How to use Bitbucket pipeline to deploy to Oracle Container Engine For Kubernetes(OKE)

In this post, we will see how to deploy application from Bitbucket to Oracle Container Engine for Kubernetes(OKE).

There is no docker image pre exist in Bitbucket Pipeline that has OCI CLI installed in it that we can use it for our purpose.

First step is to create Docker image with OCI CLI and kubectl installed in it. I am using Python slim base image for this. Using pip install we are simply installing oci-cli version 2.25.1 . Note at time of publishing this is latest version.

For kubectl, we are using commands provided in k8s documentation. Lastly, creating empty config file ~/.oci/config and providing entrypoint.

FROM python:3.8-slim
WORKDIR /usr/src/app
RUN pip install --no-cache-dir oci-cli==2.25.1

RUN apt-get update && apt-get install -y \
  curl
  
RUN curl -fsSLo /usr/share/keyrings/kubernetes-archive-keyring.gpg https://packages.cloud.google.com/apt/doc/apt-key.gpg

RUN echo "deb [signed-by=/usr/share/keyrings/kubernetes-archive-keyring.gpg] https://apt.kubernetes.io/ kubernetes-xenial main" |  tee /etc/apt/sources.list.d/kubernetes.list

RUN apt-get update && apt-get install -y kubectl

RUN mkdir ~/.oci/ && touch ~/.oci/config && chmod 600 ~/.oci/config

ENTRYPOINT ["/usr/local/bin/oci"]

We can push this image to OCIR/Dockerhub. I have deployed the image to OCIR in private repository and will use that for Bitbucket pipeline to connect to OKE.

For base image I have specified the image which is deployed in OCIR. It is private image so need to provide username and password, we are providing that using variables.

image:
  name: iad.ocir.io/<NAMESPACE>/oci-cli:latest
  username: $USERNAME
  password: $PASSWORD
pipelines:
  default:
    - step:
        script:
           - export OCI_CLI_TENANCY=$OCI_CLI_TENANCY
           - export OCI_CLI_REGION=$OCI_CLI_REGION
           - export OCI_CLI_USER=$OCI_CLI_USER
           - export OCI_CLI_FINGERPRINT=$OCI_CLI_FINGERPRINT
           - (umask  077 ; echo $OCI_CLI_KEY | base64 --decode > $HOME/.oci/oci_api_key.pem)
           - export OCI_CLI_KEY_FILE=$HOME/.oci/oci_api_key.pem
           - mkdir -p $HOME/.kube
           - oci ce cluster create-kubeconfig --cluster-id ocid1.cluster.oc1.iad.aaaa...zg --file $HOME/.kube/config --region us-ashburn-1 --token-version 2.0.0
           - export KUBECONFIG=$HOME/.kube/config
           - kubectl get nodes

In this above YAML file inside script we are setting up OCI CLI by exporting required variable. One of those variable is OCI_CLI_KEY_FILE which we are setting up by using base64 encode of private key and then decoding in our script.

Finally, we are setting up kubeconfig so that we can use to run kubectl commands.

In this screenshot below, you can see how to configure variables to use in YAML file

Show Comments