Explore Courses Blog Tutorials Interview Questions
0 votes
in DevOps and Agile by (29.3k points)

This is our environment:

1. I have a Kubernetes cluster running on Amazon.

2. Jenkins CI/CD running on Amazon that connects to a private GitLab and builds our services as Docker images.

3. Amazon ECR that stores our Docker images.

My questions:

1. How can I auto deploy images from ECR to Kubernetes (as pods) once the Jenkins pipeline pushes newly built images to ECR?

2. Can I do that within the Jenkins pipeline? I've read lots of material but I couldn't find how should it be done.

There is also a 3rd party tool like Keel but it doesn't support Amazon ECR (Webhook problem with ECR).

Any help would be appreciated.

1 Answer

0 votes
by (50.2k points)

Deploying docker container from amazon Ecr to kubernetes using Jenkins it has a lot to go with 

Let’s go with an example 

Let’s say 

I have my Continuous Integration work-flow 

Build my code and install dependencies

Create a container with a unique tag ( commit-id ) > my-center:12

Push to ECR

Curl Rancher API for my-pod > set(image:my-center:12)

Kubernates updates the pod and pulls the container with tag 12 from ECR

Now let’s go with the script

 - composer install --no-interaction

      - docker build -t cms .

      - docker tag myrepo:latest$BITBUCKET_BUILD_NUMBER

      - aws ecr get-login --no-include-email --region my-region >>

      - sh

      - docker push$BITBUCKET_BUILD_NUMBER

      - sh .docker/ // my curl script calling rancher API

Here I have used the rancher API to update pods and its configuration
Now for the ECR credentials part for Kubernetes, you have to create a secret ( a Kubernetes only entity) which is created by using amazon ecr details.
This secret is used in your pod.yaml as image-pull-secret which will tell k8 to use the secret and pull image from ECR.
For that, I will show the script that helps you how to use it in pod.yaml
apiVersion: v1
kind: Pod                                            
  name: my-app   
    app: my-app                              
    - image:
      name: -center                            
        - containerPort: 8080    
  - name: my-secret-name ( this will be same as the name of secret we created earlier)
Thus you can build the required your desired thing from the above example.

Browse Categories