openshift Posts

Creating a Simple Jenkinsfile Pipeline Script which Called Other Jenkinsfile from Git

Sometimes we want to update some part of our Jenkins job, but if i have like 50 jobs does it means that i have to change fifty pipeline script one by one?

The solution is actually pretty much straigh forward, i can extract most of jenkinsfile script and put it on Git so that i can change it dynamically. Here is my simple script which i put on my github page

stage('Build') {

	dir("../source") {
		
		sh "mvn -v"
		sh "mvn clean package -f pom.xml"
		
		sh "mkdir /tmp/app"
		
		def jarFile = sh(returnStdout: true, script: 'find target -maxdepth 1 -regextype posix-extended -regex ".+\\.(jar|war)\$" | head -n 1').trim()
		sh "cp ${jarFile} /tmp/app/app.jar"
		
		withCredentials([file(credentialsId:'Dockerfile', variable:'Dockerfile')]) {
			sh "cp ${Dockerfile} /tmp/app/Dockerfile"
		}
	}
}
stage('Deploy') {
	sh "oc new-build --name hello-world-3 --binary -n fuse-on-ocp-c8b3 || true"
	sh "oc start-build hello-world-3 --from-dir=/tmp/app/ -n fuse-on-ocp-c8b3 --follow --wait"
}

I put that Jenkins script on Github, https://github.com/edwin/jenkinsfile-example. And i call on the fly from my existing project pipeline script,

node('maven') {
	stage('Clone Pipeline') {
		sh "git config --global http.sslVerify false"
		sh "git clone https://github.com/edwin/jenkinsfile-example.git"
		
	}
	stage('Clone Code') {
	    sh "git config --global http.sslVerify false"
	    sh "git clone https://github.com/edwin/hello-world.git source"
	}
	stage('Start Run from Jenkinsfile on SCM') {
	    dir("jenkinsfile-example") {
		    load  'simple.jenkinsfile'
        }
	}
}

And this is the output result,

Google+

Deploying A Spring Boot Application to Openshift, with Java 11 S2I and Jenkins Pipeline

Openshift provide a base Java s2i image where we can use as a base image to run our java applicaiton. But too bad, the default Java base image is still using java 8. On this example, im trying to do a simple deployment to Openshift but using Java 11 as its base image, instead of Java 8.

First we need to import a Java 11 s2i image from Red Hat Registry, it will become our base image to run our executable java app.

oc import-image my-project/openjdk-11-rhel7 --from=registry.redhat.io/openjdk/openjdk-11-rhel7 --confirm

Next is creating a very simple pipeline script to build, and deploy our app using Jenkins Pipeline.

node('maven') {
	stage('Clone') {
		sh "git config --global http.sslVerify false"
		sh "git clone https://github.com/edwin/hello-world.git"
	}
	stage('Build') {
		sh "mvn -v"
		sh "mvn clean package -f hello-world/pom.xml"
		
		def jarFile = sh(returnStdout: true, script: 'find hello-world/target -maxdepth 1 -regextype posix-extended -regex ".+\\.(jar|war)\$" | head -n 1').trim()
		sh "cp ${jarFile} app.jar"
	}
	stage('Deploy') {
		sh "oc new-build --name hello-world --binary -n my-project --image-stream=my-project/openjdk-11-rhel7  || true"
		sh "oc start-build hello-world --from-file=app.jar -n my-project --follow --wait"
		sh "oc new-app hello-world || true"
		sh "oc expose svc/hello-world || true"
	}
}
Google+

Monitoring Kafka Topics with Dockerized Kafka Manager

Yesterday, Dimas (one of my colleague), are asking me on how to monitor Kafka which are running on top of Openshift using a tools which are accessible thru browser.

One of the tools im recommending is Kafka Manager, which we can download from below url,

https://github.com/yahoo/kafka-manager

Lets start from the beginning, from how to start Zookeeper, Kafka Server, until simulate a simple produce and consume and monitoring it using Kafka Manager.

First, download Kafka from Apache site, extract it, and open bin folder. We need Zookeeper to start before we start anything else. Fyi for this example im using Win10 as my primary Operating System, so all my command below can be different depends on what Operating System you are using.

cd D:\software\kafka_2.13-2.4.0\bin\windows
zookeeper-server-start.bat ..\..\config\zookeeper.properties

And run Kafka Server afterwards,

kafka-server-start.bat ..\..\config\server.properties

Create a topic,

kafka-topics.bat --create --bootstrap-server localhost:9092 --replication-factor 1 --partitions 1 --topic my-testing-topic

Try produce a simple echo message using Kafka Producer,

kafka-console-producer.bat --broker-list localhost:9092 --topic my-testing-topic

And listen to the sent message using Kafka Consumer,

kafka-console-consumer.bat --bootstrap-server localhost:9092 -topic  my-testing-topic --from-beginning

If you only want to get all the new message, ignoring the old one, just remove “–from-beginning” parameter. And use “–offset” parameter to get a specific offset.

Next is running my Kafka Manager using Docker command. Fyi, 192.168.1.20 is my laptop ip.

docker run --network host --add-host=moby:192.168.1.20 --add-host DESKTOP:192.168.1.20 -p 9000:9000 -e ZK_HOSTS="192.168.1.20:2181"  kafkamanager/kafka-manager

After Kafka-Manager is successfully started, we can browse our Kafka by opening thru browser,

Google+

Deploying Spring Boot with A Dynamic application.properties Location to Openshift

I want to create a simple spring boot app, and deploy it to Openshift 4.2. It supposed to be a straigh forward task, but the problem is that it is required to externalize all configuration to a configmaps or secret so no need to recompile the whole app in case of configuration change.

There are several approach of externalizing configuraton to configmaps, one way is put it as a string literal, include on your pod and call on application via environment variables, or deploy the whole configuration file and mount it on your Openshift pod. The last approach is the one that we will be doing now today.

First lets start with deploying our properties to Openshift as configmaps,

oc create cm myapp-api-configmap --from-file=D:\source\my-app\src\main\resources\application.properties

We can check and validate the result,

oc get cm

oc describe cm myapp-api-configmap

After that, we can mount corresponding configmap to a specific folder on our Pod, on below example modification is done on DeploymentConfig.yaml and mounting application.properties to /deployments/config folder.

kind: DeploymentConfig
apiVersion: apps.openshift.io/v1
metadata:
  ........
    spec:
      volumes:
        - name: myapp-api-configmap-volume
          configMap:
            name: myapp-api-configmap
            defaultMode: 420
      containers:
        - name: myapp-api
          image: >-
            image-registry.openshift-image-registry.svc:5000/openshift/myapp@sha256:1127.....
          ports:
            - containerPort: 8778
              protocol: TCP
            - containerPort: 8080
              protocol: TCP
            - containerPort: 8443
              protocol: TCP
          resources: {}
          volumeMounts:
            - name: myapp-api-configmap-volume
              mountPath: /deployments/config
          terminationMessagePath: /dev/termination-log
          terminationMessagePolicy: File
          imagePullPolicy: Always
      restartPolicy: Always
      terminationGracePeriodSeconds: 30
      dnsPolicy: ClusterFirst
      securityContext: {}
      schedulerName: default-scheduler

A modification is also needed on my Dockerfile, pointing a new path for my properties file by using “spring.config.location” parameter,

FROM registry.access.redhat.com/openjdk/openjdk-11-rhel7

USER jboss
RUN mkdir -p /deployments/image && chown -R jboss:0 /deployments
EXPOSE 8080

COPY target/application-1.0.jar /deployments/application.jar
CMD ["java", "-jar", "/deployments/application.jar", "--spring.config.location=file:///deployments/config/application.properties"]

Build, deploy,and see that application is now taking configuration from external configuration file.

Google+

Run as a Root User on Openshift

Sometimes my docker images got permission issue when deployed to Openshift, due to Openshift gives a random userid as enforced by its default security policy. In order to “bypass” those constrain and run my image as root, i run below command,

oc adm policy add-scc-to-user anyuid -z default -n project-name
Google+