Deployment templating and load-balancing

.gitignore

@@ -0,0 +1 @@
+docker-compose.yml

Makefile

@@ -0,0 +1,92 @@
+##############################################################################
+# Environment variables
+# Set locales
+#
+CITY=$(shell timedatectl | awk '/Time zone/ {print $$3}' | awk -F/ '{print $$2}')
+COUNTRY=$(shell echo $$LANG | awk -F. '{print $$1}' | awk -F_ '{print $$2}')
+LANGUAGE=$(shell echo $$LANG | awk -F. '{print $$1}' | awk -F_ '{print $$2}')
+TIMEZONE=$(shell timedatectl | awk '/Time zone/ {print $$3}')
+
+##############################################################################
+
+.PHONY: help # This help message
+help:
+	@grep '^.PHONY: .* #' Makefile \
+	| sed 's/\.PHONY: \(.*\) # \(.*\)/\1\t\2/' \
+	| expand -t20 \
+	| sort
+
+##############################################################################
+
+.PHONY: prepare # Generate Dockerfiles from templates
+prepare:
+	# Sonar: Set locales and proxy
+	@sed "s!%%COUNTRY%%!${COUNTRY}! ; \
+		s!%%LANGUAGE%%!${LANGUAGE}! ; \
+		s!%%TIMEZONE%%!${TIMEZONE}! ; \
+		s!%%HTTP_PROXY%%!${HTTP_PROXY}!" \
+		sonar/Dockerfile.tmpl > sonar/Dockerfile
+
+	# Jenkins: Set locales and proxy
+	@sed "s!%%HTTP_PROXY%%!${HTTP_PROXY}!" \
+		jenkins/Dockerfile.tmpl > jenkins/Dockerfile
+
+	@test -z ${HTTP_PROXY} \
+		&& sed '/HTTP_PROXY/d' \
+			jenkins/Dockerfile.tmpl > jenkins/Dockerfile \
+		|| true
+
+	# Nexus: Set proxy
+	@sed "s!%%HTTP_PROXY%%!${HTTP_PROXY}!" \
+		nexus/Dockerfile.tmpl > nexus/Dockerfile
+
+	@test -z ${HTTP_PROXY} \
+		&& sed '/^HTTP_OPTIONS/d' \
+			nexus/Dockerfile.tmpl > nexus/Dockerfile \
+		|| true
+
+	# docker-compose: Set traefik virtualhost
+	@test -z ${TRAEFIK_VIRTUALHOST} \
+		&& sed "s/%%TRAEFIK_VIRTUALHOST%%/localhost/" \
+			docker-compose.yml.tmpl > docker-compose.yml \
+		|| sed "s/%%TRAEFIK_VIRTUALHOST%%/${TRAEFIK_VIRTUALHOST}/" \
+			docker-compose.yml.tmpl > docker-compose.yml
+
+.PHONY: clean # Stop and remove temporary files
+clean: down
+	@docker-compose rm
+
+	@rm -f \
+		jenkins/Dockerfile \
+		nexus/Dockerfile \
+		sonar/Dockerfile \
+		docker-compose.yml
+
+##############################################################################
+
+.PHONY: status # Get stack status "docker-compose ps"
+status:
+	@docker-compose ps
+
+.PHONY: up # Start "docker-compose up"
+up: prepare
+	@docker-compose up
+
+.PHONY: daemon # Start "docker-compose up -d"
+daemon: prepare
+	@docker-compose up -d
+
+.PHONY: down # Stop the stack "docker-compose down"
+down:
+	@docker-compose down
+
+.PHONY: rebuild # Rebuild the containers and run
+rebuild: prepare
+	@docker-compose down --rmi all
+	@docker-compose up --build
+
+.PHONY: daemon-rebuild # Rebuild the containers and run
+daemon-rebuild: prepare
+	@docker-compose down --rmi all
+	@docker-compose up --build -d
+

docker-compose.yml

@@ -9,20 +9,33 @@ volumes:
   jenkins-data:
 
 services:
-  nexus:
-    build: ./docker-nexus3
+  traefik:
+    image: traefik:montdor
     restart: always
+    command: --accesslog --api --api.insecure=true --log --providers.docker=true --providers.docker.exposedbydefault=false
     ports:
-      - "18081:8081"
+      - "80:80"
+      - "443:443"
+      - "8080:8080"
+    networks:
+      - prodnetwork
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock:ro
+  nexus:
+    # Nexus3 uses chef-solo. HTTP_PROXY env is not used.
+    # TODO: deal with Nexus3 and proxies.
+    build: ./nexus
+    restart: always
     networks:
       - prodnetwork
     volumes:
       - nexus-data:/nexus-data
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.nexus.rule=Host(`localhost`) && PathPrefix(`/nexus/`)"
   jenkins:
     build: ./jenkins
     restart: always
-    ports:
-      - "18080:8080"
     networks:
       - prodnetwork
     volumes:
@@ -36,22 +49,21 @@ services:
       - NEXUS_PORT=8081
       - SONAR_PORT=9000
       - SONAR_DB_PORT=5432
+      - JENKINS_OPTS=--prefix=/jenkins/
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.jenkins.rule=Host(`localhost`) && PathPrefix(`/jenkins`)"
   sonardb:
     networks:
       - prodnetwork
     restart: always
     image: postgres:9.6
-    ports:
-      - "5432:5432"
     environment:
      - POSTGRES_USER=sonar
      - POSTGRES_PASSWORD=sonar
   sonar:
     image: sonarqube
     restart: always
-    ports:
-     - "19000:9000"
-     - "19092:9092"
     networks:
       - prodnetwork
     depends_on:
@@ -60,6 +72,10 @@ services:
      - SONARQUBE_JDBC_URL=jdbc:postgresql://sonardb:5432/sonar
      - SONARQUBE_JDBC_USERNAME=sonar
      - SONARQUBE_JDBC_PASSWORD=sonar
+     - sonar.web.context=/sonar
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.sonar.rule=Host(`localhost`) && PathPrefix(`/sonar/`)"
 
 ##########################################################################################
 # DISABLED: GitLab takes too much memory and CPU. Demo uses GitHub repositories instead.

docker-compose.yml.tmpl

@@ -0,0 +1,99 @@
+version: '3'
+
+networks:
+  prodnetwork:
+    driver: bridge
+
+volumes:
+  nexus-data:
+  jenkins-data:
+
+services:
+  traefik:
+    image: traefik:montdor
+    restart: always
+    command: --accesslog --api --api.insecure=true --log --providers.docker=true --providers.docker.exposedbydefault=false
+    ports:
+      - "80:80"
+      - "443:443"
+      - "8080:8080"
+    networks:
+      - prodnetwork
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock:ro
+  nexus:
+    # Nexus3 uses chef-solo. HTTP_PROXY env is not used.
+    # TODO: deal with Nexus3 and proxies.
+    build: ./nexus
+    restart: always
+    networks:
+      - prodnetwork
+    volumes:
+      - nexus-data:/nexus-data
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.nexus.rule=Host(`%%TRAEFIK_VIRTUALHOST%%`) && PathPrefix(`/nexus/`)"
+  jenkins:
+    build: ./jenkins
+    restart: always
+    networks:
+      - prodnetwork
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock
+      - /usr/bin/docker:/usr/bin/docker
+      - jenkins-data:/var/lib/jenkins/
+    depends_on:
+      - nexus
+      - sonar
+    environment:
+      - NEXUS_PORT=8081
+      - SONAR_PORT=9000
+      - SONAR_DB_PORT=5432
+      - JENKINS_OPTS=--prefix=/jenkins/
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.jenkins.rule=Host(`%%TRAEFIK_VIRTUALHOST%%`) && PathPrefix(`/jenkins`)"
+  sonardb:
+    networks:
+      - prodnetwork
+    restart: always
+    image: postgres:9.6
+    environment:
+     - POSTGRES_USER=sonar
+     - POSTGRES_PASSWORD=sonar
+  sonar:
+    image: sonarqube
+    restart: always
+    networks:
+      - prodnetwork
+    depends_on:
+      - sonardb
+    environment:
+     - SONARQUBE_JDBC_URL=jdbc:postgresql://sonardb:5432/sonar
+     - SONARQUBE_JDBC_USERNAME=sonar
+     - SONARQUBE_JDBC_PASSWORD=sonar
+     - sonar.web.context=/sonar
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.sonar.rule=Host(`%%TRAEFIK_VIRTUALHOST%%`) && PathPrefix(`/sonar/`)"
+
+##########################################################################################
+# DISABLED: GitLab takes too much memory and CPU. Demo uses GitHub repositories instead.
+#
+#  gitlab:
+#    image: gitlab/gitlab-ce:latest
+#    restart: always
+#    networks:
+#      - prodnetwork
+#    environment:
+#      GITLAB_OMNIBUS_CONFIG: |
+#        # external_url 'https://gitlab.example.com'
+#        # Add any other gitlab.rb configuration here, each on its own line
+#    ports:
+#      - "10080:80"
+#      - "10443:443"
+#      - "10022:22"
+#    volumes:
+#      - /opt/gitlab/config:/etc/gitlab
+#      - /opt/gitlab/logs:/var/log/gitlab
+#      - /opt/gitlab/data:/var/opt/gitlab

jenkins/Dockerfile → jenkins/Dockerfile.tmpl

@@ -1,18 +1,24 @@
-FROM jenkins/jenkins:lts
+FROM jenkins/jenkins:lts-alpine
+
+# Authors
+LABEL maintainer="Marcel Birkner <[email protected]>"
+LABEL maintainer="Mathieu Grzybek <[email protected]">
 
 USER root
-RUN apt-get update \
-      && apt-get install -y sudo curl\
-      && apt-get install -y libltdl7\
-      && rm -rf /var/lib/apt/lists/*
+
+ENV HTTP_PROXY="%%HTTP_PROXY%%"
+ENV HTTP_OPTIONS="-x ${HTTP_PROXY}"
+ENV CURL_OPTIONS="${HTTP_OPTIONS} -sSL"
+
+RUN apk add --no-cache sudo curl
 RUN echo "jenkins ALL=NOPASSWD: ALL" >> /etc/sudoers
 
 # getting the docker-cli
 # --- Attention: docker.sock needs to be mounted as volume in docker-compose.yml
 # see: https://issues.jenkins-ci.org/browse/JENKINS-35025
 # see: https://get.docker.com/builds/
 # see: https://wiki.jenkins-ci.org/display/JENKINS/CloudBees+Docker+Custom+Build+Environment+Plugin#CloudBeesDockerCustomBuildEnvironmentPlugin-DockerinDocker
-RUN curl -sSL -o /bin/docker https://get.docker.io/builds/Linux/x86_64/docker-latest
+RUN curl $CURL_OPTIONS -o /bin/docker https://get.docker.io/builds/Linux/x86_64/docker-latest
 RUN chmod +x /bin/docker
 
 USER jenkins