Build Container Image with OC CLI
______ ______ ______ __ __
/ __ \ / | / || | | |
| | | | | ,----' | ,----'| | | |
| | | | | | | | | | | |
| `--' | | `----. | `----.| `----.| |
\______/ \______| \______||_______||__|
Configure OpenShift with external registry (optional)
Create docker secret to access external registry
- With user and password
NEXUS_REGISTRY=external_registry.example.com oc create secret docker-registry nexus-registry --docker-server=$NEXUS_REGISTRY \ --docker-username=$CICD_NEXUS_USER \ --docker-password=$CICD_NEXUS_PASSWORD \ --docker-email=unused \- From dockercfg file
apiVersion: v1 kind: Secret metadata: name: nexus-registry type: kubernetes.io/dockercfg data: .dockercfg: | "<base64 encoded ~/.dockercfg file>"Link secret for builder
oc secrets link default nexus-registry --for=pullLink secret for pull image
oc secrets link builder nexus-registryFor insecure registry
- Edit image.config.openshift.io/cluster
oc edit image.config.openshift.io/cluster- Add insecure registry to spec
spec: registrySources: insecureRegistries: - nexus-registry.ci-cd.svc.cluster.local - nexus-registry.example.com
Source build
All-in-One
Use source-to-image from git this will create
- image stream
- build config
- deployment
- service
oc new-app https://gitlab.com/ocp-demo/frontend-js \ --name=frontend- Check build log
oc logs bc/frontend --follow
Build and Deploy
Create build config
oc new-build --name=frontend-v1 -l app=frontend-v1 \ https://gitlab.com/ocp-demo/frontend-jsCreate deployment and service
oc new-app frontend-v1
Binary build with Dockerfile
Clone sample Backend Quarkus
git clone https://gitlab.com/ocp-demo/backend_quarkusCreate application binary
cd code mvn clean package -DskipTests=trueCreate Build Config
Push to OpenShift's internal image registry
APP_NAME=backend oc new-build --binary --name=$APP_NAME -l app=$APP_NAMEPush to OpenShift's external image registry
APP_NAME=backend EXTERNAL_REGISTRY=nexus-registry.example.com EXTERNAL_REGISTRY_SECRET=nexus-registry TAG=latest oc new-build --binary --to-docker=true \ --to=$EXTERNAL_REGISTRY/$APP_NAME:$TAG \ --push-secret=$EXTERNAL_REGISTRY_SECRET \ --name=$APP_NAME \ -l app=$APP_NAME
Change build strategy to DockerStrategy
oc patch bc/$APP_NAME \ -p "{\"spec\":{\"strategy\":{\"dockerStrategy\":{\"dockerfilePath\":\"src/main/docker/Dockerfile.jvm\"}}}}"Build container image
oc start-build $APP_NAME --from-dir=. --followCreate Application
from internal image registry
oc new-app --image-stream=${APP_NAME} \ --labels=app.openshift.io/runtime=quarkus,app.openshift.io/runtime-version=11,app.kubernetes.io/part-of=Demo
Pause rollout deployment
oc expose svc $APP_NAMECreate liveness and readiness probe
oc set probe deployment/$APP_NAME --readiness \ --get-url=http://:8080/q/health/ready \ --initial-delay-seconds=8 \ --failure-threshold=1 --period-seconds=10 oc set probe deployment/$APP_NAME --liveness \ --get-url=http://:8080/q/health/live \ --initial-delay-seconds=5 -\ -failure-threshold=3 --period-seconds=10Set request and limit
oc set resources deployment $APP_NAME --requests="cpu=50m,memory=100Mi" oc set resources deployment $APP_NAME --limits="cpu=150m,memory=150Mi"Create configmap
oc create configmap $APP_NAME --from-file=config/application.properties oc set volume deployment/{APP_NAME --add --name=$APP_NAME-config \ --mount-path=/deployments/config/application.properties \ --sub-path=application.properties \ --configmap-name=$APP_NAMESet HPA
oc autoscale deployment $APP_NAME --min 2 --max 4 --cpu-percent=60Resume rollout deployment
oc rollout resume deployment $APP_NAMECreate route
Expose service
oc expose svc $APP_NAMECreate route with edge TLS
oc create route edge $APP_NAME --service=$APP_NAME --port=8080