0

I have a private git repo for a static angular frontend that uses gulp to compile angular assets to get the minified, static version in a output directory.

Now, to test & create my CI/CD pipeline for frontend in Kubernetes, I have setup a kubernetes cluster & installed helm, did helm init for getting tiller pods running.

Now when I look at this chart - https://github.com/bitnami/charts/tree/master/bitnami/nginx

I have 2 questions now -

1) How do I create my own dockerfile with my build steps, so I found this article here at - https://github.com/umputun/nginx-le to configure NGinx with LE with docker.

So, If I add this below code in the above dockerfile to copy my gulp build output files to the nginx web root, would I be able to correctly use this dockerfile for using it with the above helm chart (https://github.com/bitnami/charts/tree/master/bitnami/nginx)

without any other additional changes in it ?

Dockerfile update - 

FROM node:latest as builder

RUN mkdir -p /usr/build
WORKDIR /usr/build
COPY package.json .
#COPY package-lock.json .
COPY bower.json .
COPY .bowerrc .
RUN npm install --quite
RUN npm install -g gulp bower --quite
RUN bower install --allow-root
RUN mkdir /usr/build/app
RUN cp -R /usr/build/node_modules /usr/build/app
RUN cp -R /usr/build/bower_components /usr/build/app
RUN cp -R /usr/build/*.json /usr/build/app/
RUN cp /usr/build/.bowerrc /usr/build/app/
COPY src /usr/build/app
RUN mkdir /usr/build/app/gulp
ADD gulp/* /usr/build/app/gulp/
ADD gulpfile.js /usr/build/app

WORKDIR /usr/build/app

RUN ls -al .
RUN rm -rf /usr/build/app/dist
RUN mkdir /usr/build/app/dist
RUN gulp build:dev
RUN ls -al /usr/build/app

FROM nginx:stable-alpine

ADD conf/nginx.conf /etc/nginx/nginx.conf
ADD conf/service.conf /etc/nginx/conf.d/service.conf

RUN rm -rf /usr/share/nginx/html/*
COPY --from=builder /usr/build/app/dist /usr/share/nginx/html

ADD script/entrypoint.sh /entrypoint.sh
ADD script/le.sh /le.sh

RUN \
 rm /etc/nginx/conf.d/default.conf && \
 chmod +x /entrypoint.sh && \
 chmod +x /le.sh && \
 apk add  --update certbot tzdata openssl && \
 rm -rf /var/cache/apk/*

CMD ["/entrypoint.sh"]

------UPDATE NOTES------

With these dockerfile I have managed to finished/answered my question 1, If anyone needs this for reference in future

2) How do I store this docker image in the Google Image Registry & use that with Kubernetes in my GCE ?

------UPDATE NOTES------

I have tried to attempt the second part in the following way & getting error now while configuring docker authentication with GCP CoreOS

  • so with some help from google I was able to develop the above Dockerfile.
  • I Built the image file docker using -
  • docker build -t nginxle
  • next I tried to tag this image with -
  • docker tag nginxle-urtutors gcr.io/vivid-art-202212/nginxle-urtutors:0.0.
  • after tagging to push it to GCR I tried -
  • docker push gcr.io/vivid-art-202212/nginxle-urtutors:0.0.1

Which throws an error that authentication for docker with google cloud has not been done yet

So I tried to follow from https://cloud.google.com/container-registry/docs/advanced-authentication & [I am not directly running on GCE, but on a CoreOS VM sandbox, so standard login options with docker were not working as expected]. So, out of all options only successful was this one - 

gcloud auth print-access-token | docker login -u oauth2accesstoken --password-stdin https://gcr.io

It showed login success in ssh console.

But when I try to run again the - 

docker push gcr.io/vivid-art-202212/nginxle-urtutors:0.0.1

or gcloud docker -- push gcr.io/vivid-art-202212/nginxle-urtutors:0.0.1

But both result in authentication failed.

Harshit Laddha
  • 2,044
  • 8
  • 34
  • 64
  • Hello, this question in it's current form is too broad and isn't clear enough to digest, apart from question number 2, which you should ask as a separate question and not conflate with the first question. It's worth reading this page https://stackoverflow.com/help/how-to-ask. – neilH Apr 26 '18 at 15:32
  • Hi, thanks for reaching out. I have tried to attempt the above setup in a CoreOS sandbox VM from google cloud launcher & facing some issues with docker login. I have updated my question with more details, can you please have a look at it again to see if you can help in any way – Harshit Laddha Apr 26 '18 at 15:59
  • Hello, Can you only add the relevant information to your question (i.e. the parts about your steps to push to Container Registry, and remove everything that is no longer relevant) and also add the exact authentication error message you are receiving. Thanks. – neilH Apr 27 '18 at 10:55
  • Hi, I have managed to solve this issue just now. But, hit another one with LetsEncrypt here is the exact message - 2018/04/27 10:52:10 [emerg] 24#24: PEM_read_bio_X509_AUX("/etc/nginx/ssl/") failed (SSL: error:0906D06C:PEM routines:PEM_read_bio:no start line:Expecting: TRUSTED CERTIFICATE) nginx: [emerg] PEM_read_bio_X509_AUX("/etc/nginx/ssl/") failed (SSL: error:0906D06C:PEM routines:PEM_read_bio:no start line:Expecting: TRUSTED CERTIFICATE) nginx: configuration file /etc/nginx/nginx.conf test failed. I have checked my /etc/nginx/ssl/dhparams.pem is getting generated with - – Harshit Laddha Apr 27 '18 at 10:57
  • I have posted a separate SO question here - https://stackoverflow.com/questions/50061025/letsencrypt-ssl-no-trusted-certificate-error If you can help in any way – Harshit Laddha Apr 27 '18 at 11:04

0 Answers0