Delivering Go.CDwith Terraform and Docker

http://www.google.com/about/datacenters/gallery/#/all/2

About me

Jorrit SalverdaPrinciple something at Travix

I automate...● builds● deployments● infrastructure

What is Go.CD?

resource "google_compute_instance" "gocd_demo_agent" {

name = "gocd-demo-agent"

machine_type = "n1-standard-2"

zone = "${var.google_region}"

disk {

image = "container-vm"

auto_delete = "true"

}

And Terraform?

Containers...● bundle dependencies● allow content-agnostic manipulation● deploy very fast● run anywhere

Why Docker?

Live demo

What’s next?

● Monitoring● Ship logs● Volume plugins● Shrink container image● Run on Kubernetes● Windows agents for .net builds

Thanks

jsalverda@travix.com@jorritsalverda

Docker images● travix/gocd-server● travix/gocd-haproxy● travix/gocd-agent

Appendix

Terraform - variablesvariable "google_project" {

default = "google-project-name"

}

variable "google_region" {

default = "europe-west1-b"

}

Terraform - providersprovider "google" {

account_file = "${file("google-service-account-key.json")}"

project = "${var.google_project}"

region = "${var.google_region}"

}

provider "aws" {

access_key = "${var.aws_access_key}"

secret_key = "${var.aws_secret_key}"

region = "${var.aws_region}"

}

Terraform - persistent disksresource "google_compute_disk" "gocd_demo_server_persistent_data" {

name = "gocd-demo-server-persistent-data"

zone = "${var.google_region}"

type = "pd-ssd"

size = "200"

}

Terraform - compute instancesresource "google_compute_instance" "gocd_demo_server" {

name = "gocd-demo-server"

machine_type = "n1-standard-2"

zone = "${var.google_region}"

disk { image = "container-vm" }

...

Terraform - compute instances ...

network_interface {

network = "private-dev"

access_config { // Ephemeral IP }

}

metadata {

startup-script = "${file("bootstrap/gocd-demo-server-startup.sh")}"

google-container-manifest = "${file("bootstrap/gocd-demo-server-containers.yml")}"

}

}

Terraform - outputsoutput "output_google_compute_instance_gocd_demo_server_internal_ip_address" {

value = "${google_compute_instance.gocd_demo_server.network_interface.0.address}"

}

output "output_google_compute_instance_gocd_demo_server_external_ip_address" {

value = "${google_compute_instance.gocd_demo_server.network_interface.0.access_config.

0.nat_ip}"

}

Dockerfile travix/gocd-serverFROM travix/base-debian-git-jre7:latest

MAINTAINER Travix

# build time environment variables

ENV GO_VERSION=15.2.0-2248 \

USER_NAME=go \

USER_ID=999 \

GROUP_NAME=go \

GROUP_ID=999

Dockerfile travix/gocd-server# install go server

RUN groupadd -r -g $GROUP_ID $GROUP_NAME \

&& useradd -r -g $GROUP_NAME -u $USER_ID -d /var/go $USER_NAME \

&& curl -fSL "http://download.go.cd/gocd-deb/go-server-$GO_VERSION.deb" \

-o go-server.deb \

&& dpkg -i go-server.deb \

&& rm -rf go-server.db \

&& sed -i -e "s/DAEMON=Y/DAEMON=N/" /etc/default/go-server

Dockerfile travix/gocd-server# runtime environment variables

ENV SERVER_MEM=512m \

SERVER_MAX_MEM=1024m \

SERVER_MIN_PERM_GEN=128m \

SERVER_MAX_PERM_GEN=256m \

AGENT_KEY=""

# expose ports

EXPOSE 8153 8154

Dockerfile travix/gocd-server# define default command

CMD groupmod -g ${GROUP_ID} ${GROUP_NAME}; \

usermod -g ${GROUP_ID} -u ${USER_ID} ${USER_NAME}; \

chown -R ${USER_NAME}:${GROUP_NAME} /var/lib/go-server /var/log/go-server /etc/go; \

(/bin/su - ${USER_NAME} -c "/usr/share/go-server/server.sh &"); \

until curl -s -o /dev/null 'http://localhost:8153'; \

do sleep 1; \

done; \

/bin/su - ${USER_NAME} -c "exec tail -F /var/log/go-server/*"

Startup script#! /bin/bash

# create users for mounting local directories as container volumes

sudo groupadd -r -g 999 go

sudo useradd -r -g go -u 999 go

sudo groupadd -r -g 998 haproxy

sudo useradd -r -g haproxy -u 998 haproxy

# mount local ssd

sudo mkdir -p /mnt/gocd-server-local-ssd

sudo /usr/share/google/safe_format_and_mount -m "mkfs.ext4 -F" /dev/disk/by-id/google-

local-ssd-0 /mnt/gocd-server-local-ssd

sudo resize2fs /dev/disk/by-id/google-local-ssd-0

Kubelet manifest - containerversion: v1

kind: Pod

metadata:

name: gocd-server

spec:

containers:

- name: gocd-server

image: travix/gocd-server:latest

imagePullPolicy: Always

Kubelet manifest - volumes volumeMounts:

- mountPath: /var/lib/go-server/db/h2db

name: gocd-server-db

- mountPath: /etc/go

name: gocd-server-config

volumes:

- name: gocd-server-db

hostPath:

Path: /mnt/gocd-server-persistent-disk/db

- name: gocd-server-config

hostPath:

Path: /mnt/gocd-server-persistent-disk/config

Kubelet manifest - ports ports:

- name: server-http

containerPort: 8153

hostPort: 8153

protocol: TCP

- name: server-https

containerPort: 8154

hostPort: 8154

protocol: TCP

Kubelet manifest - environment vars env:

- name: "AGENT_KEY"

value: "secret-key-for-autoregistration"

- name: "SERVER_MEM"

value: "4096m"

- name: "SERVER_MAX_MEM"

value: "4096m"

- name: "SERVER_MIN_PERM_GEN"

value: "1024m"

- name: "SERVER_MAX_PERM_GEN"

value: "1024m"