName>FlexagonGITPlugin</ns0:PluginName>
            <ns0:PluginOperation>cloneProjectSources</ns0:PluginOperation>
            <ns0:consumesArtifacts>false</ns0:consumesArtifacts>
            <ns0:producesArtifacts>false</ns0:producesArtifacts>
            <ns0:EndpointSelection>
               <ns0:EndpointSelectionChoice>All</ns0:EndpointSelectionChoice>
            </ns0:EndpointSelection>
            <ns0:PluginInputs/>
            <ns0:UserInputs/>
            <ns0:PluginOutputs/>
            <ns0:UserOutputs/>
         </ns0:InvokePlugin>
      </ns0:Step>
      <ns0:Step>
         <ns1:Name>buildProjectImage</ns1:Name>
         <ns1:StepId>2</ns1:StepId>
         <ns0:InvokePlugin>
            <ns0:PluginName>FlexagonDockerPlugin</ns0:PluginName>
            <ns0:PluginOperation>buildProjectImage</ns0:PluginOperation>
            <ns0:consumesArtifacts>false</ns0:consumesArtifacts>
            <ns0:producesArtifacts>false</ns0:producesArtifacts>
            <ns0:EndpointSelection>
               <ns0:EndpointSelectionChoice>All</ns0:EndpointSelectionChoice>
            </ns0:EndpointSelection>
            <ns0:EndpointExecutionChoice>Any</ns0:EndpointExecutionChoice>
            <ns0:PluginInputs>
               <ns0:PluginInput>
                  <ns0:Name>FDDKR_INP_DOCKER_FILE</ns0:Name>
                  <ns0:ValueType>Text</ns0:ValueType>
                  <ns0:Encrypted>false</ns0:Encrypted>
                  <ns1:Type>String</ns1:Type>
               </ns0:PluginInput>
               <ns0:PluginInput>
                  <ns0:Name>FDDKR_INP_IMAGE_NAME</ns0:Name>
                  <ns0:ValueType>Text</ns0:ValueType>
                  <ns0:Encrypted>false</ns0:Encrypted>
                  <ns1:Type>String</ns1:Type>
               </ns0:PluginInput>
               <ns0:PluginInput>
                  <ns0:Name>FDDKR_INP_PUSH_IMAGE</ns0:Name>
                  <ns0:ValueType>Text</ns0:ValueType>
                  <ns0:Encrypted>false</ns0:Encrypted>
                  <ns1:Type>Boolean</ns1:Type>
                  <ns0:Text>false</ns0:Text>
               </ns0:PluginInput>
            </ns0:PluginInputs>
            <ns0:UserInputs/>
            <ns0:PluginOutputs>
               <ns0:OutputValue>
                  <ns0:NameInCallee>FDDKR_OUT_IMAGE_ID</ns0:NameInCallee>
               </ns0:OutputValue>
            </ns0:PluginOutputs>
            <ns0:UserOutputs/>
         </ns0:InvokePlugin>
      </ns0:Step>
   </ns0:Steps>
</ns0:WorkFlow>

Creating a Registry Account

If we are going to be pushing our image anywhere, we will need a Registry Account in FlexDeploy. Navigate to Topology->Integrations->Containers and click the Plus button.

...

Be sure to select the Provider as DockerRegistry and populate the information as necessary. In the above account it is configured to push to the joelwenzel account on dockerhub.com

Creating Additional Build Topology

LastlyWhile still on the Topology screen, we need to can create the topology remaining items for the build process.

Done Offscreen

  • Create an endpoint where Docker is installed

    • If docker is installed on the FlexDeploy server, the localhost endpoint can be used.

  • Create a Docker instance

    • Add the Build Environment to the Instance

...

Done Offscreen

  • Add the Docker Endpoint to your Docker-Build EnvInst in Topology Overview

  • Create the SCM Instance for the Git repository

Setting up the Project

Lastly, create a new Project in FlexDeploy. Give it a name that closely resembles your Git repository name and select Container as the Classification.

...

Done Offscreen

  • Update the Project Configuration tab to include the Build Workflow and , Build Instance and SCM Configuration.

After creating the Project, click on the

...

Container Configuration tab

...

. It is here where we specify the image tag information and build behavior.

Add the following configuration:

...

Naturally your image name and account could be different compared to what’s shown above. With this configuration, FlexDeploy will build an image with an incrementing Project Versionevery time we run a build. In addition to tagging the image with the ProjectVersion it will tag with latest and push the image to the Docker Hub registry that was set up earlier.

We will come back to image scanning, but for now lets finally build the image.

Run a build

Now the Project is ready to start creating images. Click the Build button on the Project Activity screen and if everything goes well we should have a new version of the natours image.

...

Notice that both version 1.0.1 and the latest tag were both pushed to the registry.

...

Deploying the Containerized App

A reminder that before deployment, you should have kubectl and helm installed on the local FlexDeploy server and have a valid context configured. Similar to the build process, we will first configure the project.

Creating the Deploy Workflow

The only step our deploy workflow needs to do is run Helm, which we will do through the deploy operation on the FlexDeployHelmPlugin. The only input specified is the K8s Context which should be the kubectl context as it shows when running

Code Block
languagebash
kubectl config current-context

...

Expand
titleWorkflow Source
Code Block
languagexml
<?xml version="1.0" encoding="UTF-8"?>
<ns0:WorkFlow xmlns:ns1="http://flexagon.com/flexdeploy/workflow/common" xmlns:ns0="http://flexagon.com/flexdeploy/workflow">
   <ns1:Name>DeployHelm</ns1:Name>
   <ns1:Description></ns1:Description>
   <ns0:Steps>
      <ns0:Step>
         <ns1:Name>deploy</ns1:Name>
         <ns1:StepId>1</ns1:StepId>
         <ns0:InvokePlugin>
            <ns0:PluginName>FlexagonHelmPlugin</ns0:PluginName>
            <ns0:PluginOperation>deploy</ns0:PluginOperation>
            <ns0:consumesArtifacts>true</ns0:consumesArtifacts>
            <ns0:producesArtifacts>false</ns0:producesArtifacts>
            <ns0:EndpointSelection>
               <ns0:EndpointSelectionChoice>All</ns0:EndpointSelectionChoice>
            </ns0:EndpointSelection>
            <ns0:EndpointExecutionChoice>Any</ns0:EndpointExecutionChoice>
            <ns0:PluginInputs>
               <ns0:PluginInput>
                  <ns0:Name>FDHLM_INP_CHART_NAME</ns0:Name>
                  <ns0:ValueType>Text</ns0:ValueType>
                  <ns0:Encrypted>false</ns0:Encrypted>
                  <ns1:Type>String</ns1:Type>
               </ns0:PluginInput>
               <ns0:PluginInput>
                  <ns0:Name>FDHLM_INP_K8S_CONTEXT</ns0:Name>
                  <ns0:ValueType>Text</ns0:ValueType>
                  <ns0:Encrypted>false</ns0:Encrypted>
                  <ns1:Type>String</ns1:Type>
                  <ns0:Text>oci-demo-cluster</ns0:Text>
               </ns0:PluginInput>
               <ns0:PluginInput>
                  <ns0:Name>FDHLM_INP_RELEASE_NAME</ns0:Name>
                  <ns0:ValueType>Text</ns0:ValueType>
                  <ns0:Encrypted>false</ns0:Encrypted>
                  <ns1:Type>String</ns1:Type>
               </ns0:PluginInput>
               <ns0:PluginInput>
                  <ns0:Name>FDHLM_INP_VALUES_FILE</ns0:Name>
                  <ns0:ValueType>Text</ns0:ValueType>
                  <ns0:Encrypted>false</ns0:Encrypted>
                  <ns1:Type>String</ns1:Type>
               </ns0:PluginInput>
               <ns0:PluginInput>
                  <ns0:Name>FDHLM_INP_REPO_NAME</ns0:Name>
                  <ns0:ValueType>Text</ns0:ValueType>
                  <ns0:Encrypted>false</ns0:Encrypted>
                  <ns1:Type>String</ns1:Type>
               </ns0:PluginInput>
               <ns0:PluginInput>
                  <ns0:Name>FDHLM_INP_CONFIG_FILE</ns0:Name>
                  <ns0:ValueType>Text</ns0:ValueType>
                  <ns0:Encrypted>false</ns0:Encrypted>
                  <ns1:Type>String</ns1:Type>
               </ns0:PluginInput>
               <ns0:PluginInput>
                  <ns0:Name>FDHLM_BUILD_DEPENDENCIES</ns0:Name>
                  <ns0:ValueType>Text</ns0:ValueType>
                  <ns0:Encrypted>false</ns0:Encrypted>
                  <ns1:Type>Boolean</ns1:Type>
                  <ns0:Text>false</ns0:Text>
               </ns0:PluginInput>
               <ns0:PluginInput>
                  <ns0:Name>FDHLM_INP_OPTIONS</ns0:Name>
                  <ns0:ValueType>Text</ns0:ValueType>
                  <ns0:Encrypted>false</ns0:Encrypted>
                  <ns1:Type>String</ns1:Type>
               </ns0:PluginInput>
            </ns0:PluginInputs>
            <ns0:UserInputs/>
            <ns0:PluginOutputs/>
            <ns0:UserOutputs/>
         </ns0:InvokePlugin>
      </ns0:Step>
   </ns0:Steps>
</ns0:WorkFlow>

Creating the Deploy Topology

More of the same as what we did on the Build side of things.

Done Offscreen

  • Create a Helm Instance

  • Associate the DeployHelm workflow

  • Set the Localhost endpoint on the Development Environment for the Helm Instance.

...

Finalizing the Project

Done Offscreen

  • Associate the Deploy Workflow and Deploy Instance on the Project Configuration tab.

Almost there, the final piece of the puzzle is to update the Helm configuration on the project.

...

Deploying the Helm Release

Head back to the Project Activity Screen and click the deploy button. If everything goes well there will be a new successful deployment of the Helm Release.

...

You may notice a few things that stand out compared to other FlexDeploy Projects, namely the Deployment link and Status. Both of these are shown for Container Projects only and offer some insight into the actual application that was deployed and some basic monitoring.

Info

The deployment status is only monitored if Kubectl is installed on the local FlexDeploy server.

Bonus: Image Scanning

If you have made it this far you have seen the bread and butter of Kubernetes deployments in FlexDeploy. If you want to take things to the next level this section will incorporate Image scanning via Anchore in our build process.

FlexDeploy supports native Anchore inline image scanning. What this means for you is that no additional installations or setup is needed apart from updating the Project configuration.

Warning

At this time, inline(local) image scanning is not supported on windows

Updating the Project Image Scanning Configuration

Navigate back to the Project’s Kubernetes Container Configuration tab on the Project. Under the Image Scanning section, change the Scan Image drop down to Before Push and set the Fail When script to

STATUS == “fail”.

...

We have just told FlexDeploy to run an Anchore scan prior to pushing our image and if the scan Status is “fail” then the build will fail. Save the changes and run another build. If you are using the natours repository, the build will now fail due to the scan results.

...