Voxxed Thessaloniki 2016


I am back home after a great Voxxed Days event in Thessaloniki and its a good chance to write a blog post about it (something I haven't done in ages). It was one of the most well organized conferences I've ever been so 'kudos' to organization team.

My talk

I spoke about 'getting started with microservices on kubernetes' and you can find my reveal.js presentation on github or if you prefer the dockerized version on dockerhub.

The talk itself went great and I really enjoyed it, especially after the ramp up time! I'll add some photos as soon as I get some.

Errata: I'd like to correct myself before anyone else does: "A pod will not get recreated if a container fails the liveliness probe, instead the container will restarted based on its restart policy.".

What I liked?

Conferences are all about people, and this conference had it all! I met lots of great people and also had the chance to meet a lot of friends that I haven't seen for a very long time. 

The place (rooms, surrounding) was also great (though as a speaker I did find the cinema room with the gargantuan screen a little bit intimidating. Just joking! Well actually not!).

I haven't talked about the excellent organization, haven't I?

What I didn't like

The fact that I was talking at the same time with Peter Hilton and I couldn't attend his talk (which from what I've heard was phenomenal).

Voxxed Days Athens

In the end of the conference Voxxed Days Athens was announced and I am really looking forward to it!



A kubernetes workflow plugin


The last couple of months I've been experimenting with Jenkins and how to best integrate it with Docker and Kubernetes. A couple of months ago I even blogged about possible setups that involve the use of the Docker Workflow Plugin inside Kubernetes (you can find the post here).

While the  Docker Workflow Plugin is really great, it still doesn't cover some special needs that a Kubernetes user might have, such as secrets.  A typical workflow its more than likely to need to access remote repositories, either to checkout code, push artifacts etc and using secrets in Kubernetes is the cleanest and more secure way to share credentials for those resources. 

Not being able to use secrets was pretty much a blocker for us and we desperately needed it for Fabric8 DevOps. So, we though that we should migrate the concept of running builds inside containers, to running builds inside pods, which lead to implementation of the Kubernetes Workflow Plugin.

The Kubernetes workflow plugin

Here is small snippet that demonstrates how you can use Kubernetes Workflow Plugin in order to create a pod in order to perform a maven build:

The beauty of it is that you can just use the standard maven image and run your build inside it (as one would do with the Docker Workflow Plugin). On top of that it allows you to mount your gpg keys using a secrets volume.

A detailed list of the plugins features:
  • Running Builds inside Pods
    • Environment variables
    • Privileged containers
    • Volumes
      • Secrets
      • Host Path Mounts
      • Empty Dir Mounts
  • Manipulating Docker Images
    • Building
    • Tagging
    • Pushing

Building, tagging and pushing docker images

The plugin also allows you to build, tag and push images to a docker registry. Here's a snippet that demonstrates how to do it:
The example is cloning a NodeJS project, creating a simple Dockerfile for it and then triggering a build. Finally, it tags the built image and pushes it to a Docker Registry. In this example "default" is the project name and "" is the address of the registry. The example was written against Openshift and the plugin is smart enough to handle authenticating to the Openshift. Of course, it also supports reading auth configuration from "${user.home}/.docker/config.json" and also specifying it as part of the DSL.

Note: The building and pushing of docker images could be handled by the Docker Workflow Plugin too, if the docker binaries were available on the node.  Why? Because the plugin actually calls the golang docker client via shell.  If the step is run on master, the master needs the binaries, if the step is executed on the slave the slave need the binaries, if the step is executed inside the pod, then the pod needs the binaries (which is not ideal). To gain in flexibility the Kubernetes Workflow Plugin uses java to talk to Docker instead.

Stay tuned

More features, post and videos soon ...