this post will teach you how to deploy your own Docker registry and how to use Microsoft Azure Devops to automatically building your Github Go project, and deploy to your Docker Swarm Server
How it works
- Pipeline download your github project
- Build your code by Dockerfile, make docker image then push to your own Docker registry
- Execute Bash command in Pipeline, pull off latest image of your project then update Docker swarm service
Prerequisites
follow above picture you need:
- Public certificate and Private key for your private docker registry
- A server running with Linux and Docker Swarm service
Docker Registry
To start-up a Docker Registry, prepare a docker-compose.yml file like below
version: "3.7"
services:
registry:
restart: always
image: registry:2
ports:
- 5000:5000
environment:
REGISTRY_HTTP_TLS_CERTIFICATE: /opt/ssl/public.crt
REGISTRY_HTTP_TLS_KEY: /opt/ssl/private.key
REGISTRY_AUTH: htpasswd
REGISTRY_AUTH_HTPASSWD_PATH: /auth/htpasswd
REGISTRY_AUTH_HTPASSWD_REALM: Registry Realm
volumes:
- /opt/registry:/var/lib/registry
- /root/ssl:/opt/ssl
- /root/auth:/auth
since we already using Docker Swarm, we deploy it toward Docker Swarm service
> docker stack deploy system --compose-file ./docker-compose.yml # create a docker swarm service named `system`
about certificate / private key you have to put it into /opt/ssl, if you are not pleasant to put it there, you can modify yml file content
if you have mutiple certificates you have to merge it into one .crt file,in case you get x509: certificate signed by unknown authority error when building in pipeline
> cat yourcert.crt >> yourchaincert.crt
now set username and password for your docker registry
> docker run --entrypoint htpasswd registry:2 -Bbn yourusername yourpassword > auth/htpasswd
> docker service update --force system_registry # restart docker registry
# if everything goes well you get result like below
> curl --user yourusername:yorupassword https://yourdomainname:5000/v2/_catalog
{
"repositories": [
]
}
Azure Pipeline
if you don’t have an Azure Devops account (click here), after you login, it will notice you to create a new project, to use pipeline you need a project, after you get your own project, click Pipeline->New Pipeline, then choose your Code source,it will ask your to given permission from your project source, you give that permission then go to next
then you can start design your pipeline
trigger:
- master
variables:
imageurl: yourdomainname:5000/yourimagename:latest
servicename: yourservicename
username: '$(registryid)'
password: '$(registrypwd)'
registry: yourregistryaddress
steps:
- script: |
echo "======================================================"
echo "=====================Docker Building====================="
echo "======================www.slll.info======================="
docker build -t $(imageurl) .
docker login -u $(username) -p $(password) $(registry)
docker push $(imageurl)
- task: SSH@0
inputs:
sshEndpoint: 'server'
runOptions: 'commands'
commands: 'docker pull $(imageurl) && docker service update --with-registry-auth --image $(imageurl) $(servicename)'
above azure-pipeline.yml will:
- build your project through your
Dockerfile - push docker image into your private registry
- use ssh command to pull off latest image from your private regisry
- update docker swarm service
task: SSH@0 generate by Pipeline task SSH, set your server connection in Project Settings -> Service Connections -> Ssh, then go back to Pipeline Editor, set new SSH task, set command to docker pull $(imageurl) && docker service update --with-registry-auth --image $(imageurl) $(servicename) then add into your setps
now set variable for you pipeline, on the top of right you will see a menu butten, follow Variable -> Pipeline Variables -> +Add to add your docker registry username and password (registryid / registrypwd)