setup docker registry with jenkins
Setup docker registry
You can setup docker registry simply by a single command
sudo docker run -d -p 5000:5000 -v `pwd`/data:/var/lib/registry --restart=always --name registry registry:latestIf you want to delete images pushed to registry, you’d better mapping the config.yml locally, because you can enable delete in config.yml.
After registry setup, you can curl to check the catalog and taglist of images.
Here’s a python3 script which can not only setup docker registry as a service but also access registry information / push image as a client.
http & https
If you setup docker registry on a server with https url, that would be easy to push image to registry. Otherwise you would got error message server gave HTTP response to HTTPS client when push image.
Then you should add registry ip:port to insecure-registries of docker client.
For linux, go to /etc/docker/ and create file daemon.json, add { "insecure-registries": ["ip:port"] }. Then service docker restart.
For Mac, open docker client preference, edit daemon as following figure.
Setup jenkins
If you want to use docker in jenkins, DO NOT use jenkins-docker. That means you either need to install docker in jenkins docker or mapping host docker to jenkins. But neither of them is good choice.
You should install jenkins without docker.
On ubuntu, several commands would be OK. install-jenkins-ubuntu
Then you can operate it simply like jenkins-service-op.
Give jenkins permission of host docker
Give permission of docker to jenkins user on host, or you’ll error like /var/run/docker.sock: connect: permission denied.
sudo usermod -aG docker jenkins
sudo service jenkins restartCI Pipeline with docker registry
We have already setup docker-registry and jenkins, then we can setup a pipeline to clone project from github, build it on jenkins, push built image to registry.
Then we need to ssh to target machine, pull and run the image we just pushed.
Install ssh plugins
2 plugins need to be installed on jenkins first: SSH plugin & Publish Over SSH Plugin.
Give jenkins permission to ssh to target machine
-
On Jenkins host,
sudo su -s /bin/bash jenkins,ssh-keygen,cat /var/lib/jenkins/.ssh/id_rsa.pub, we got jenkins ssh public key. -
Add public key of jenkins to target machine’s
~/.ssh/authorized_keys. -
Login jenkins with
sudo su -s /bin/bash jenkinson jenkins host, ssh to target machine mannualy first time, type ‘yes’ then jenkins can ssh to target machine freely on pipeline.
Jenkins pipeline execute shell sample
docker build -t my-server .
docker tag my-server:latest docker-registry.domain.net/my-server-qa:${BUILD_NUMBER}
docker push docker-registry.domain.net/my-server-qa:${BUILD_NUMBER}
ssh ubuntu@ec2-00-11-22-33.us-west-1.compute.amazonaws.com "~/deploy-docker.sh qa ${BUILD_NUMBER}"deploy script on target machine
Target machine should install docker first, otherwise it cannot pull image from docker registry.
This is a sample deploy script of target machine which matches above execute shell sample.
# param1: env (prod|stg|qa|local)
# param2: build_number (1|2|3...)
sudo docker pull docker-registry.domain.net/my-server-$1:$2
sudo docker container stop $(sudo docker ps -f name=my-server -q)
set -e
sudo docker run --name my-server --rm -d -p 8080:8080 docker-registry.domain.net/my-server-$1:$2 $1
sudo docker system prune -a # save disk volume for serverReferences
Private registry push fail: server gave HTTP response to HTTPS client
Using Docker-in-Docker for your CI or testing environment? Think twice
Jenkins - can the “Execute Shell” execute SSH commands