Docker
TIS Docker Images
Java
To build a Java Docker image, we build a base image based on Alpine Linux and OpenJDK using docker-alpine-java. The base image is built every night so we should have the latest
| Image | Description | Jenkins | Schedule |
|---|---|---|---|
| docker-alpine-java | This is the base image based on Alpine Linux. It is built on the latest nimmis/alpine-micro and then applies the latest OS patches before installing the JDK | docker-alpine-java | Nightly |
| hee-alpine-java-docker | This is a layer of customisation on top of the base JDK which installs a trust store and some additional scripts. | hee-alpine-java-docker | Nightly, triggered by successful docker-alpine-java build |
| repository.lin.nhs.uk:5000/hee | Our applications are built on top of the hee-build-java-docker image when changes are pushed to Github. | project specific | On Git Push |
We need to pull updates from the upstream nimmis/docker-alpine-java Docker image when they become available.
# Clone the TIS fork $ git clone git@github.com:Health-Education-England/docker-alpine-java.git $ cd docker-alpine-java # Pull upstream changes, merge any conflicts. $ git pull git@github.com:nimmis/docker-alpine-java.git master # Push the changes back to our master $ git push
Image Labels
The build process labels our images so both images and containers can be inspected from the command line to see what is running and where and when it was built.
{
"com.docker.compose.config-hash": "3deecd54ca2e32fd9a0a6a338c5e529bc1b9392d9a37ce89793d289147b5438e",
"com.docker.compose.container-number": "1",
"com.docker.compose.oneoff": "False",
"com.docker.compose.project": "revalidation",
"com.docker.compose.service": "revalidation",
"com.docker.compose.version": "1.9.0",
"com.transformuk.hee.tis.artifact_id": "revalidation",
"com.transformuk.hee.tis.build_number": "1032",
"com.transformuk.hee.tis.build_url": "https://build.tis.nhs.uk/jenkins/job/revalidation/1032/",
"com.transformuk.hee.tis.build_version": "0.1.0-1032",
"com.transformuk.hee.tis.date": "2017-02-20 11:58:05.134178",
"com.transformuk.hee.tis.git_branch": "origin/master",
"com.transformuk.hee.tis.git_commit": "9f2042767819e65ab5bfa3540dcd23105da651af",
"com.transformuk.hee.tis.git_url": "git@github.com:Health-Education-England/TIS-REVALIDATION.git",
"com.transformuk.hee.tis.group_id": "com.transformuk",
"com.transformuk.hee.tis.image": "revalidation",
"com.transformuk.hee.tis.job_name": "revalidation",
"com.transformuk.hee.tis.packaging": "jar",
"com.transformuk.hee.tis.version": "0.1.0",
"com.transformuk.hee.tis.workspace": "/home/jenkins/data/jenkins/workspace/revalidation"
}
Validating Docker Versions
The build pipeline now tags the Docker images so both images and containers can be inspected to validate their build settings. The Common image is the only exception to this but this will be brought in line with the rest of the builds.
To inspect the concerns image, for example, run the following on the dev server;
|
To inspect the build version of a container is a bit eaiser;
|
It is a useful sanity check to make sure that the latest tag on dev is the version you expect.
Once you have established the versions of the images, they can be added to the stage/platform.yml or prod/platform.yml if they are ready to release.
List Docker Images
$ curl -u heedocker:XXXXXXXXXXX -X GET https://repository.tis.nhs.uk:5000/v2/hee/concerns/tags/list?n=100
Cleaning up Docker Hosts
There are two steps required to clean up a host;
Stop all running containers;
$ docker stop $(docker ps -q)
Remove all docker-compose files for the existing stacks;
$ sudo rm -rf /data/docker/stacks
Slack: https://hee-nhs-tis.slack.com/
Jira issues: https://hee-tis.atlassian.net/issues/?filter=14213