Friday, August 17, 2018

My first experience with JenkinsX


As a DevOps engineer, I thought JenkinsX is a CI/CD tool for containers to build in K8s environments. But it's wrong. JenkinsX is an attempt to automate the whole development process end to end for containerized applications based on Docker and Kubernetes. JenkinsX is an Open Source project and is not a fork of Jenkins. JenkinsX reuses Jenkins Core and it has set of additional tools to achieve its goal. It is easy to customize JenkinsX as we can edit or replace any of its tool sets.
JenkinsX address the following problems:
  1. Frequent deployments
  2. Low Mean Time to Recover
  3. CI/CD
  4. Configuration as Code
  5. Automated Release Management
Once JenkinsX installed, it setup and configure the following for you:
  1. Create a Git repo for a new application with development, staging and production environment.
  2. Create a pipeline configuration in Jenkins for a new application and connect it with a Git repo
  3. Automate the DevOps processes (like builds, artifacts and containers creation and deployments) based on Git operations (branching, commits, PR creating, PR merging)
Building Blocks of JenkinsX:
Strengths of Jenkins X:
  1. It address the pain points and streamlining implementation of DevOps/GitOps principles. It saves a lot of time for new project implentations.
  2. Concept of JenkisX is very strong.
  3. Good toolset, which is already configured and works (k8s, Jenkins, Docker registry, Chartmuseum, Monokular, Nexus)
  4. "JX Quickstarts" make a creation of new apps an easy ride
  5. Ability to customise the pipelines and their templates
  6. It provides a preview environment, which helps in decision making for pull requests.
Not that good points of Jenkins X:
  1. Jenkins X is another framework to learn.
  2. Still its a baby, a lot of things to implement and improve
  3. Documentation lacks comprehensive, it has only basic information
  4. Migration of existing CI/CD pipelines into Jenkins X is difficult
  5. For each team, we need to deploy each JenkinsX instance
JenkinsX Flow:

How to install Mysql8 on OEL7.5

How to install Mysql8 on OEL7.5

Login to the server:

wget https://dev.mysql.com/get/mysql80-community-release-el7-1.noarch.rpm
rpm -ivh <filename>
yum install mysql-community-server -y
systemctl enable mysqld.service
systemctl start mysqld
grep 'temporary password' /var/log/mysqld.log (for getting the temporary password)
/usr/bin/mysql_secure_installation

Wednesday, August 15, 2018

Errors occurred deleting machine: Error deleting host: minikube: Error loading host from store: The system cannot find the file specified.

Error:
When I delete or start my minikube on windows10 machine, I am getting the following

C:\Users\shvijai>minikube delete
Deleting local Kubernetes cluster...
Errors occurred deleting machine:  Error deleting host: minikube: Error loading host from store: open C:\Users\shivin\.minikube\machines\minikube\config.json: The system cannot find the file specified.

Solution for this issue:

Remove the folder .minikube from C:\Users\shivin\
Start minikube again (minikube start)
Then you can see the VM getting downloaded.

Tuesday, August 14, 2018

How to create an insecure registry in OEL7+

I won't encourage you to create an insecure registry. But for me I need to setup this for a demo purpose. I was using an OEL7.4 OS.

Login to the server, update the file with your local registry details:

vi /etc/docker/daemon.json
{
  "storage-driver": "overlay2",
  "ip-masq": false,
  "insecure-registries": ["10.96.202.190:5000"],
  "log-driver": "json-file",
  "log-opts": {
    "max-size": "20m",
    "max-file": "10"
  }

}

Here in my case, 10.96.202.190:5000 is the local registry. You need to change with yours.

systemctl daemon-reload
systemctl restart docker

Click the link How to test your registry?

How to test docker registry

This is just a sample test, whether your docker registry is working fine or not. We will pull an image and then tag and push it to the registry. Here I have a local registry "192.168.0.2:5000"

# sudo docker pull busybox
# sudo docker images 
# sudo docker tag <image-id> 192.168.0.2:5000/busybox
# sudo docker push 192.168.0.2:5000/busybox

If you didn't get an error, your docker registry is working fine. Else you may face some "certificate error" or "http server gave http response to https client"

Thursday, July 12, 2018

Jenkins Pipeline Parameter

Little background : I am running an inspec test for couple of servers. I accept server ip's as a jenkins parameter. Each IP the inspec test for the mysql profile should execute.

Parameter "IP_MYSQL" holds server ips

node{
    cleanWs()
stage('Checking MySQL'){
    echo 'Inspec test for mysql'
    withCredentials([file(credentialsId: 'mysql-prod', variable: 'SSH_KEY')]) {
    sh '''
sudo git clone https://github.com/dev-sec/mysql-baseline
cd mysql-baseline
    echo "${IP_MYSQL}" | sed -n 1'p' | tr ',' '\n' | while read IP; do
            sudo cp ../inspec.yml inspec.yml
            sudo sed -i -e "s/mysql-baseline/mysql-baseline-$IP/g" inspec.yml
            cd ..
            sudo inspec exec mysql-baseline -t ssh://clouduser@$IP -i $SSH_KEY --reporter junit:Report_$IP.xml || true
        done
'''
junit '*.xml'
    }
  }
}
}