Installing the all-in-one-VM
Download the all-in-one-vm image and import it into the vagrant box. This image is based off of OpenShift Origin and is a fully functioning OpenShift instance with an integrated Docker registry. The intent of this project is to allow Web developers and other interested parties to run OpenShift V3 on their own computer. Given the way it is configured, the VM will appear to your local machine as if it was running somewhere off the machine. Which is exactly what I need to show you around in OpenShift and introduce some more features. If you need a little more assistance follow the method 2 in this earlier blog-post.
I also assume, that you have docker-machine running. You can install it via the Docker Toolbox.
First steps in OpenShift
Fire up the magazine via vagrant up and redirect you browser to https://localhost:8443/. Accept the certificate warning and enter admin/admin as login. You're now browsing through the admin console. Let's create a new project to play around with:
First thing to do is to actually get a MySql database up and running. I want to use that in subsequent blog-posts and it's a good test to see if everything is working. Get the two json files from the my github repository and execute the following commands:
oc login https://localhost:8443 # enter admin/admin as the credentials oc new-project myfear --description="Testing random Docker Images on OpenShift" --display-name="Myfears test project" # Add admin role to user myfear oc policy add-role-to-user myfear admin -n myfear
Go back to your browser and select the myfear project and see the mysql service up and running with one pod.
oc create -f mysql-pod.json oc create -f mysql-service.json
Using the OpenShift Registry
You just witnessed how OpenShift pulled the mysql image and started a pod with a container on it. Obviously this image came from the built in registry. But how can one actually upload a docker image to the internal OpenShift registry? Ssh into the vagrant machine and look around a bit:
You see a lot of running containers and one of them is running the openshift/openshift-registry-proxy. This little gem actually forwards the port 5000 from the internal docker registry to the vagrant vm. Open Virtualbox and look at the port forwarding rules there. Another rule forwards port 5000 from the guest to the host. This means, the internal OpenShift Docker registry is already exposed by default. But how do we push something there? The docker client requires a docker host to work. The OpenShift Docker Daemon isn't exposed externally and you can't just point your docker client to it.
vagrant ssh docker ps
This means, you need another docker host on your machine which is configured to access the OpenShift docker registry as external registry. I'm using docker-machine here, because it is extremely easy to create new docker hosts with it.
After a couple of seconds your "dev" vm is created and started. Now we need to find out, what the host system's IP address is from the dev box. Ssh into the machine and get the ip of the default gateway:
docker-machine create -d virtualbox dev
Now we need to stop the machine and add the ip address we found to the insecure registry part of the configuration:
docker-machine ssh dev $ ip route | grep default > 10.0.0.2
Afterwards it should look like this:
docker-machine stop dev edit ~/.docker/machine/machines/default/config.json # Add the found ip address plus the registry port to the HostOptions => EngineOptions => InsecureRegistry array
time to re-start the dev vm and get the docker client configured for it:
"InsecureRegistry": [ "10.0.2.2:5000" ]
That's it for now. One important thing is, that the internal registry is secured and we need to login to it. Get the login token for the user "myfear" with the following commands:
docker-machine start dev FOR /f "tokens=*" %i IN ('docker-machine env dev --shell cmd') DO %i
This will return something cryptic like: dV2Dep7vP8pJTxNGk5oNJuqXdPbdznHrxy5_7MZ4KFY. Now login to the registry:
oc login -u myfear oc whoami -t
Make sure to use the correct username and token. You get a success message with and your login credentials are being saved in the central config.json.
docker login -u myfear -p dV2Dep7vP8pJTxNGk5oNJuqXdPbdznHrxy5_7MZ4KFY -e firstname.lastname@example.org 10.0.2.2:5000
Build and push the custom image
Time to finally build the custom image and push it. I am using Roland's docker maven plugin again.
If you want to learn more about it, there is an older blog-post about it. Also find the code in this github repository. Compare the pom.xml and make sure to update the docker.host and docker.registry properties
and the <authConfig> section with the correct credentials. Build the image with:
If you ran into an issue with the maven plugin not being able to build the image, you may need to pull the jboss/base-jdk:8 image manually first:
mvn clean install docker:build docker:push
Let's check, if the image is successfully uploaded by using the console and navigating to the overview => image streams page.
docker pull jboss/base-jdk:8
Please make sure to add the hostname mapping to your hosts or dns configuration (to 127.0.0.1). As you can see, I am no longer using the docker image tag but the image stream name. OpenShift converted this internally.
oc new-app swarm-sample-discovery:latest --name=swarm oc expose service swarm --hostname=swarm-sample-discovery.local
Time to access the example via the browser http://swarm-sample-discovery.local:1080/rs/customer.
If you're wondering about the port go back to the Virtualbox configuration and check the nat section. The all on one vm actually assumes, that you have something running on port 80 already and maps the vm ports to the 1080 host port.
The application does very little for now, but I will use this in subsequent blog-posts to dig a little into service discovery options.
The console overview shows the two services with one pod each.
That's it for today. Thanks again to Roland for his help with this. Let me know, if you run into issues and if you want to know something else about OpenShift and custom images.