From e5e78a0527ebc1b21ee2950ff98c875bd62cf5c0 Mon Sep 17 00:00:00 2001 From: hygienic-books Date: Fri, 13 Oct 2023 02:06:56 +0200 Subject: [PATCH] feat(compose): Work with a registry --- docker-compose/examples/grafana/README.md | 2 +- .../examples/grafana/compose.override.yaml | 2 ++ docker-compose/examples/grafana/compose.yaml | 4 ++-- .../grafana/env/fqdn_context.env.example | 1 + .../examples/hashicorpvault/README.md | 17 +++++++++++-- .../hashicorpvault/compose.override.yaml | 3 ++- .../examples/hashicorpvault/compose.yaml | 4 ++-- .../env/fqdn_context.env.example | 1 + .../README.md | 24 +++++++++++++++++-- .../compose.override.yaml | 6 +++-- .../compose.yaml | 8 +++---- .../env/fqdn_context.env.example | 1 + 12 files changed, 57 insertions(+), 16 deletions(-) diff --git a/docker-compose/examples/grafana/README.md b/docker-compose/examples/grafana/README.md index 41c1c47..35ef717 100644 --- a/docker-compose/examples/grafana/README.md +++ b/docker-compose/examples/grafana/README.md @@ -39,7 +39,7 @@ docker compose --project-name "${COMPOSE_PROJECT}" --file "${COMPOSE_FILE}" --en ## Copy to target -Copy images to target Docker host, that is assuming you deploy to a machine that itself has no network route to reach Docker Hub. Copying in its simplest form involves a local `docker save` and a remote `docker load`. Consider the helper mini-project [quico.space/Quico/copy-docker](https://quico.space/Quico/copy-docker) where [copy-docker.sh](https://quico.space/Quico/copy-docker/src/branch/main/copy-docker.sh) allows the following workflow: +Copy images to target Docker host, that is assuming you deploy to a machine that itself has no network route to reach Docker Hub or your private registry of choice. Copying in its simplest form involves a local `docker save` and a remote `docker load`. Consider the helper mini-project [quico.space/Quico/copy-docker](https://quico.space/Quico/copy-docker) where [copy-docker.sh](https://quico.space/Quico/copy-docker/src/branch/main/copy-docker.sh) allows the following workflow: ``` source "${COMPOSE_ENV}" diff --git a/docker-compose/examples/grafana/compose.override.yaml b/docker-compose/examples/grafana/compose.override.yaml index 0a645f5..40cf0bd 100644 --- a/docker-compose/examples/grafana/compose.override.yaml +++ b/docker-compose/examples/grafana/compose.override.yaml @@ -1,5 +1,6 @@ services: grafana-build: + # FIXME image name with or without slash? Docker Hub or private registry? With or without *_BUILD_DATE? FIXME image: "grafana:${GRAFANA_VERSION}" profiles: ["build", "build-grafana"] build: @@ -9,6 +10,7 @@ services: EXAMPLE_ARG_FOR_DOCKERFILE: "${EXAMPLE_ARG_FROM_ENV_FILE}" GRAFANA_VERSION: "${GRAFANA_VERSION}" nginx-build: + # FIXME image name with or without slash? Docker Hub or private registry? With or without *_BUILD_DATE? FIXME image: "nginx:${NGINX_VERSION}" profiles: ["build", "build-nginx"] build: diff --git a/docker-compose/examples/grafana/compose.yaml b/docker-compose/examples/grafana/compose.yaml index 8471357..33374c3 100644 --- a/docker-compose/examples/grafana/compose.yaml +++ b/docker-compose/examples/grafana/compose.yaml @@ -1,6 +1,6 @@ services: grafana: - # FIXME Docker Hub image name with or without slash? FIXME + # FIXME image name with or without slash? Docker Hub or private registry? With or without *_BUILD_DATE? FIXME image: "grafana:${GRAFANA_VERSION}" container_name: "grafana-grafana-${CONTEXT}" networks: @@ -29,7 +29,7 @@ services: # GRAFANA_USER: ${GRAFANA_USER} # GRAFANA_PASSWORD: ${GRAFANA_PASSWORD} nginx: - # FIXME Docker Hub image name with or without slash? FIXME + # FIXME image name with or without slash? Docker Hub or private registry? With or without *_BUILD_DATE? FIXME image: "nginx:${NGINX_VERSION}" container_name: "grafana-nginx-${CONTEXT}" networks: diff --git a/docker-compose/examples/grafana/env/fqdn_context.env.example b/docker-compose/examples/grafana/env/fqdn_context.env.example index 00114b0..f38832a 100644 --- a/docker-compose/examples/grafana/env/fqdn_context.env.example +++ b/docker-compose/examples/grafana/env/fqdn_context.env.example @@ -7,6 +7,7 @@ CONTEXT=ux_vilnius # GRAFANA_VERSION=x.y.z # NGINX_VERSION=x.y.z # GRAFANA_VIP=10.1.1.2 +# GRAFANA_BUILD_DATE=20230731 diff --git a/docker-compose/examples/hashicorpvault/README.md b/docker-compose/examples/hashicorpvault/README.md index ec3f6ff..ac14606 100644 --- a/docker-compose/examples/hashicorpvault/README.md +++ b/docker-compose/examples/hashicorpvault/README.md @@ -32,15 +32,28 @@ docker context create fully.qualified.domain.name --docker 'host=ssh://root@full ## Build +> Skip to [Pull](#pull) if you already have images in your private registry ready to use. Otherwise read on to build them now. + FIXME We build the `vault` image locally. Our adjustment to the official image is simply adding `/tmp/vault` to it. See [build-context/Dockerfile](build-context/Dockerfile). We use `/tmp/vault` to bind-mount a dedicated ZFS dataset for the application's `tmpdir` location. ``` docker compose --project-name "${COMPOSE_PROJECT}" --file "${COMPOSE_FILE}" --file "${COMPOSE_OVERRIDE}" --env-file "${COMPOSE_ENV}" --profile 'build-vault' build ``` +## Push + +Push to Docker Hub or your private registry. Setting up a private registry is out of scope of this repo. + +``` +source "${COMPOSE_ENV}" +docker push "registry.example.com/project/vault:${VAULT_BUILD_DATE}-${VAULT_VERSION}" +``` + ## Pull -FIXME Rewrite either [Build](#build) or this paragraph for which images are built and which ones pulled, `--profile 'full'` may not make sense FIXME Pull images from Docker Hub verbatim. +> Skip this step if you just built images that still exist locally on your build host. + +FIXME Rewrite either [Build](#build) or this paragraph for which images are built and which ones pulled, `--profile 'full'` may not make sense. ``` docker compose --project-name "${COMPOSE_PROJECT}" --file "${COMPOSE_FILE}" --env-file "${COMPOSE_ENV}" --profile 'full' pull @@ -48,7 +61,7 @@ docker compose --project-name "${COMPOSE_PROJECT}" --file "${COMPOSE_FILE}" --en ## Copy to target -Copy images to target Docker host, that is assuming you deploy to a machine that itself has no network route to reach Docker Hub. Copying in its simplest form involves a local `docker save` and a remote `docker load`. Consider the helper mini-project [quico.space/Quico/copy-docker](https://quico.space/Quico/copy-docker) where [copy-docker.sh](https://quico.space/Quico/copy-docker/src/branch/main/copy-docker.sh) allows the following workflow: +Copy images to target Docker host, that is assuming you deploy to a machine that itself has no network route to reach Docker Hub or your private registry of choice. Copying in its simplest form involves a local `docker save` and a remote `docker load`. Consider the helper mini-project [quico.space/Quico/copy-docker](https://quico.space/Quico/copy-docker) where [copy-docker.sh](https://quico.space/Quico/copy-docker/src/branch/main/copy-docker.sh) allows the following workflow: ``` source "${COMPOSE_ENV}" diff --git a/docker-compose/examples/hashicorpvault/compose.override.yaml b/docker-compose/examples/hashicorpvault/compose.override.yaml index 0f7e0dd..c2d675e 100644 --- a/docker-compose/examples/hashicorpvault/compose.override.yaml +++ b/docker-compose/examples/hashicorpvault/compose.override.yaml @@ -1,6 +1,7 @@ services: vault-build: - image: "vault:${VAULT_VERSION}" + # FIXME image name with or without slash? Docker Hub or private registry? With or without *_BUILD_DATE? FIXME + image: "registry.example.com/project/vault:${VAULT_BUILD_DATE}-${VAULT_VERSION}" profiles: ["build"] build: context: "build-context/vault" diff --git a/docker-compose/examples/hashicorpvault/compose.yaml b/docker-compose/examples/hashicorpvault/compose.yaml index 87e1163..abda9d1 100644 --- a/docker-compose/examples/hashicorpvault/compose.yaml +++ b/docker-compose/examples/hashicorpvault/compose.yaml @@ -1,7 +1,7 @@ services: vault: - # FIXME Docker Hub image name with or without slash? FIXME - image: "vault:${VAULT_VERSION}" + # FIXME image name with or without slash? Docker Hub or private registry? With or without *_BUILD_DATE? FIXME + image: "registry.example.com/project/vault:${VAULT_BUILD_DATE}-${VAULT_VERSION}" container_name: "vault-${CONTEXT}" networks: vault-default: diff --git a/docker-compose/examples/hashicorpvault/env/fqdn_context.env.example b/docker-compose/examples/hashicorpvault/env/fqdn_context.env.example index be0e112..a065920 100644 --- a/docker-compose/examples/hashicorpvault/env/fqdn_context.env.example +++ b/docker-compose/examples/hashicorpvault/env/fqdn_context.env.example @@ -6,6 +6,7 @@ CONTEXT=ux_vilnius # --- # VAULT_VERSION=x.y.z # VAULT_VIP=10.1.1.2 +# VAULT_BUILD_DATE=20230731 diff --git a/docker-compose/{{ cookiecutter.__project_slug }}/README.md b/docker-compose/{{ cookiecutter.__project_slug }}/README.md index a71d4d1..2776926 100644 --- a/docker-compose/{{ cookiecutter.__project_slug }}/README.md +++ b/docker-compose/{{ cookiecutter.__project_slug }}/README.md @@ -36,18 +36,38 @@ docker context create fully.qualified.domain.name --docker 'host=ssh://root@full {% set components = cookiecutter.__component_list_slug.split(',') -%} {%- for component in components %} {%- if loop.first %} +> Skip to [Pull](#pull) if you already have images in your private registry ready to use. Otherwise read on to build them now. + FIXME We build the `{{ cookiecutter.__service_slug }}` image locally. Our adjustment to the official image is simply adding `/tmp/{{ cookiecutter.__service_slug }}` to it. See {% if ',' in cookiecutter.__component_list_slug %}[build-context/{{ cookiecutter.__service_slug }}/Dockerfile](build-context/{{ cookiecutter.__service_slug }}/Dockerfile){%- else %}[build-context/Dockerfile](build-context/Dockerfile){%- endif %}. We use `/tmp/{{ cookiecutter.__service_slug }}` to bind-mount a dedicated ZFS dataset for the application's `tmpdir` location. ``` docker compose --project-name "${COMPOSE_PROJECT}" --file "${COMPOSE_FILE}" --file "${COMPOSE_OVERRIDE}" --env-file "${COMPOSE_ENV}" --profile 'build-{{ cookiecutter.__service_slug }}' build ``` {%- endif %} -{%- endfor %} +{% endfor %} +## Push + +Push to Docker Hub or your private registry. Setting up a private registry is out of scope of this repo. + +``` +source "${COMPOSE_ENV}" +{%- set components = cookiecutter.__component_list_slug.split(',') -%} +{%- if ',' in cookiecutter.__component_list_slug %} +for image in{% for component in components %} \ + '{%- if cookiecutter.build == "yes" -%}{%- if loop.first -%}registry.example.com/project/{%- endif -%}{%- endif -%}{{ component }}:'"{%- if cookiecutter.build == "yes" -%}{%- if loop.first -%}${% raw %}{{% endraw %}{{ component.upper() }}_BUILD_DATE{% raw %}}{% endraw %}-{%- endif -%}{%- endif -%}${% raw %}{{% endraw %}{{ component.upper() }}_VERSION{% raw %}}{% endraw %}"{%- endfor %}; do + docker push 'registry.example.com/project/'"${image}" +done +{%- else %} +docker push "{%- if cookiecutter.build == "yes" -%}registry.example.com/project/{%- endif -%}{{ cookiecutter.__component_list_slug }}:{%- if cookiecutter.build == "yes" -%}${% raw %}{{% endraw %}{{ cookiecutter.__component_list_slug.upper() }}_BUILD_DATE{% raw %}}{% endraw %}-{%- endif -%}${% raw %}{{% endraw %}{{ cookiecutter.__component_list_slug.upper() }}_VERSION{% raw %}}{% endraw %}" +{%- endif %} +``` {%- endif %} ## Pull -{% if cookiecutter.build == "yes" %}FIXME Rewrite either [Build](#build) or this paragraph for which images are built and which ones pulled, `--profile 'full'` may not make sense FIXME {% endif %}Pull images from Docker Hub verbatim. +{% if cookiecutter.build == "yes" %}> Skip this step if you just built images that still exist locally on your build host. + +FIXME Rewrite either [Build](#build) or this paragraph for which images are built and which ones pulled, `--profile 'full'` may not make sense.{% else %}Pull images from Docker Hub verbatim.{% endif %} ``` docker compose --project-name "${COMPOSE_PROJECT}" --file "${COMPOSE_FILE}" --env-file "${COMPOSE_ENV}" --profile 'full' pull diff --git a/docker-compose/{{ cookiecutter.__project_slug }}/compose.override.yaml b/docker-compose/{{ cookiecutter.__project_slug }}/compose.override.yaml index 38d1657..8775de0 100644 --- a/docker-compose/{{ cookiecutter.__project_slug }}/compose.override.yaml +++ b/docker-compose/{{ cookiecutter.__project_slug }}/compose.override.yaml @@ -3,7 +3,8 @@ services: {%- set components = cookiecutter.__component_list_slug.split(',') -%} {% for component in components %} {{ component }}-build: - image: "{{ component }}:${% raw %}{{% endraw %}{{ component.upper() }}_VERSION{% raw %}}{% endraw %}" + # FIXME image name with or without slash? Docker Hub or private registry? With or without *_BUILD_DATE? FIXME + image: "{%- if cookiecutter.build == "yes" -%}{%- if loop.first -%}registry.example.com/project/{%- endif -%}{%- endif -%}{{ component }}:{%- if cookiecutter.build == "yes" -%}{%- if loop.first -%}${% raw %}{{% endraw %}{{ component.upper() }}_BUILD_DATE{% raw %}}{% endraw %}-{%- endif -%}{%- endif -%}${% raw %}{{% endraw %}{{ component.upper() }}_VERSION{% raw %}}{% endraw %}" profiles: ["build", "build-{{ component }}"] build: context: "build-context/{{ component }}" @@ -14,7 +15,8 @@ services: {%- endfor %} {%- else %} {{ cookiecutter.__component_list_slug }}-build: - image: "{{ cookiecutter.__component_list_slug }}:${% raw %}{{% endraw %}{{ cookiecutter.__component_list_slug.upper() }}_VERSION{% raw %}}{% endraw %}" + # FIXME image name with or without slash? Docker Hub or private registry? With or without *_BUILD_DATE? FIXME + image: "{%- if cookiecutter.build == "yes" -%}registry.example.com/project/{%- endif -%}{{ cookiecutter.__component_list_slug }}:{%- if cookiecutter.build == "yes" -%}${% raw %}{{% endraw %}{{ cookiecutter.__component_list_slug.upper() }}_BUILD_DATE{% raw %}}{% endraw %}-{%- endif -%}${% raw %}{{% endraw %}{{ cookiecutter.__component_list_slug.upper() }}_VERSION{% raw %}}{% endraw %}" profiles: ["build"] build: context: "build-context/{{ cookiecutter.__component_list_slug }}" diff --git a/docker-compose/{{ cookiecutter.__project_slug }}/compose.yaml b/docker-compose/{{ cookiecutter.__project_slug }}/compose.yaml index 3541e66..e74690c 100644 --- a/docker-compose/{{ cookiecutter.__project_slug }}/compose.yaml +++ b/docker-compose/{{ cookiecutter.__project_slug }}/compose.yaml @@ -12,8 +12,8 @@ services: {%- endfor -%} {%- for component in components %} {{ component }}: - # FIXME Docker Hub image name with or without slash? FIXME - image: "{{ component }}:${% raw %}{{% endraw %}{{ component.upper() }}_VERSION{% raw %}}{% endraw %}" + # FIXME image name with or without slash? Docker Hub or private registry? With or without *_BUILD_DATE? FIXME + image: "{%- if cookiecutter.build == "yes" -%}{%- if loop.first -%}registry.example.com/project/{%- endif -%}{%- endif -%}{{ component }}:{%- if cookiecutter.build == "yes" -%}{%- if loop.first -%}${% raw %}{{% endraw %}{{ component.upper() }}_BUILD_DATE{% raw %}}{% endraw %}-{%- endif -%}{%- endif -%}${% raw %}{{% endraw %}{{ component.upper() }}_VERSION{% raw %}}{% endraw %}" container_name: "{{ cookiecutter.__service_slug }}-{{ component }}-${CONTEXT}" networks: {{ cookiecutter.__service_slug }}-default: @@ -52,8 +52,8 @@ services: {%- endfor -%} {%- else %} {{ cookiecutter.__component_list_slug }}: - # FIXME Docker Hub image name with or without slash? FIXME - image: "{{ cookiecutter.__component_list_slug }}:${% raw %}{{% endraw %}{{ cookiecutter.__component_list_slug.upper() }}_VERSION{% raw %}}{% endraw %}" + # FIXME image name with or without slash? Docker Hub or private registry? With or without *_BUILD_DATE? FIXME + image: "{%- if cookiecutter.build == "yes" -%}registry.example.com/project/{%- endif -%}{{ cookiecutter.__component_list_slug }}:{%- if cookiecutter.build == "yes" -%}${% raw %}{{% endraw %}{{ cookiecutter.__component_list_slug.upper() }}_BUILD_DATE{% raw %}}{% endraw %}-{%- endif -%}${% raw %}{{% endraw %}{{ cookiecutter.__component_list_slug.upper() }}_VERSION{% raw %}}{% endraw %}" container_name: "{{ cookiecutter.__service_slug }}-${CONTEXT}" networks: {{ cookiecutter.__service_slug }}-default: diff --git a/docker-compose/{{ cookiecutter.__project_slug }}/env/fqdn_context.env.example b/docker-compose/{{ cookiecutter.__project_slug }}/env/fqdn_context.env.example index 5c2c5dd..dcc17d3 100644 --- a/docker-compose/{{ cookiecutter.__project_slug }}/env/fqdn_context.env.example +++ b/docker-compose/{{ cookiecutter.__project_slug }}/env/fqdn_context.env.example @@ -11,6 +11,7 @@ CONTEXT=ux_vilnius {%- for component in components %} {%- if loop.first %} # {{ component.upper() }}_VIP=10.1.1.2 +# {{ component.upper() }}_BUILD_DATE=20230731 {%- endif %} {%- endfor %}