November 19, 2017

Cross linked services for Gitlab CI

Gitlab CI does a great job when used with Docker and dependencies, e.g. your app tests need a database or a webserver or whatsoever. Unfortunateley, this does not involve complex setups where you need multiple services connected to each other like Selenium Grid and it’s nodes or probably an API and it’s database. Let’s asssume you have your fancy app, which talks to an API, which itselfs needs a database to run (and you probably want to test against the same database like in production and not sqlite). Read more

November 19, 2017

Container vulnerability scan using CoreOS Clair

Docker Enterprise EE and it’s trusted registry has this great feature for security scanning images, which can be included in promotion policies and so on. If you however are not using EE or either DTR, there’s an awesome project from the CoreOS team called Clair. Just check the intergrations for a list of projects using it. I’ve started using this in Gitlab CI as an additional step to check images before uploading it to the builtin registry. Read more

August 31, 2017

Use Ansible to apply rolling updates to Docker swarm nodes

Even with all those elastic superscaling whatsoever buzzword stuff, sometimes it just comes down to simple upgrading a component like Docker daemon itself or a new kernel. With swarm, this means draining the node, do our stuff, probably reboot and then set it active again. Being ephemeral is cool, so we could spawn new (updated) swarm members using Ansible and then destroy the old hard-working bees afterwards. But to me, this seems more like a “just because we can”, even more then running small or medium sized swarms/clusters. Read more

March 17, 2017

Deploy to Docker Swarm using Gitlab CI

UPDATE 2017-06-07: Added info about secure connections You might have heard of awesome Gitlab and it’s builtin CI. Also, Docker might ring some bells. And Gitlab loves Docker. I’m using Gitlab CI with Docker for a long time now, even before Gitlab included the container registry. Playing around with Swarm some months ago immediately made me want to combine all of them. The whole Kubernetes thing is pretty cool but sometimes just too much. Read more