This is my second blog about building multi-arch container images using different CI tools. In the first blog, we saw how to use GitHub Actions for building multi-arch container images. In this blog, we will leverage CircleCI to build multi-arch container images.
Step 0: Create accounts on the basic services required
We are using GitHub to host the source code, CircleCI as our CI tool, and Quay.io to host our multi-arch image, so if you want to follow the steps described here, you must have an account on each service.
Step 1: Setup the Quay repository with a new Robot account
Create a repository on Quay.io and add a Robot account to it. A robot account will be useful to pull/push your multi-arch images from/to the container registry (ensure you set the write permission to your robot, like the picture below).
Step 2: Create a new repository on GitHub
Step 3: Create the Dockerfile for your application
Create a Dockerfile of your application and push it to your newly created GitHub repository.
IMPORTANT: to create multi-arch image, you must ensure that the base image you are using is available for your target architectures. In this example, we are building a multi-arch image to run on x86_64 ppc64le, s390x and arm64 and the base image we are using (Ubuntu), is available for each architecture.
We are going to use this Dockerfile for building a multi-arch container image.
Step 4: Create a CircleCI config file
- In your GitHub project create a
.circleci
directory.
- In the newly created
.circleci
directory, create a config.yml
and add this code to it.
- Commit and push the changes.
The file describes what should happen. It uses a completes a few steps to achieve multi-architecture builds:
- Runs a multiarch/qemu-user-static docker image to enable the execution of different multi-architecture containers by QEMU and binfmt_misc
- Creates a docker context (
docker context create
) and then use it ( docker buildx create --use
)
- Sets
DOCKER_EXPERIMENTAL=enabled
when using docker buildx
- Creates the container images and manifest using
docker buildx
for all the architectures specified in the --platform
argument and pushes the newly created image to a remote registry.
Step 5: Set up your build on CircleCI
- For this step, you will need a CircleCI account. Visit the CircleCI signup page and click “Sign Up with GitHub”. You will need to give CircleCI access to your GitHub account to run your builds. If you already have a CircleCI account then you can navigate to your dashboard.
- Next, you need to add your repo as a new project on CircleCI. To add your new repo, ensure that your GitHub account is selected in the dropdown in the upper-left, find the repository you just created below, and click the Setup project button next to it.
- On the redirected page, you will notice three options (Fastest, Faster and Fast), with Fastest selected as the default. We’ll use this default option.
- Enter main in the input field for the GitHub branch (notice the text underneath the field confirming the presence of the
.circleci/config
file)and click Set Up Project as shown in the screenshot:
Within no time, the build will get failed, as we are yet to add the credentials associated with the Quay repository as an environment variable in our project.
Step 6: Set an environment variable in a project
To push multi-arch images to the Quay.io registry, in .circleci/config.yml you need to provide the username and token of your Quay.io robot account. To avoid exposing them we will create environment variables on a CircleCI Project.
- On the CircleCI web app, click the Project Settings button on the project’s individual Pipelines page.
- Click on Environment Variables in the side navigation.
- Click the Add Variable button to enter the name and value of the new environment variable.
Step 7: Re-trigger the CircleCI build
To use the newly created Environment Variables, re-trigger the CircleCI build by committing the .circleci/config.yml file or by re-running the failed workflow from the start.
Once the build succeeds, multi-arch images will get pushed to quay.io
Step 8: Test your multi-arch image
We can also confirm it by using the docker manifest inspect command.
docker manifest inspect --verbose quay.io/mayurwaghmode111/circleci-multi-arch#The output should have json like:
....
# "platform": {
# "architecture": "ppc64le",
# "os": "linux",
# }
# ...
# "platform": {
# "architecture": "s390x",
# "os": "linux"
# }
# ....
# "platform": {
# "architecture": "arm64",
# "os": "linux",
# }
# ...
# "platform": {
# "architecture": "amd64",
# "os": "linux",
# }
# ...
That’s it! Thanks for reading! I hope you found this blog helpful. Drop your questions in the comments. Happy learning!
Originally published on Medium