4th Developers@CERN Forum How to easily offer your application as a self-service template by using OpenShift and GitLab-CI 4th Developers@CERN Forum Alberto.

Slides:



Advertisements
Similar presentations
Grid and CDB Janusz Martyniak, Imperial College London MICE CM37 Analysis, Software and Reconstruction.
Advertisements

Deployment and Configuration Management Solution
DNN LOVES JENKINS FOR CONTINUOUS INTEGRATION
Version Control with git. Version Control Version control is a system that records changes to a file or set of files over time so that you can recall.
CONTINUOUS INTEGRATION, DELIVERY & DEPLOYMENT ONE CLICK DELIVERY.
VAP What is a Virtual Application ? A virtual application is an application that has been optimized to run on virtual infrastructure. The application software.
Windows Azure Conference 2014 Running Docker on Windows Azure.
Office 365 Platform Flexible Tools Understand different provisioning options and their advantages and disadvantages…
Copyright © 2011 EMC Corporation. All Rights Reserved. MODULE – 6 VIRTUALIZED DATA CENTER – DESKTOP AND APPLICATION 1.
EGEE is a project funded by the European Union under contract IST Testing processes Leanne Guy Testing activity manager JRA1 All hands meeting,
…using Git/Tortoise Git
Continuous Integration and Code Review: how IT can help Alex Lossent – IT/PES – Version Control Systems 29-Sep st Forum1.
GAAIN Virtual Appliances: Virtual Machine Technology for Scientific Data Analysis Arihant Patawari USC Stevens Neuroimaging and Informatics Institute July.
Satisfy Your Technical Curiosity Specialists Enterprise Desktop -
CERN IT Department t LHCb Software Distribution Roberto Santinelli CERN IT/GS.
SPI NIGHTLIES Alex Hodgkins. SPI nightlies  Build and test various software projects each night  Provide a nightlies summary page that displays all.
Build and Deployment Process Understand NCI’s DevOps and continuous integration requirements Understand NCI’s build and distribution requirements.
Image Distribution and VMIC (brainstorm) Belmiro Moreira CERN IT-PES-PS.
Microsoft Virtual Academy Module 12 Managing Services with VMM and App Controller.
Ansible and Ansible Tower 1 A simple IT automation platform November 2015 Leandro Fernandez and Blaž Zupanc.
1 Punishment Through Continuous Delivery If it hurts, do it more often…
Software collaboration tools as a stack of services Borja Aparicio Cotarelo IT-PES-IS 2HEPiX Fall 2015 Workshop.
ICS Software Development Environment Blaž Zupanc and Leandro Fernandez 19 February 2016.
NALINI S. NAUTIYAL SYSTEM SOFTWARE DIVISION Subversion.
Administering Windows Server 2012 Question Answer.
DECTRIS Ltd Baden-Daettwil Switzerland Continuous Integration and Automatic Testing for the FLUKA release using Jenkins (and Docker)
OEM Provision part Amin Omidy Oct  Introduction  Explain Oracle provisioning in general and provisioning types  Main Requirements for any Provisioning.
11 DEPLOYING AN UPDATE MANAGEMENT INFRASTRUCTURE Chapter 6.
Structured Container Delivery Oscar Renalias Accenture Container Lead (NOTE: PASTE IN PORTRAIT AND SEND BEHIND FOREGROUND GRAPHIC FOR CROP)
Windows 2012R2 Hyper-V and System Center 2012
SharePoint 101 – An Overview of SharePoint 2010, 2013 and Office 365
Joonas Sirén, Technology Architect, Emerging Technologies Accenture
Let's talk about Linux and Virtualization in 'vLAMP'
Containers as a Service with Docker to Extend an Open Platform
Stress Free Deployments with Octopus Deploy
Web application hosting with Openshift, and Docker images
Web application hosting with Openshift, and Docker images
Constructing Deploying and Maintaining Enterprise Systems
IBM Workload Scheduler 2015 Take the Complexity Out of Workload Automation, while Keeping the Technology Up-to-Date IEM fixlets and Centralized Agent Update.
Infrastructure Orchestration to Optimize Testing
Work Package 4 Software Integration and Distribution
Docker Birthday #3.
Trends like agile development and continuous integration speak to the modern enterprise’s need to build software hyper-efficiently Jenkins:  a highly.
In-Depth Introduction to Docker
Production Line Architecture
Production Line Architecture
Revision Control, Automated Testing and Docker RSE Conference 2017
Migrating Oracle Forms Using Oracle Application Express
Application Lifecycle Management – Best Practices for SharePoint and Office App development November 2015.
2018 Amazon AWS DevOps Engineer Professional Dumps - DumpsProfessor
Continuous Integration For Databases
X in [Integration, Delivery, Deployment]
Enterprise Application Stores
Unit 9 NT1330 Client-Server Networking II Date: 8/9/2016
Simplified Development Toolkit
Automated Testing and Integration with CI Tool
Continuous deployment best practices, methods and tools.
IBM Containers Docker in the Cloud
ABHISHEK SHARMA ARVIND SRINIVASA BABU HEMANT PRASAD 08-OCT-2018
Managing Services with VMM and App Controller
THE REALITY OF USING CONTAINERS TO BUILD PRODUCTS
Continuous Integration
CI/CD Workflow and Event Pages
DEVOPS & THE FUTURE OF TESTING
Roots/Git to Deploy What is continuous integration and continuous delivery How they are used at the Innovation Co-Lab Victor Wang, Software Engineer &
Azure Container Service
Erik Vollebekk Application Architect
Securing IaaS in the cloud
Empowering teams with scalable Shiny applications
SSDT, Docker, and (Azure) DevOps
Presentation transcript:

4th Developers@CERN Forum How to easily offer your application as a self-service template by using OpenShift and GitLab-CI 4th Developers@CERN Forum Alberto Rodríguez Peón IT-CDA-WF

Running a service on the cloud A single instance of your application serving all users Application maintenance and server provision is simple as only a single instance running All users connect through the same well-known endpoint https://myapp.cern.ch

Running a service on the cloud A single instance of your application serving all users Application maintenance and server provision is simple as only a single instance running All users connect through the same well-known endpoint https://myapp.cern.ch

Running a service on the cloud A single instance of your application serving all users Application maintenance and server provision is simple as only a single instance running All users connect through the same well-known endpoint https://myapp.cern.ch Application needs to support multi-tenancy, ACLs and independent user configuration!

Running individual instances per team Individual instances solve this but maintenance, provision and configuration efforts get multiplied! https://myapp-3.cern.ch https://myapp-1.cern.ch https://myapp-2.cern.ch

Application offered as a self-service template Application binaries are offered from a central catalog, allowing users to pull them and run their private instance New software releases and security updates are pushed to the central repository and propagated to users’ instances Instance owners have full privileges to configure their private copy of the application Instance provision is automatically provided by the platform https://myapp-3.cern.ch https://myapp-3.cern.ch

A real-life use case: Jenkins service @ CERN Jenkins is a clear example of software that works well with the self- service model As admins, we want to: Offer a readily available and curated template that users can instantiate without effort Automate provisioning of new instances Keep users’ instances up to date while minimizing maintenance efforts through automated procedures Automate build, test and deployment of new releases OpenShift and GitLab-CI provide tools to achieve all this!

Packaging the application in a Docker Image By using Docker, we can encapsulate the Jenkins binaries in a standard and reusable way that users can run Containers isolate app from host, allowing total delegation to users! … but only providing an image is not enough We still need an orchestrating platform to provide: Routing to the container Instance provisioning Lifecycle of the application Data storage Upgrade strategies

Using OpenShift templates By using OpenShift, we can use an existing platform instead of running our orchestrating platform OpenShift supports adding all the missing pieces with Templates Completely self-service Trivial for users to launch!

Keeping users’ instances up to date OpenShift provides two features to ensure private Jenkins instances are up to date with new software releases and security fixes ImageStreams are indirections to Docker images ImageTriggers watch a given tag of an ImageStream and redeploy the application whenever the tag changes All Jenkins instances are configured to use the stable tag of a shared ImageStream and have an ImageTrigger for that tag

OpenShift ImageStreams at work Jenkins image in the Docker registry docker.io/_/jenkins:latest docker.io/_/jenkins@sha256:a4b585874b21... docker.io/_/jenkins:2.73.2-1 docker.io/_/jenkins@sha256:714c62c1f62c... Jenkins ImageStream openshift/jenkins:stable docker.io/_/jenkins@sha256:714c62c1f62c... openshift/jenkins:latest docker.io/_/jenkins@sha256:a4b585874b21... openshift/jenkins:2.73.2-1

OpenShift ImageStreams at work Jenkins image in the Docker registry docker.io/_/jenkins:latest docker.io/_/jenkins@sha256:a4b585874b21... docker.io/_/jenkins:2.73.2-1 docker.io/_/jenkins@sha256:714c62c1f62c... docker.io/_/jenkins:2.73.2-2 docker.io/_/jenkins@sha256:60ea1a543548... Jenkins ImageStream openshift/jenkins:stable docker.io/_/jenkins@sha256:714c62c1f62c... openshift/jenkins:latest docker.io/_/jenkins@sha256:a4b585874b21... openshift/jenkins:2.73.2-1

OpenShift ImageStreams at work Jenkins image in the Docker registry docker.io/_/jenkins:latest docker.io/_/jenkins@sha256:a4b585874b21... docker.io/_/jenkins:2.73.2-1 docker.io/_/jenkins@sha256:714c62c1f62c... docker.io/_/jenkins:2.73.2-2 docker.io/_/jenkins@sha256:60ea1a543548... $ oc import-image jenkins:2.73.2-2 Jenkins ImageStream openshift/jenkins:stable docker.io/_/jenkins@sha256:714c62c1f62c... openshift/jenkins:latest docker.io/_/jenkins@sha256:a4b585874b21... openshift/jenkins:2.73.2-1 openshift/jenkins:2.73.2-2 docker.io/_/jenkins@sha256:60ea1a543548...

OpenShift ImageStreams at work Jenkins image in the Docker registry docker.io/_/jenkins:latest docker.io/_/jenkins@sha256:a4b585874b21... docker.io/_/jenkins:2.73.2-1 docker.io/_/jenkins@sha256:714c62c1f62c... docker.io/_/jenkins:2.73.2-2 docker.io/_/jenkins@sha256:60ea1a543548... Applications with an ImageTrigger for stable will be redeployed! $ oc tag jenkins:2.73.2-2 jenkins:stable Jenkins ImageStream openshift/jenkins:stable docker.io/_/jenkins@sha256:60ea1a543548... openshift/jenkins:latest docker.io/_/jenkins@sha256:a4b585874b21... openshift/jenkins:2.73.2-1 docker.io/_/jenkins@sha256:714c62c1f62c... openshift/jenkins:2.73.2-2

GitLab-CI Pipelines The build and deployment process is fully managed within GitLab-CI Building the Docker image Importing it to OpenShift Testing it Uploading the template Redeploying all instances To interact with OpenShift, we use a centrally provided Docker image with the oc CLI installed https://gitlab.cern.ch/paas-tools/openshift-client

Automatic testing with GitLab-CI For verification of newer releases, automated tests are always run after a new image is built Integrates nicely with GitLab-CI as pipeline can be aborted if test stage fails Deployment into OpenShift easily achieved by using oc Docker image For Jenkins, two pre-created OpenShift projects are used to: Create a brand new instance with the new image and template Create an instance with the old image and template and redeploy with the new image immediately after In both cases, a simple Jenkins job is run to verify all is working

Redeploying all instances after a new release Redeploying all running Jenkins instances happens whenever the stable tag is updated As this potentially affects all instance owners, redeployment is launched through a GitLab-CI manual trigger After a global announcement and during a well-known intervention window

Our deployment workflow - development A development pipeline is launched by pushing to any branch of the repository The image is built with the latest tag and pushed to the Docker registry Import the built image into the staging environment in openshift-dev.cern.ch Run automated tests for the new image Manual trigger to upload the template into the staging environment in openshift-dev.cern.ch Only launched when template has been modified

Our deployment workflow - production A production pipeline is run by pushing a git tag (marked with an image release) The image is built with the <git_tag> tag and pushed to the Docker registry. The tag represents a software release and have the form of 2.73.2-2 Create tags in the ImageStream for the new Docker tag with the version release Import the built image into the staging environment in openshift-dev.cern.ch and also into the production environment in openshift.cern.ch Run automated tests for the new image

Our deployment workflow – production (II) A production pipeline is run by pushing a tag with the image release Update the templates in both staging (openshift-dev.cern.ch) and production (openshift.cern.ch) environments. A manual trigger can be used to update the template in case the tests do not pass Tag the release image with stable, triggering a redeployment of all applications For production, this job is usually run during a previously announced time window, letting users know their application will be restarted

Summary With this workflow we managed to: Offer a centralized template for users to launch private instances of Jenkins By running in OpenShift, we get: An orchestration platform that we (Jenkins admins) don’t need to manage Image management features that allow us to redeploy users’ applications when there are security fixes and software releases By using GitLab-CI, we get: We can automate all build, test and deployment operations Manual triggers, to launch jobs that required coordination

Templates available at the moment More coming soon!

What about YOUR app? This is our personal experience with the Jenkins Service Does your application fit this model? Or any software you might want to distribute like this? Please reach out if it is the case We can provide expertise and help to write a template for your application and configure the build and deployment process with GitLab-CI https://gitlab.cern.ch/paas-tools/openshift_app_template_example

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.