Over a million developers have joined DZone.

Secure Application Deployments With Jenkins, Kubernetes, and the Google Cloud Platform

CloudBees has added Kubernetes and Google Container Registry support to Jenkins.

· Cloud Zone

Build fast, scale big with MongoDB Atlas, a hosted service for the leading NoSQL database on AWS. Try it now! Brought to you in partnership with MongoDB.

In a previous series of blogs, we covered how to use Docker with Jenkins to achieve true continuous delivery and improve existing pipelines in Jenkins.

Docker can be used in conjunction with Jenkins to provide customized build and runtime environments for testing or production, trigger application builds, automate application packaging/releases, and deploy traceable containers. The new Jenkins Workflow plugin can also programmatically orchestrate these CD pipelines, while the CloudBees Jenkins Platform further builds on the above to give Jenkins masters shareable Docker build resources. All together, these features allow a Jenkins administrator or user to easily set up a CD pipeline and ensure that build/test environments are fungible, and therefore highly scalable.

The CloudBees team and the open-source community have enhanced this existing Docker story by adding Kubernetes and Google Container Registry support to Jenkins, giving Jenkins administrators the ability to leverage both Google’s container management tool and cloud container platform to run a highly-scalable and managed runtime for Jenkins.

Cookie-Cutter Environments and Application Packaging

The versatility and usability of Docker has made it a popular choice among DevOps-driven organizations. It has also made Docker an ideal choice for creating the standardized and repeatable environments that an organization needs for both creating identical testing and production environments as well as for packaging portable applications.

If an application is packaged in a Docker image, testing and deploying is a matter of creating a container from that image and running tests against the application inside. If the application passes the tests, then they should be stored in a registry and eventually deployed to production.

Screen Shot 2015-06-10 at 1.57.06 PM.png

Leveraging the Google Container Registry

The Jenkins community has now added support for releasing applications as Docker images to the Google Container Registry, a free service offered by Google, and using Google’s own services to securely deploy applications across their multi-region datacenters.  

The Google Container Registry encrypts all Docker images and allows administrators to restrict push/pull access with ACLs on projects and storage buckets. Authentication is performed with their Cloud Platform OAuth over SSL, and Jenkins now supports this via the Google Container Registry Auth plugin developed by Google.

The CloudBees Docker Build and Publish Plugin adds a new build step to Jenkins jobs for building and packaging applications into Docker containers, then publishing them as Docker images to your registry of choice with the Google OAuth credentials mentioned above.

Securely Deploying With the Google Cloud Platform

The Docker Build and Publish plugin doesn’t require the Kubernetes plugin to integrate with the Google Container Registry. However, installing both unlocks the option of using the Google Cloud Platform and its underlying Kubernetes cluster to securely deploy Docker images as containers.

The Google Cloud Platform supports directly deploying Docker images from their Container Registry to their Container Engine. Deployments can be to particular regions and clusters, and they happen on a configured schedule. Once deployed, the application can  then be run as a highly-available cluster. Kubernetes will perform regular health-checks on the application instances, restarting them as necessary.

Source: http://googlecloudplatform.blogspot.com/2015_01_01_archive.html

Where Do I Start?

  1. The CloudBees Docker Build and Publish plugin is an open-source plugin, so it is available for download from the open-source update center or packaged as part of the CloudBees Jenkins Platform.
  2. The Google Cloud Registry Auth plugin is an open-source plugin developed by Google, so it available to download from the open source update center or packaged as part of the CloudBees Jenkins Platform.
  3. (Optional) TheKubernetes plugin is an open-source plugin, so it is available for download from the open-source update center or packaged as part of the CloudBees Jenkins Platform.
  4. The Google Container Engine offers a free trial.
  5. The Google Container Registry is a free service.
  6. Other plugins complement and enhance the ways Docker can be used with Jenkins. Read more about their uses cases in these blogs:

Now it's easier than ever to get started with MongoDB, the database that allows startups and enterprises alike to rapidly build planet-scale apps. Introducing MongoDB Atlas, the official hosted service for the database on AWS. Try it now! Brought to you in partnership with MongoDB.

clever cloud,jenkins,kubernetes,google container registry

Published at DZone with permission of Tracy Kennedy, DZone MVB. See the original article here.

Opinions expressed by DZone contributors are their own.

The best of DZone straight to your inbox.

Please provide a valid email address.

Thanks for subscribing!

Awesome! Check your inbox to verify your email so you can start receiving the latest in tech news and resources.

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}