In this post, we will see how to deploy application from Bitbucket to Oracle Container Engine for Kubernetes(OKE).
There is no docker image pre exist in Bitbucket Pipeline that has OCI CLI installed in it that we can use it for our purpose.
First step is to create Docker image with OCI CLI and kubectl installed in it. I am using Python slim base image for this. Using pip install we are simply installing oci-cli version
2.25.1 . Note at time of publishing this is latest version.
For kubectl, we are using commands provided in k8s documentation. Lastly, creating empty config file ~/.oci/config and providing entrypoint.
FROM python:3.8-slim WORKDIR /usr/src/app RUN pip install --no-cache-dir oci-cli==2.25.1 RUN apt-get update && apt-get install -y \ curl RUN curl -fsSLo /usr/share/keyrings/kubernetes-archive-keyring.gpg https://packages.cloud.google.com/apt/doc/apt-key.gpg RUN echo "deb [signed-by=/usr/share/keyrings/kubernetes-archive-keyring.gpg] https://apt.kubernetes.io/ kubernetes-xenial main" | tee /etc/apt/sources.list.d/kubernetes.list RUN apt-get update && apt-get install -y kubectl RUN mkdir ~/.oci/ && touch ~/.oci/config && chmod 600 ~/.oci/config ENTRYPOINT ["/usr/local/bin/oci"]
We can push this image to OCIR/Dockerhub. I have deployed the image to OCIR in private repository and will use that for Bitbucket pipeline to connect to OKE.
For base image I have specified the image which is deployed in OCIR. It is private image so need to provide username and password, we are providing that using variables.
image: name: iad.ocir.io/<NAMESPACE>/oci-cli:latest username: $USERNAME password: $PASSWORD pipelines: default: - step: script: - export OCI_CLI_TENANCY=$OCI_CLI_TENANCY - export OCI_CLI_REGION=$OCI_CLI_REGION - export OCI_CLI_USER=$OCI_CLI_USER - export OCI_CLI_FINGERPRINT=$OCI_CLI_FINGERPRINT - (umask 077 ; echo $OCI_CLI_KEY | base64 --decode > $HOME/.oci/oci_api_key.pem) - export OCI_CLI_KEY_FILE=$HOME/.oci/oci_api_key.pem - mkdir -p $HOME/.kube - oci ce cluster create-kubeconfig --cluster-id ocid1.cluster.oc1.iad.aaaa...zg --file $HOME/.kube/config --region us-ashburn-1 --token-version 2.0.0 - export KUBECONFIG=$HOME/.kube/config - kubectl get nodes
In this above YAML file inside script we are setting up OCI CLI by exporting required variable. One of those variable is OCI_CLI_KEY_FILE which we are setting up by using base64 encode of private key and then decoding in our script.
Finally, we are setting up kubeconfig so that we can use to run kubectl commands.
In this screenshot below, you can see how to configure variables to use in YAML file