GKE: Multi-stage dockerfiles inside Jenkins

Question

How to have a 17.05+ docker running in my Jenkins executors ?

I've followed the tutorials:

• https://cloud.google.com/solutions/jenkins-on-container-engine
• https://cloud.google.com/solutions/jenkins-on-container-engine-tutorial
• https://cloud.google.com/solutions/continuous-delivery-jenkins-kubernetes-engine
• https://cloud.google.com/solutions/configuring-jenkins-kubernetes-engine

Everything works as described in the tutorials.

I've got a (working) multi-stage Dockerfile that I am trying to build in Jenkins, but it requires a recent Docker version (> 17.05).

I can't find a way to update this ...

In my pipeline, if I run docker version, I always get 1.13.1 no matter what I do:

docker version
Client:
 Version:      1.13.1
 API version:  1.26
 Go version:   go1.8.1
 Git commit:   092cba3
 Built:        Wed Aug 30 20:31:05 2017
 OS/Arch:      linux/amd64

Server:
 Version:      1.13.1
 API version:  1.26 (minimum version 1.12)
 Go version:   go1.8.1
 Git commit:   092cba3
 Built:        Wed Aug 30 20:31:05 2017
 OS/Arch:      linux/amd64
 Experimental: false

In the container I'm supposed to use as a slave, with docker run -it 'image-name' bash:

docker version
Client:
 Version:      17.11.0-ce
 API version:  1.34
 Go version:   go1.8.3
 Git commit:   1caf76c
 Built:        Mon Nov 20 18:36:37 2017
 OS/Arch:      linux/amd64
Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?

On Jenkins > Configure Jenkins I've set 0 executors, only 1 container template using my freshly pushed image (I've checked it, it is up-to-date), the "Always pull image" checkbox checked ...

When I set Labels to my Kubernetes Pod Template (e.g. docker-edge) and try to restrict the executors with labels:

• node('docker-edge') in my Jenkinsfile doesn't change anything
• In my job configuration, setting Pipeline Model Definition > Docker Label todocker-edge` makes it stall and not find any executor

Answer 1

To anyone reading this, we use multi-stage builds on top of GKE, this is how:

1. We deploy a pod with docker:dind and run it using this args:

   - dockerd

   - --storage-driver=overlay2

   - -H tcp://0.0.0.0:2375

2. We expose this pod as a service (dind-service)

3. Each new job in jenkins create a new pod with a jnlp container (this is the default for jenkins on top of k8s) + our own custom container (base: FROM docker:18-dind)
4. We config the DOCKER_HOST=tcp://dind-service:2375 inside the Jenkins job using withEnv.
5. When we do: docker build . inside our job it use the daemon of dind pod.
6. It gave us great cache and performance + allowed us to use multi stage build in gke :)

If you use Jenkins on top k8s I really advise you to read (helped a lot to get a better understanding) : https://akomljen.com/set-up-a-jenkins-ci-cd-pipeline-with-kubernetes

Answer 2

I think you need to wait until a GKE version is released that has a newer Docker version that has this feature (I believe multi-stage builds have started on a version like 16.04 or 16.10).

Answer 3

Even with Kubernetes 1.9.7, we are still stuck with Docker 17.03 which doesn't support multistage builds (available in 17.05). You can use GCP's Container Builder until we have proper Docker support.

Instead of

sh("docker build -t ${imageTagFrontEnd} .")
sh("gcloud docker -- push ${imageTagFrontEnd}")

you can invoke the container builder and push with

sh("gcloud container builds submit --tag ${imageTagBackEnd} .")

Remember that first 120 minutes are free for Container Builder and then there are after you would incur some charges.

Don't forget to authenticate the request, you need to include service-account file before you do anything, for eg:

sh("gcloud auth activate-service-account --key-file serviceAccountXYZ.json")