I have been playing around with Docker for a while now and thought it might be time to document some of this. Today we will cover off installing a Git Web Service (Gogs), Docker, then Jenkins (CI/Automation) for running our build instructions and finally configuration of a Docker repository for our built containers.
At this point you should have an up to date Ubuntu 16.04.1 (or similar) install, looking similar to below
Your next step is to login to the server using the credentials you have previously configured
Now that you’re on the command line we need to install GOG
Start by creating the gogs user (however you can use whatever username you wish e.g. git)
sudo useradd -m gogs
Next, we need to build out our directory structure, to do this run the following commands
sudo mkdir gogs-repositories
sudo chmod 770 gogs-repositories
sudo chown gogs:gogs gogs-repositories
Now we have our directories in place, we are ready to download gogs and install it. Head over to https://gogs.io/
There is a prerequisite that need to be installed prior to gogs and that is git.
On the command line type the following
sudo apt-get update
sudo apt-get install git
You may find git has already been installed
The next step is to set up our bin directory for gogs, I always install my custom tarballs to /opt as it makes it easy to find them. You can also build gogs as a docker container but today we won’t be doing this.
Let’s build that directory now doing the following
sudo mkdir /opt/gogs
sudo chown gogs:gogs /opt/gogs
Next, we need to head back to the website and find the tarball for our distribution and then do the ole right click and copy link location.
Now we should be able to download this into our home directory and then unarchive it into /opt/gogs
sudo wget https://dl.gogs.io/gogs_v0.9.113_linux_amd64.tar.gz
Now you need to untar the tarball
sudo tar zxvf ~/ gogs_v0.9.113_linux_amd64.tar.gz
Follow this up with a ownership change
sudo chown gogs:gogs gogs
Now we need to get our init script sorted out so gogs will start on boot
To do this
sudo cp gogs /etc/init.d/
sudo chmod 755 gogs
sudo chown root:root gogs
Now we need to adjust our init script to our environment
sudo nano gogs
in here we are looking to change the workingdir to our gogs binary home /opt/gogs and our user from git to gogs. (or whatever username you selected back at the start)
Save and exit
Finally, we need to configure systemctl to load our init script on boot
sudo update-rc.d gogs defaults
Finally start gogs with
sudo service gogs start
and you’re ready to configure it
On your browser head to http://<GOGS FQDN>:3000/
The first time you start Gogs and head to the website you will be greeted with the installer, it looks a lot like this
First you need to select your database back end, I will be going with SQLite, but for bigger installs you will probably want MySQL.
You will also want to set the repository root path to /srv/gogs-repositories
If you require mail functionality, then you will need to set this too
Finally turn the twisty down on the Admin Account Settings and fill in the fields to build your admin account and then hit install Gogs, congrats your gogs install is complete.
Now, we need to create the Docker repository directory, fortunately this is a quick process
Back on the command line
You need to first install Docker (note: the docker.io below in Ubuntu it is docker.io, other distributions it will be just Docker)
sudo apt-get update
sudo apt-get install docker.io
Next, we need to configure our repository directory
sudo mkdir /srv/docker-repo
sudo chmod 770 /srv/docker-repo
sudo mkdir /srv/certs
sudo chmod 770 /srv/certs
Now we need to configure our certificates for our Docker registry, you can use self-signed SSL certificates here or you can head over to the good folks at StartSSL and grab a free one https://www.startssl.com/
I won’t cover generating SSL certificates in this blog but if you require help in this area I recommend checking out the Ubuntu documentation here https://help.ubuntu.com/12.04/serverguide/certificates-and-security.html
Finally, we need to configure the Docker registry container as follows
docker run -d -p 5000:5000 --restart=always --name registry \
-v /srv/docker-repo:/var/lib/registry \
-v /srv/certs:/certs \
-e REGISTRY_HTTP_TLS_CERTIFICATE=/certs/domain.crt \
-e REGISTRY_HTTP_TLS_KEY=/certs/domain.key \
Should you be putting multiple instances up then there are 2 suggestions, firstly Docker recommend in their best practice guide that you don’t use local file system storage and instead use S3, google, etc for your storage engine. Finally, that you add -e REGISTRY_HTTP_SECRET=<secret> across your fleet guard against upload issues.
At this point it worth testing the repository to confirm that your files are heading to where you expect, to do this we will pull an image from the official repo and push it to our new repo.
sudo docker pull busybox:latest
sudo docker tag busybox:latest localhost:5000/busybox
sudo docker push localhost:5000/busybox
Checking /srv/docker-repo should now contain the repository. Typing
sudo ls /srv/docker-repo/
should show this
Confirm that your repository is talking by typing
curl https://<server FQDN>:5000/v2/_catalog
or browsing to that location. You should see the words repository and busybox listed there.
Finally, we now need to configure Jenkins to do the leg work for us (automation). From the command line (Following the Jenkins install guide https://wiki.jenkins-ci.org/display/JENKINS/Installing+Jenkins+on+Ubuntu)
wget -q -O - https://pkg.jenkins.io/debian/jenkins-ci.org.key | sudo apt-key add -
sudo sh -c 'echo deb http://pkg.jenkins.io/debian-stable binary/ > /etc/apt/sources.list.d/jenkins.list'
sudo apt-get update
sudo apt-get install openjdk-8-jdk openjdk-8-jre openjdk-8-jre-headless jenkins
Next step is to add Jenkins to the docker group
sudo usermod -a -G docker jenkins
then start and confirm the service is running
sudo service jenkins start
sudo service jenkins status
Next up you need to configure jenkins, your doing to need the initial admin password, the following command will get this for you.
sudo cat /var/lib/jenkins/secrets/initialAdminPassword
now head to the website http://<server FQDN>:8080/
Fill in the admin password and hit continue.
Next you have given the option to install all plugins or manually select them. I would recommend installing all the plugins so that you see get a feel for what Jenkins is capable of
The installer will now go about installing the plugins.
Once this process is complete you will asked to create the first admin user. Then hit save and finish.
Jenkins is now installed and ready to go
You should now be logged in and looking at the dash board