Although making ready for a awareness session about Jenkins, I was looking for a way for every single participant to run Jenkins devoid of getting to really install it. My ideas went to Docker instantly. Jenkins has some tutorials on the website in which they use Jenkins from a Docker container (for illustration: https://www.jenkins.io/doc/tutorials/construct-a-node-js-and-react-app-with-npm/ ).
In this tutorial they generate a network and operate two docker visuals. One particular of the illustrations or photos is the (tailored) Jenkins docker picture. The other impression is the docker:dind image. This image is required to be capable to execute docker instructions from inside the Jenkins instance. For illustration, if you want to use a docker impression as an agent for a pipeline you will will need this. They also make some volumes, to save the Jenkins facts and make a relationship to the area server’s property folder. This very last relationship is wanted if you want to be ready to operate Jenkins pipelines from a nearby repository.
You need to have to use some very prolonged commands every single time to commence all this up. Considering that I was preparing this awareness session around various times, I did not feel like this was incredibly successful. I resolved to develop a docker-compose file, so I wouldn’t will need to keep in mind or preserve all the instructions to begin up the docker containers. I also required adaptations to include Chrome in my container in buy to run some Angular checks. Consequently, I established a Dockerfile, to incorporate Chrome into the docker container.
I will break each documents up into scaled-down items to reveal what just about every piece does. At the close I will submit the total information.
This line tells docker on which present image to base the docker graphic developed with this Dockerfile. I selected 1 of the formal Jenkins photos, a extensive-time period assistance (lts) image that contains Jenkins and jdk-11.
The user is set to root in purchase to set up some matters we require.
Run apt-get update && apt-get put in -y apt-transport-https ca-certificates curl gnupg2 computer software-houses-prevalent Operate curl -fsSL https://obtain.docker.com/linux/debian/gpg | apt-important include - Operate apt-critical fingerprint 0EBFCD88 Run increase-apt-repository "deb [arch=amd64] https://obtain.docker.com/linux/debian $(lsb_release -cs) steady" Operate apt-get update && apt-get put in -y docker-ce-cli
The strains higher than put in a docker engine in the impression. I copied this from the tutorial beforehand talked about.
Run apt-get update && apt-get put in -y wget Operate wget -q -O - https://dl-ssl.google.com/linux/linux_signing_key.pub | apt-important add - Run echo "deb http://dl.google.com/linux/chrome/deb/ stable key" > /and so forth/apt/sources.list.d/google.checklist Operate apt-get update Operate apt-get set up -y google-chrome-steady xvfb ENV CHROME_BIN='/usr/bin/google-chrome-stable'
The remaining lines put in google Chrome and set the CHROME_BIN atmosphere variable to the correct path.
The user is then established again to Jenkins.
The docker-compose.yml file
The information that I placed in the docker-compose file is comparable to the data uncovered in the instructions used in the Jenkins tutorial.
The line earlier mentioned defines the variation of the docker compose file structure.
A community is outlined, which is termed Jenkins. This community has no even further technical specs.
volumes: jenkins-facts: jenkins-docker-certs:
Listed here, two volumes are defined. The initially quantity will be utilized to retailer the Jenkins knowledge. The 2nd a person will be utilised to map the docker certificates. This is required for the Jenkins agent to connect to the docker daemon.
In this block the two companies will be described: the Jenkins agent and the docker in docker (dind).
All settings for the Jenkins agent are described in this block.
The impression name, if not set docker will create a (considerably a lot less descriptive) title for you.
This line specifies that the graphic demands to be developed from a Jenkinsfile that is located at the very same path as where by this docker-compose file is found. The identify of the Jenkinsfile is only Jenkinsfile (the default). If your Jenkinsfile is placed in a different folder, you can specify the path below as a substitute of “.”. If the name if your Jenkinsfile is different you can also specify that by applying some much more configuration possibilities (see: https://docs.docker.com/compose/compose-file/compose-file-v3/#make).
The line over ensures that the containers are restarted if killed by unforeseen conduct these kinds of as the docker daemon crashing. It will not restart if the container is manually stopped.
networks: - jenkins
This connects the Jenkins-agent to the Jenkins community, so that it can talk with the other containers in the community.
ports: - 8080:8080 - 50000:50000
The ports 8080 and 50000 are uncovered to the same port on the host machine. Port 8080 is utilised by the Jenkins agent to display screen the Jenkins UI. Port 50000 is used to talk with other Jenkins brokers. You can take out the last 1 if you really don’t want it.
This can make positive you can obtain the docker container with a terminal.
volumes: - jenkins-details:/var/jenkins_dwelling - jenkins-docker-certs:/certs/shopper:ro -
The first line stores the data from Jenkins_home in the Jenkins-info quantity. This assures the data is obtainable from the dind container and that it is persisted if you shut down the docker containers. The next line guarantees that the TLS certificates needed to hook up to the docker daemon are out there to the Jenkins agent. The past line maps the residence listing of the Jenkins agent to a specified folder on the host device. You will have to have to swap
surroundings: - DOCKER_HOST=tcp://docker:2376 - DOCKER_CERT_Route=/certs/customer - DOCKER_TLS_Verify=1
These 1st environment line sets the docker host of the Jenkins agent to our dind graphic. This picture has the alias “docker” for the Jenkins network we created and is exposed on port 2376. We will see these configurations underneath. The other setting variables are also needed to guarantee the dind container and the Jenkins agent can get the job done collectively.
All configurations for the docker in docker container are outlined in this block.
As ahead of, the container identify is specified.
In its place of employing a docker file, this container is designed from a pre-existing image that is registered in a container registry. This image is precisely made use of to run docker inside of an additional docker container.
Privileged method is demanded to run docker in docker properly. This grants the dind contained root abilities to all units on the host (in this situation the Jenkins agent).
Assures that the containers are restarted if killed by unanticipated conduct.
networks: jenkins: aliases: - docker
This connects the dind impression to the jenkins community and gives the image the alias “docker” for this network. As mentioned prior to, this alias is utilized to established the dind graphic as DOCKER_HOST in the Jenkins agent container.
ports: - 2376:2376 - 3100:3100
Port 2376 is uncovered so the Jenkins agent can link to the docker daemon. I uncovered port 3100 mainly because I was jogging an software from within a docker container inside of a Jenkins pipeline that I preferred to accessibility from my area browser. You can get rid of this if you are not scheduling to do a little something like that.
This can make absolutely sure you can entry the docker container with a terminal.
volumes: - jenkins-info:/var/jenkins_home - jenkins-docker-certs:/certs/customer
The 1st line ensures that docker containers managed by the docker daemon in this container can obtain the data from Jenkins. The second line helps make sure that the TLS certificates desired to join to the docker daemon are accessible in the Jenkins-docker-certs quantity.
ecosystem: - DOCKER_TLS_CERTDIR=/certs
This enables the use of TLS in the docker server. This is recommended simply because of the privileged mode employed. This is also the rationale the TLS certificates are essential for every little thing to function.
Employing the docker containers
Operate “docker compose up” in a terminal in the identical folder as where by the docker-compose.yml file is situated. If you don’t want to see the output in the command line you can run “docker compose up -d” (-d signifies detached). When all the things is jogging, you can go to localhost:8080 to entry the Jenkins UI. The 1st time accessing the Jenkins agent will request for the Administrator password. You can find this in the command line output. If your functioning in detached method, you can use “docker logs jenkins-agent” to see the output.
The output ought to seem some thing like this:
Following distributing the administrator password you can install advised plugins and develop the initial admin consumer. You will have to have this person to log back again into Jenkins if you restart the docker containers. Now you are ready to build your initial career!
To shut all the things down run “docker compose down” or use ctrl + c if you are not managing in detached manner.
The Dockerfile complete:
FROM jenkins/jenkins:2.277.1-lts-jdk11 Person root Operate apt-get update && apt-get set up -y apt-transportation-https ca-certificates curl gnupg2 software-properties-widespread Operate curl -fsSL https://download.docker.com/linux/debian/gpg | apt-crucial add - Operate apt-important fingerprint 0EBFCD88 Run increase-apt-repository "deb [arch=amd64] https://down load.docker.com/linux/debian $(lsb_launch -cs) steady" Run apt-get update && apt-get put in -y docker-ce-cli Run apt-get update && apt-get set up -y wget Operate wget -q -O - https://dl-ssl.google.com/linux/linux_signing_crucial.pub | apt-key insert - Run echo "deb http://dl.google.com/linux/chrome/deb/ secure primary" > /etc/apt/sources.listing.d/google.list Run apt-get update Run apt-get put in -y google-chrome-steady xvfb ENV CHROME_BIN='/usr/bin/google-chrome-stable' Consumer jenkins
The docker-compose.yml file entire:
edition: "3.1" companies: jenkins-agent: container_name: jenkins-agent develop: . restart: usually networks: - jenkins ports: - 8080:8080 - 50000:50000 tty: true volumes: - jenkins-data:/var/jenkins_house - jenkins-docker-certs:/certs/shopper:ro - C:/People/EHERMAN91:/residence setting: - DOCKER_HOST=tcp://docker:2376 - DOCKER_CERT_Path=/certs/shopper - DOCKER_TLS_Validate=1 dind: container_name: docker-for-jenkins image: docker:dind privileged: true restart: always networks: jenkins: aliases: - docker ports: - 2376:2376 - 3100:3100 tty: legitimate volumes: - jenkins-knowledge:/var/jenkins_home - jenkins-docker-certs:/certs/consumer ecosystem: - DOCKER_TLS_CERTDIR=/certs networks: jenkins: volumes: jenkins-facts: jenkins-docker-certs:
The files can also be identified in this repository: https://github.com/EmmyHermans/Jenkins-SIG. Furthermore, some workout routines to observe with Jenkins can be located right here.