Last year at Jenkins World, we announced Jenkins on Azure support for Kubernetes. We shipped the Azure Container Agent which allows you to scale out to Azure and run a Jenkins Agent on Azure Container Instances (ACI) and/or Azure Kubernetes Service (AKS). Using the Kubernetes Continuous Deploy or Deploy to Azure Container Services (AKS) plugins, you can deploy containers to Kubernetes.
Back in April, we published a blog post in Kubernetes.io sharing with the community how to achieve Blue/Green deployment to Azure Container Services (AKS). Some questions remained to be answered though:
- What if I need to build a Docker image when I use ACI as my Jenkins build agent?
- If I run Docker Build on AKS, is it secured?
Earlier this year, the Azure Container Registry team released a preview of a native container build capability called Azure Container Registry (ACR) Build, which solves just these problems. One of the best things about ACR build is you only pay for the compute you use to build your images.
Build from local directory
Let’s say you have an existing pipeline that uses Maven to build your Java project and then deploys to AKS:
node { /* … snip… */ stage('Build') { sh 'mvn clean package' withCredentials([usernamePassword(credentialsId: env.ACR_CRED_ID, usernameVariable: 'ACR_USER', passwordVariable: 'ACR_PASSWORD')]{ sh 'docker login -u $ACR_USER -p $ACR_PASSWORD https://$ACR_SERVER' // build image def imageWithTag = "$env.ACR_SERVER/$env.WEB_APP:$env.BUILD_NUMBER" def image = docker.build imageWithTag // push image image.push() } stage(‘Deploy’) { /*… snip… */ } }
Since ACR Build supports builds from your local directory (in this case the build server local directory), you can replace the five lines of code with one line in your pipeline like this:
node { /* … snip… */ stage('Build') { sh 'mvn clean package' acrQuickBuild azureCredentialsId: 'principal-credentials-id', resourceGroupName: env.ACR_RES_GROUP, registryName: env.ACR_NAME, platform: "Linux", dockerfile: "Dockerfile", imageNames: [[image: "$env.ACR_REGISTRY/$env.IMAGE_NAME:$env.BUILD_NUMBER"]] } stage(‘Deploy’) { /*… snip… */ } }
The benefits
- Apart from AKS, you can now run this build pipeline in ACI.
- ACR Build enables network close, multi-tenant builds, reducing the network distance, and ensuring reliability of Docker push to the registry.
- Best yet, you no longer need to get into another debate with your peers about whether it is safe to run Docker on Docker.
Build based on git commits
What if you are setting up a new pipeline and just want to trigger build upon code commit? Fear not, ACR Build supports commit based builds. We set up a sample Jenkins file that allows you to build a Spring Boot Web App in ACR with deployment to AKS. In this case, once code is committed to GitHub, Jenkins will trigger the build in ACR, you can run tests (not covered in sample) and then deploy the Docker image to production. Simply follow the instructions on building a Docker image from git repo in ACR then deploying to AKS using Jenkins.
We will preview Azure ACR plugin at Jenkins World 2018. We will also have a few demos showing how to deploy to App Service with Tomcat and Java SE.
Please drop by the Azure Jenkins booth, see a demo, or chat with us about how you are integrating Jenkins with Azure. We are always looking for feedback and to hear more about your build systems.