OPENSHIFT BUILD

Geofrey Flores

A build is a process of transforming input parameters into a resulting object.

A buildConfig resource defines the entire build process

  • input

  • build strategy

  • publishing images

  • triggers

  • miscellaneous

Common build scenarios build strategy

  • build from source using dockerfile

  • build from source using s2i

  • deploy from existing docker image

  • CI/CD pipeline (Jenkins, Tekton)

  • Custom


FROM node:10

# Create app directory
WORKDIR /usr/src/app

RUN mkdir -p /usr/src/app

# Install app dependencies
COPY * /usr/src/app

RUN npm install

# Bundle app source
COPY . /usr/src/app

EXPOSE 8080
CMD [ "node", "server.js" ]

Build from dockerfile

'use strict';

const express = require('express');

// Constants
const PORT = 8080;
const HOST = '0.0.0.0';

// App
const app = express();
app.get('/', (req, res) => {
  res.send('Hello world\n');
});

app.listen(PORT, HOST);
console.log(`Running on 
  http://${HOST}:${PORT}`);

Title Text

Setup

// start minishift 
> // minishift start; eval $(minishift oc-env)
> oc login -u developer // login
> oc new-project oc-build // create new project

Docker strategy

cd cascon-build // in "cascon-2019-openshift" dir
cat Dockerfile | oc new-build --name oc-build-docker --dockerfile='-'
oc describe bc/oc-build-docker
oc start-build bc/oc-build-docker --from-dir=. --follow
oc get is
// to deploy
oc new-app oc-build-docker --name=my-node-app
oc expose svc/my-node-app
oc get route

oc new-build reference

apiVersion: build.openshift.io/v1
kind: BuildConfig
metadata:
  annotations:
    openshift.io/generated-by: OpenShiftNewBuild
  creationTimestamp: '2019-10-24T01:07:33Z'
  labels:
    build: oc-docker-build
  name: oc-docker-build
  namespace: oc-build
  resourceVersion: '186283'
  selfLink: /apis/build.openshift.io/v1/namespaces/oc-build/buildconfigs/oc-docker-build
  uid: a8c38324-f5fa-11e9-abc2-de2eebc0ace4
spec:
  failedBuildsHistoryLimit: 5
  nodeSelector: null
  output:
    to:
      kind: ImageStreamTag
      name: 'oc-docker-build:latest'
  postCommit: {}
  resources: {}
  runPolicy: Serial
  source:
    type: Dockerfile
    dockerfile: >-
      FROM node:10


      # Create app directory

      WORKDIR /usr/src/app


      RUN mkdir -p /home/node/app/node_modules && chown -R node:node
      /home/node/app


      WORKDIR /home/node/app


      # Install app dependencies

      # A wildcard is used to ensure both package.json AND package-lock.json are
      copied

      # where available (npm@5+)

      COPY package*.json ./


      USER node


      RUN npm install


      # Bundle app source

      COPY --chown=node:node . .


      EXPOSE 8080

      CMD [ "node", "server.js" ]
  strategy:
    dockerStrategy:
      from:
        kind: ImageStreamTag
        name: 'node:10'
        namespace: oc-build
    type: Docker
  successfulBuildsHistoryLimit: 5
  triggers:
    - github:
        secret: K5s0vYvAOVUfQhzWRF5Y
      type: GitHub
    - generic:
        secret: THmCyVio9uxTAasfRAbQ
      type: Generic
    - type: ConfigChange
    - imageChange:
        lastTriggeredImageID: >-
          node@sha256:872a4cb1f054fd2f85bbdc9cdf5973ed46e92370e322dbbd4a20afe17530b656
      type: ImageChange
status:
  lastVersion: 1

OpenShift buildconfig

  1. buildconfig name
  2. source (dockerfile)
  3. strategy (dockerstrategy)
  4. output (image stream)
  5. triggers (webhooks)

Docker strategy

cd cascon-build // in "cascon-2019-openshift" dir
cat Dockerfile | oc new-build --name oc-build-docker --dockerfile='-'
oc describe bc/oc-build-docker
oc start-build bc/oc-build-docker --from-dir=. --follow
oc get is
// to deploy
oc new-app oc-build-docker --name=my-node-app
oc expose svc/my-node-app
oc get route

Imagestream

Image Streams

Docker strategy

cd cascon-build // in "cascon-2019-openshift" dir
cat Dockerfile | oc new-build --name oc-build-docker --dockerfile='-'
oc describe bc/oc-build-docker
oc start-build bc/oc-build-docker --from-dir=. --follow
oc get is
// to deploy
oc new-app oc-build-docker --name=my-node-app
oc expose svc/my-node-app
oc get route

Source-to-Image (S2I) Strategy

aka How I learned to stop worrying about containers

and learn to love s2i

what's s2i?

https://github.com/openshift/source-to-image

build admin

builder image

=

what's s2i?

https://github.com/openshift/source-to-image

build admin

developer

+

source code

builder image

runtime image

=

=

what's s2i?

https://github.com/openshift/source-to-image

build admin

developer

+

source code

builder image

runtime image

=

=

openshift builder images

why s2i?

  • Speed – large number of complex operations without creating a new layer at each step
  • Reproducibility – versioning your build environment not just your runtime.
  • Ecosystem – S2I encourages a shared ecosystem of images where you can leverage best practices for your applications.

s2i Strategy

cd cascon-build // in "cascon-2019-openshift" dir
// oc new-build <image-builder-stream-tag>~<git url>
oc new-build nodejs~https://github.com/openshift/nodejs-ex.git --name oc-build-s2i
// to deploy
oc new-app oc-build-docker --name=my-s2i-app
oc expose svc/my-s2i-app
oc get route

Resources and Attributions

CASCON 2019 - OpenShift Build

By Geofrey Flores

Made with Slides.com

CASCON 2019 - OpenShift Build

Dissecting resources and workflows of creating and running OpenShit builds across different scenarios

  • 166