Kaniko in Kubernetes with Jenkins
The Case for Kaniko
If we need to build a Docker image inside a k8s cluster, Kaniko is the tool for the job.
I tried using k8s agent executers in Jenkins on my k3s cluster running on Linux containers. Since I’m running containerd as the container runtime in k3s, and did not want to run a priviledged container for building the images, I did some research on the subject, which made me stumble upon Kaniko1.
Kaniko operates without relying on a Docker daemon, executing each command in a Dockerfile entirely in userspace. This allows for building container images in environments where running a Docker daemon is impractical or insecure, such as a standard Kubernetes cluster.
Kaniko for Jenkins CI
Once we set up the k8s agent executers in Jenkins2, we can include the Kaniko related specs inside the Jenkins k8s agent config, and use them in pipeline steps.
pipeline {
agent {
kubernetes {
label 'example-kaniko-volumes'
yaml """
kind: Pod
metadata:
name: kaniko
spec:
containers:
- name: jnlp
workingDir: /tmp/jenkins
- name: kaniko
workingDir: /tmp/jenkins
image: gcr.io/kaniko-project/executor:debug
imagePullPolicy: Always
command:
- /busybox/cat
tty: true
volumeMounts:
- name: jenkins-docker-cfg
mountPath: /kaniko/.docker
volumes:
- name: jenkins-docker-cfg
projected:
sources:
- secret:
name: docker-credentials
items:
- key: .dockerconfigjson
path: config.json
"""
}
}
}
Please refer https://docs.cloudbees.com/docs/cloudbees-ci-kb/latest/cloudbees-ci-on-modern-cloud-platforms/what-you-need-to-know-when-using-kaniko-from-kubernetes-jenkins-agents in case you encounter issues.
Also check out https://github.com/jenkinsci/kubernetes-plugin/blob/master/examples/kaniko.groovy.