Containerization helps us bundle dependencies with applications instead of having to use configuration management to prepare machines for running them, hence making build once run anywhere easy. For legacy applications this can be quite hard though when they spread persistent data across the file system. In this talk I'll show how we can quickly set up a Go.CD server and agents for our Continuous Delivery pipelines on Google Cloud. The infrastructure creation is handled by Terraform, the server and agents are custom built Docker containers.

1. Delivering Go.CD
with Terraform and Docker
http://www.google.com/about/datacenters/gallery/#/all/2

2. About me
Jorrit Salverda
Principle something at Travix
I automate...
● builds
● deployments
● infrastructure

4. What is Go.CD?

5. resource "google_compute_instance" "gocd_demo_agent" {
name = "gocd-demo-agent"
machine_type = "n1-standard-2"
zone = "${var.google_region}"
disk {
image = "container-vm"
auto_delete = "true"
}
And Terraform?

6. Containers...
● bundle dependencies
● allow content-agnostic manipulation
● deploy very fast
● run anywhere
Why Docker?

7. Live demo

8. What’s next?
● Monitoring
● Ship logs
● Volume plugins
● Shrink container image
● Run on Kubernetes
● Windows agents for .net builds

11. Thanks
jsalverda@travix.com
@jorritsalverda
Docker images
● travix/gocd-server
● travix/gocd-haproxy
● travix/gocd-agent

12. Appendix

13. Terraform - variables
variable "google_project" {
default = "google-project-name"
}
variable "google_region" {
default = "europe-west1-b"
}

14. Terraform - providers
provider "google" {
account_file = "${file("google-service-account-key.json")}"
project = "${var.google_project}"
region = "${var.google_region}"
}
provider "aws" {
access_key = "${var.aws_access_key}"
secret_key = "${var.aws_secret_key}"
region = "${var.aws_region}"
}

15. Terraform - persistent disks
resource "google_compute_disk" "gocd_demo_server_persistent_data" {
name = "gocd-demo-server-persistent-data"
zone = "${var.google_region}"
type = "pd-ssd"
size = "200"
}

16. Terraform - compute instances
resource "google_compute_instance" "gocd_demo_server" {
name = "gocd-demo-server"
machine_type = "n1-standard-2"
zone = "${var.google_region}"
disk { image = "container-vm" }
...

17. Terraform - compute instances
...
network_interface {
network = "private-dev"
access_config { // Ephemeral IP }
}
metadata {
startup-script = "${file("bootstrap/gocd-demo-server-startup.sh")}"
google-container-manifest = "${file("bootstrap/gocd-demo-server-containers.yml")}"
}
}

18. Terraform - outputs
output "output_google_compute_instance_gocd_demo_server_internal_ip_address" {
value = "${google_compute_instance.gocd_demo_server.network_interface.0.address}"
}
output "output_google_compute_instance_gocd_demo_server_external_ip_address" {
value = "${google_compute_instance.gocd_demo_server.network_interface.0.access_config.
0.nat_ip}"
}

19. Dockerfile travix/gocd-server
FROM travix/base-debian-git-jre7:latest
MAINTAINER Travix
# build time environment variables
ENV GO_VERSION=15.2.0-2248
USER_NAME=go
USER_ID=999
GROUP_NAME=go
GROUP_ID=999

20. Dockerfile travix/gocd-server
# install go server
RUN groupadd -r -g $GROUP_ID $GROUP_NAME
&& useradd -r -g $GROUP_NAME -u $USER_ID -d /var/go $USER_NAME
&& curl -fSL "http://download.go.cd/gocd-deb/go-server-$GO_VERSION.deb"
-o go-server.deb
&& dpkg -i go-server.deb
&& rm -rf go-server.db
&& sed -i -e "s/DAEMON=Y/DAEMON=N/" /etc/default/go-server

21. Dockerfile travix/gocd-server
# runtime environment variables
ENV SERVER_MEM=512m
SERVER_MAX_MEM=1024m
SERVER_MIN_PERM_GEN=128m
SERVER_MAX_PERM_GEN=256m
AGENT_KEY=""
# expose ports
EXPOSE 8153 8154

22. Dockerfile travix/gocd-server
# define default command
CMD groupmod -g ${GROUP_ID} ${GROUP_NAME};
usermod -g ${GROUP_ID} -u ${USER_ID} ${USER_NAME};
chown -R ${USER_NAME}:${GROUP_NAME} /var/lib/go-server /var/log/go-server /etc/go;
(/bin/su - ${USER_NAME} -c "/usr/share/go-server/server.sh &");
until curl -s -o /dev/null 'http://localhost:8153';
do sleep 1;
done;
/bin/su - ${USER_NAME} -c "exec tail -F /var/log/go-server/*"

23. Startup script
#! /bin/bash
# create users for mounting local directories as container volumes
sudo groupadd -r -g 999 go
sudo useradd -r -g go -u 999 go
sudo groupadd -r -g 998 haproxy
sudo useradd -r -g haproxy -u 998 haproxy
# mount local ssd
sudo mkdir -p /mnt/gocd-server-local-ssd
sudo /usr/share/google/safe_format_and_mount -m "mkfs.ext4 -F" /dev/disk/by-id/google-
local-ssd-0 /mnt/gocd-server-local-ssd
sudo resize2fs /dev/disk/by-id/google-local-ssd-0

24. Kubelet manifest - container
version: v1
kind: Pod
metadata:
name: gocd-server
spec:
containers:
- name: gocd-server
image: travix/gocd-server:latest
imagePullPolicy: Always

25. Kubelet manifest - volumes
volumeMounts:
- mountPath: /var/lib/go-server/db/h2db
name: gocd-server-db
- mountPath: /etc/go
name: gocd-server-config
volumes:
- name: gocd-server-db
hostPath:
Path: /mnt/gocd-server-persistent-disk/db
- name: gocd-server-config
hostPath:
Path: /mnt/gocd-server-persistent-disk/config

26. Kubelet manifest - ports
ports:
- name: server-http
containerPort: 8153
hostPort: 8153
protocol: TCP
- name: server-https
containerPort: 8154
hostPort: 8154
protocol: TCP

27. Kubelet manifest - environment vars
env:
- name: "AGENT_KEY"
value: "secret-key-for-autoregistration"
- name: "SERVER_MEM"
value: "4096m"
- name: "SERVER_MAX_MEM"
value: "4096m"
- name: "SERVER_MIN_PERM_GEN"
value: "1024m"
- name: "SERVER_MAX_PERM_GEN"
value: "1024m"