Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • Docker CLI - An available docker cli for building the image

  • Kubernetes Cluster - For deployment

    • This guide will be using OKE, but any cluster will suffice.

  • Kubectl/Helm - Install it kubectl and helm on the FlexDeploy server and pointing to the K8s cluster.

    • Be sure the appropriate context is configured for your K8s Cluster.

  • FlexDeploy Knowledge

    • We won’t be covering some of the more basic steps like creating SCM Instances and other Topology configuration.

...

The first goal is to build our image. In the case of the Natours repository, we don’t need any additional compile steps. All we need to do is run docker build with the appropriate commands

Creating the Build Workflow

The build workflow is only going to need two steps: clone the source code and build the image. The buildProjectImage step is going to use the configuration directly in the project. As such, the default configuration is is fine for both steps, simply drag and drop.

...

Expand
titleWorkflow Source
Code Block
languagexml
<?xml version="1.0" encoding="UTF-8"?>
<ns0:WorkFlow xmlns:ns1="http://flexagon.com/flexdeploy/workflow/common" xmlns:ns0="http://flexagon.com/flexdeploy/workflow">
   <ns1:Name>BuildProjectImage</ns1:Name>
   <ns1:Description></ns1:Description>
   <ns0:Steps>
      <ns0:Step>
         <ns1:Name>cloneProjectSources</ns1:Name>
         <ns1:StepId>1</ns1:StepId>
         <ns0:InvokePlugin>
            <ns0:PluginName>FlexagonGITPlugin</ns0:PluginName>
            <ns0:PluginOperation>cloneProjectSources</ns0:PluginOperation>
            <ns0:consumesArtifacts>false</ns0:consumesArtifacts>
            <ns0:producesArtifacts>false</ns0:producesArtifacts>
            <ns0:EndpointSelection>
               <ns0:EndpointSelectionChoice>All</ns0:EndpointSelectionChoice>
            </ns0:EndpointSelection>
            <ns0:PluginInputs/>
            <ns0:UserInputs/>
            <ns0:PluginOutputs/>
            <ns0:UserOutputs/>
         </ns0:InvokePlugin>
      </ns0:Step>
      <ns0:Step>
         <ns1:Name>buildProjectImage</ns1:Name>
         <ns1:StepId>2</ns1:StepId>
         <ns0:InvokePlugin>
            <ns0:PluginName>FlexagonDockerPlugin</ns0:PluginName>
            <ns0:PluginOperation>buildProjectImage</ns0:PluginOperation>
            <ns0:consumesArtifacts>false</ns0:consumesArtifacts>
            <ns0:producesArtifacts>false</ns0:producesArtifacts>
            <ns0:EndpointSelection>
               <ns0:EndpointSelectionChoice>All</ns0:EndpointSelectionChoice>
            </ns0:EndpointSelection>
            <ns0:EndpointExecutionChoice>Any</ns0:EndpointExecutionChoice>
            <ns0:PluginInputs>
               <ns0:PluginInput>
                  <ns0:Name>FDDKR_INP_DOCKER_FILE</ns0:Name>
                  <ns0:ValueType>Text</ns0:ValueType>
                  <ns0:Encrypted>false</ns0:Encrypted>
                  <ns1:Type>String</ns1:Type>
               </ns0:PluginInput>
               <ns0:PluginInput>
                  <ns0:Name>FDDKR_INP_IMAGE_NAME</ns0:Name>
                  <ns0:ValueType>Text</ns0:ValueType>
                  <ns0:Encrypted>false</ns0:Encrypted>
                  <ns1:Type>String</ns1:Type>
               </ns0:PluginInput>
               <ns0:PluginInput>
                  <ns0:Name>FDDKR_INP_PUSH_IMAGE</ns0:Name>
                  <ns0:ValueType>Text</ns0:ValueType>
                  <ns0:Encrypted>false</ns0:Encrypted>
                  <ns1:Type>Boolean</ns1:Type>
                  <ns0:Text>false</ns0:Text>
               </ns0:PluginInput>
            </ns0:PluginInputs>
            <ns0:UserInputs/>
            <ns0:PluginOutputs>
               <ns0:OutputValue>
                  <ns0:NameInCallee>FDDKR_OUT_IMAGE_ID</ns0:NameInCallee>
               </ns0:OutputValue>
            </ns0:PluginOutputs>
            <ns0:UserOutputs/>
         </ns0:InvokePlugin>
      </ns0:Step>
   </ns0:Steps>
</ns0:WorkFlow>

Creating a Registry Account

The first thing we need to do is create If we are going to be pushing our image anywhere, we will need a Registry Account in FlexDeploy. This account contains the necessary information for pushing our image. Navigate to Topology->Integrations->Containers and click the Plus button.

...

Be sure to select the Provider as DockerRegistry and populate the information as necessary. In the above account it is configured to push to the joelwenzel account on dockerhub.com

Creating Additional Build Topology

While still on the Topology screen, we can create the remaining items for the build process.

Done Offscreen

  • Create an endpoint where Docker is installed

    • If docker is installed on the FlexDeploy server, the localhost endpoint can be used.

  • Create a Docker instance

    • Add the Build Environment to the Instance

Ensure that the Docker Instance has the workflow created above added. This is how FlexDeploy knows what properties to show on certain screens.

...

Note

Docker on Windows or Docker-Desktop

If you are using docker on windows, you will need to perform these additional steps.

Done Offscreen

  • Add the Docker Endpoint to your Docker-Build EnvInst in Topology Overview

  • Create the SCM Instance for the Git repository

Setting up the Project

NextLastly, create a new Project in FlexDeploy. Give it a name that closely resembles your Git repository name and select Container as the Classification.

...

Done Offscreen

  • Create your SCM Instance and configure your Project to use itUpdate the Project Configuration tab to include the Build Workflow, Build Instance and SCM Configuration.

After creating the Project, click on the Container Configuration tab. It is here where we specify the image tag information and build behavior.

...

We will come back to image scanning, but for now lets continue onfinally build the image.

Creating the Build Workflow

Now that the Project is setup to handle the building and pushing of the image, all we need our workflow to do is clone the source code and build the image. The default configuration is is fine for both steps, simply drag and drop.

...

Run a build

Click the Build button on the Project Activity screen and if everything goes well we should have a new version of the natours image.

...

Notice that both version 1.0.1 and the latest tag were both pushed to the registry.

...

Deploying the Containerized App

A reminder that before deployment, you should have kubectl and helm installed on the local FlexDeploy server and have a valid context configured. Similar to the build process, we will first configure the project.

Creating the Deploy Workflow

The only step our deploy workflow needs to do is run Helm, which we will do through the deploy operation on the FlexDeployHelmPlugin. The only input specified is the K8s Context which should be the kubectl context as it shows when running

Code Block
languagebash
kubectl config current-context

...

Expand
titleWorkflow Source
Code Block
languagexml
<?xml version="1.0" encoding="UTF-8"?>
<ns0:WorkFlow xmlns:ns1="http://flexagon.com/flexdeploy/workflow/common" xmlns:ns0="http://flexagon.com/flexdeploy/workflow">
   <ns1:Name>BuildProjectImage<Name>DeployHelm</ns1:Name>
   <ns1:Description></ns1:Description>
   <ns0:Steps>
      <ns0:Step>
         <ns1:Name>cloneProjectSources<Name>deploy</ns1:Name>
         <ns1:StepId>1</ns1:StepId>
         <ns0:InvokePlugin>
            <ns0:PluginName>FlexagonGITPlugin<PluginName>FlexagonHelmPlugin</ns0:PluginName>
            <ns0:PluginOperation>cloneProjectSources<PluginOperation>deploy</ns0:PluginOperation>
            <ns0:consumesArtifacts>false<consumesArtifacts>true</ns0:consumesArtifacts>
            <ns0:producesArtifacts>false</ns0:producesArtifacts>
            <ns0:EndpointSelection>
               <ns0:EndpointSelectionChoice>All</ns0:EndpointSelectionChoice>
            </ns0:EndpointSelection>
            <ns0:PluginInputs/>EndpointExecutionChoice>Any</ns0:EndpointExecutionChoice>
            <ns0:PluginInputs>
               <ns0:PluginInput>
                  <ns0:UserInputs/>Name>FDHLM_INP_CHART_NAME</ns0:Name>
                  <ns0:PluginOutputs/>ValueType>Text</ns0:ValueType>
                  <ns0:UserOutputs/>:Encrypted>false</ns0:Encrypted>
                  <ns1:Type>String</ns1:Type>
               </ns0:InvokePlugin>PluginInput>
               <ns0:PluginInput>
                  <ns0:Name>FDHLM_INP_K8S_CONTEXT</ns0:Name>
                  <<ns0:ValueType>Text</ns0:Step>ValueType>
                  <ns0:Step>Encrypted>false</ns0:Encrypted>
                  <ns1:Name>buildProjectImage<Type>String</ns1:Name>Type>
                  <ns1:StepId>2</ns1:StepId><ns0:Text>oci-demo-cluster</ns0:Text>
               </ns0:PluginInput>
               <ns0:InvokePlugin>PluginInput>
                  <ns0:PluginName>FlexagonDockerPlugin<Name>FDHLM_INP_RELEASE_NAME</ns0:PluginName>Name>
                  <ns0:PluginOperation>buildProjectImage<ValueType>Text</ns0:PluginOperation>ValueType>
                  <ns0:consumesArtifacts>false<Encrypted>false</ns0:consumesArtifacts>Encrypted>
                  <ns0:producesArtifacts>false<<ns1:Type>String</ns1:Type>
               </ns0:producesArtifacts>PluginInput>
               <ns0:EndpointSelection>PluginInput>
                  <ns0:EndpointSelectionChoice>All<Name>FDHLM_INP_VALUES_FILE</ns0:EndpointSelectionChoice>Name>
                  <<ns0:ValueType>Text</ns0:EndpointSelection>ValueType>
                  <ns0:EndpointExecutionChoice>Any<Encrypted>false</ns0:EndpointExecutionChoice>Encrypted>
                  <ns1:Type>String</ns1:Type>
               <ns0</ns0:PluginInputs>PluginInput>
               <ns0:PluginInput>
                  <ns0:Name>FDDKRName>FDHLM_INP_DOCKERREPO_FILE<NAME</ns0:Name>
                  <ns0:ValueType>Text</ns0:ValueType>
                  <ns0:Encrypted>false</ns0:Encrypted>
                  <ns1:Type>String</ns1:Type>
               </ns0:PluginInput>
               <ns0:PluginInput>
                  <ns0:Name>FDDKRName>FDHLM_INP_IMAGECONFIG_NAME<FILE</ns0:Name>
                  <ns0:ValueType>Text</ns0:ValueType>
                  <ns0:Encrypted>false</ns0:Encrypted>
                  <ns1:Type>String</ns1:Type>
               </ns0:PluginInput>
               <ns0:PluginInput>
                  <ns0:Name>FDDKRName>FDHLM_INPBUILD_PUSH_IMAGE<DEPENDENCIES</ns0:Name>
                  <ns0:ValueType>Text</ns0:ValueType>
                  <ns0:Encrypted>false</ns0:Encrypted>
                  <ns1:Type>Boolean</ns1:Type>
                  <ns0:Text>false</ns0:Text>
               </ns0:PluginInput>
             </ns0:PluginInputs>  <ns0:PluginInput>
                  <ns0:UserInputs/>Name>FDHLM_INP_OPTIONS</ns0:Name>
                  <ns0:PluginOutputs>ValueType>Text</ns0:ValueType>
                  <ns0:OutputValue>Encrypted>false</ns0:Encrypted>
                  <ns0:NameInCallee>FDDKR_OUT_IMAGE_ID</ns0:NameInCallee><ns1:Type>String</ns1:Type>
               </ns0:OutputValue>PluginInput>
            </ns0:PluginOutputs>PluginInputs>
            <ns0:UserInputs/>
            <ns0:PluginOutputs/>
            <ns0:UserOutputs/>
         </ns0:InvokePlugin>
      </ns0:Step>
   </ns0:Steps>
</ns0:WorkFlow>

Creating the

...

Deploy Topology

Lastly, we need to create the topology for the build processMore of the same as what we did on the Build side of things.

Done Offscreen

  • Create an endpoint where Docker is installed

    • If docker is installed on the FlexDeploy server, the localhost endpoint can be used.

  • Create a Docker instance

    • Add the Build Environment to the Instance

Ensure that the Docker Instance has the workflow created above added. This is how FlexDeploy knows what properties to show on certain screens.

...

Note

Docker on Windows or Docker-Desktop

If you are using docker on windows, you will need to perform these additional steps.

Done Offscreen

  • Add the Docker Endpoint to your Docker-Build EnvInst in Topology Overview

  • Update the Build Workflow and Build Instance on the Project Configuration tab of the Project.

Deploying via Helm

...

  • a Helm Instance

  • Associate the DeployHelm workflow

  • Set the Localhost endpoint on the Development Environment for the Helm Instance.

...

Finalizing the Project

Done Offscreen

  • Associate the Deploy Workflow and Deploy Instance on the Project Configuration tab.

Almost there, the final piece of the puzzle is to update the Helm configuration on the project.

...

Deploying the Helm Release

Head back to the Project Activity Screen and click the deploy button. If everything goes well there will be a new successful deployment of the Helm Release.

...

You may notice a few things that stand out compared to other FlexDeploy Projects, namely the Deployment link and Status. Both of these are shown for Container Projects only and offer some insight into the actual application that was deployed and some basic monitoring.

Info

The deployment status is only monitored if Kubectl is installed on the local FlexDeploy server.

Bonus: Image Scanning

If you have made it this far you have seen the bread and butter of Kubernetes deployments in FlexDeploy. If you want to take things to the next level this section will incorporate Image scanning via Anchore in our build process.

FlexDeploy supports native Anchore inline image scanning. What this means for you is that no additional installations or setup is needed apart from updating the Project configuration.

Warning

At this time, inline(local) image scanning is not supported on windows

Updating the Project Image Scanning Configuration

Navigate back to the Container Configuration tab on the Project. Under the Image Scanning section, change the Scan Image drop down to Before Push and set the Fail When script to

STATUS == “fail”.

...

We have just told FlexDeploy to run an Anchore scan prior to pushing our image and if the scan Status is “fail” then the build will fail. Save the changes and run another build. If you are using the natours repository, the build will now fail due to the scan results.

...