CI with Docker in Docker
0 likes102 views
The document discusses the integration of Docker with Jenkins for continuous integration (CI), specifically focusing on the challenges of using Docker-in-Docker (DinD) setups. It covers various solutions to address these issues, such as using the sysbox container runtime and socket solutions, along with a simplified setup process for Jenkins with Docker. Additionally, it highlights the advantages of utilizing Docker-in-Docker in CI pipelines, including cost-effectiveness and improved automation for testing.
CI with Docker in Docker
- 1. CI with Docker-in-Docker Mukta Aphale @muktaa mukta@velotio.com
- 2. AGENDA ● Recap: CI, Jenkins ● Jenkins + Docker ● Docker in Docker problems ● 3 ways to solve docker-in-docker ● Jenkins with Docker-in-Docker: Simplest way ● Advantages of dind in CI pipeline ● VP Devops & Cloud, Velotio Technologies ● (We are hiring!!) => mukta@velotio.com ● Developer for 1 decade and in Devops for another decade! ● (Probably successful) Entrepreneur ● Love to solve problems creatively ● Love to travel, cook, paint, explore and meet people ● Mother to two (handsome) boys! @muktaa mukta@velotio.com
- 3. “Run everything inside Docker containers. Even Docker itself…!”
- 4. Quick Recap ● Docker Runtime ● Continuous Integration ● Jenkins ● Jenkins in Docker
- 5. This is the problem: Building container apps on Jenkins which is running as a container Docker in Docker Problems ● When starting a container, the “inner Docker” might try to apply security profiles that will conflict or confuse the “outer Docker.” ● When you run Docker in Docker, the outer Docker runs on top of a normal filesystem but the inner Docker runs on top of a copy-on-write system ● Handling build cache: if your CI system does builds and rebuilds, each time you’ll restart your Docker-in-Docker container, you might be nuking its cache
- 6. And then there was light… “They didn’t know it was impossible, so they did it.” - Mark Twain ● Sysbox ○ Container runtime, based on runc, ○ Enables to run Docker-in-Docker securely and easily, integrating with existing CI tools seamlessly ○ https://github.com/nestybox/sysbox ● Socket Solution ○ Run docker with the default Unix socket docker.sock as a volume ○ docker run -v /var/run/docker.sock:/var/run/docker.sock -ti docker ○ Security Risks ● Dind ○ Use official Docker image with dind tag: docker run --privileged -d --name dind-test docker:dind ○ Outer container runs in privileged mode
- 7. Using disposable containers in CI https://stefanprodan.com/2016/continuous-integration-with-jenkins-and-disposable-containers/
- 8. Jenkins Pipeline with Docker Jenkins Master Docker Plugin Docker Host, API Docker Image Configure Docker & Agent (Jenkins -> Config -> Cloud -> Docker) Jenkins Job https://narenchejara.medium.com/how-to-configure-docker-container-as-build-slaves-for-jenkins-d7795f78402d
- 9. Jenkins Setup with Docker-in-Docker 1. Run Jenkins in container using official image (docker:dind) a. Customized image: https://github.com/4OH4/jenkins-docker 2. Or, Clone repo and build image docker run -it -p 8080:8080 -p 50000:50000 -v jenkins_home:/var/jenkins_home -v /var/run/docker.sock:/var/run/docker.sock --restart unless-stopped 4oh4/jenkins-docker docker build -t jenkins-docker . docker run -it -p 8080:8080 -p 50000:50000 -v jenkins_home:/var/jenkins_home -v /var/run/docker.sock:/var/run/docker.sock --restart unless-stopped 4oh4/jenkins-docker
- 10. Advantages of using Docker-in-Docker in CI ● On demand build environments ● No need for dedicated VMs ● Useful for microservices which are written in different languages ● Cost effective ● Better automation of continuous testing ● Very useful for performance testing
- 12. Thank You!