CAS embraced Docker a while ago by providing a sample Dockerfile template to kickstart the builds. Since then, both configuration and technology have evolved greatly to simplify Docker-based deployments of CAS in much easier and hassle-free ways. This tutorial begins to review strategies that exist today to allow a CAS adopter to create Docker images for a CAS deployment and run containers with ease.
Our starting position is based on the following:
6.2.xmaster branch specifically)Jib is an open-source Java containerizer from Google. It is a container image builder that handles all the steps of packaging the CAS web application into a container image. It does not require you to write a Dockerfile or have Docker installed, and it is directly integrated into CAS WAR overlay.
Once you have cloned the CAS WAR overlay, you can examine the relevant task via:
./gradlew tasks
Jib tasks
---------
jib - Builds a container image to a registry.
jibBuildTar - Builds a container image to a tarball.
jibDockerBuild - Builds a container image to a Docker daemon.
You can build Docker image direcly with jib using:
./gradlew jibDockerBuild
Setting image creation time to current time; your image may not be reproducible.
Containerizing application to Docker daemon as org.apereo.cas/cas:v6.2.0-SNAPSHOT...
Base image 'adoptopenjdk/openjdk11:alpine-jre' does not use a
specific image digest - build may not be reproducible
The base image requires auth. Trying again for adoptopenjdk/openjdk11:alpine-jre...
The credential helper (docker-credential-desktop) has
nothing for server URL: registry-1.docker.io
Got output:
credentials not found in native keychain
The credential helper (docker-credential-desktop)
has nothing for server URL: registry.hub.docker.com
Got output:
credentials not found in native keychain
Using base image with digest: sha256:5c87145a62b49a7620
Container entrypoint set to [docker/entrypoint.sh]
Built image to Docker daemon as org.apereo.cas/cas:v6.2.0-SNAPSHOT
Executing tasks:
[==============================] 100.0% complete
Next, you can exmaine your available Docker images:
$ docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
org.apereo.cas/cas v6.2.0-SNAPSHOT 7e9c1d4b3ce0 About a minute ago 358MB
Certain configuration elements about the Docker images, such as the base image can be controlled via the gradle.propeties file. For more
details, please review gradle/dockerjib.gradle file.
If you prefer a more traditional approach via a native Dockerfile, there is one provided for you in the Overlay that can be built via:
./docker-build.sh
...
Successfully built 83c945802e31
Successfully tagged apereo/cas:v6.2.0-SNAPSHOT
Built CAS image successfully tagged as apereo/cas:v6.2.0-SNAPSHOT
REPOSITORY TAG IMAGE ID CREATED SIZE
org.apereo.cas/cas v6.2.0-SNAPSHOT 83c945802e31 Less than a second ago 249MB
For convenience, an additional docker-compose.yml is also provided to orchestrate the build, as modest as it may be:
docker-compose build
Successfully built a8b5b2d1b90e
Successfully tagged org.apereo.cas/cas:v6.2.0-SNAPSHOT
Built CAS image successfully tagged as org.apereo.cas/cas:v6.2.0-SNAPSHOT
REPOSITORY TAG IMAGE ID CREATED SIZE
org.apereo.cas/cas v6.2.0-SNAPSHOT a8b5b2d1b90e Less than a second ago 249MB
If you have questions about the contents and the topic of this blog post, or if you need additional guidance and support, feel free to send us a note and ask about consulting and support services.
I hope this review was of some help to you and I am sure that both this post as well as the functionality it attempts to explain can be improved in any number of ways. Please feel free to engage and contribute as best as you can.
Monday-Friday
9am-6pm, Central European Time
7am-1pm, U.S. Eastern Time
Monday-Friday
9am-6pm, Central European Time