Self-Hosted Docker Agents in Azure
By: Date: 25/06/2022 Categories: azure Tags:

There are instances where we need a specific set of libraries to generate our build. In the earlier approaches of VMs, it used to be creating a dedicated VM for our build pipeline and installing all the required libraries, and making sure our build will run inside that VM. This however will result in the wastage of resources where the VM will be idle when not in use.

Azure provides us with the option to run our builds in our custom Docker image within Azure Pipelines. As a starting point (if you are new to this), please go through this link first. My image is Ubuntu-based and the same approach (I reckon) should work in many Linux distros.

Pre-requisites:

container:
image: {your_acr_name}.azurecr.io/{dockerimage}:{version}
endpoint: {Service_connection_name}

  • The Azure Pipelines system requires a few things in Linux-based containers:
    – Bash
    – glibc-based (If alpine based, check the below code snippet)
    – Can run Node.js (which the agent provides)
    – Does not define an ENTRYPOINT (It works even if you have one unlike what’s mentioned in Azure documentation)
    – USER has access to groupadd and other privileges commands without sudo (HACK; Add “options: — user 0:0” in your pipeline)
  • If you are using non glibc based, it should have the below code
FROM node:10-alpineRUN apk add --no-cache --virtual .pipeline-deps readline linux-pam \
&& apk add bash sudo shadow \
&& apk del .pipeline-depsLABEL "com.azure.dev.pipelines.agent.handler.node.path"="/usr/local/bin/node"CMD [ "node" ]

Steps:
Build your docker image
Connect to your ACR using Azure CLI


az login
az acr login --name {your_acr_name} --expose-token
docker login {your_acr_name}.azurecr.io --username 00000000-0000-0000-0000-000000000000 --password {TOKEN}

Push the Docker image to ACR

sudo docker push {your_acr_name}.azurecr.io/{docker-image}:{tag}

  • Create a service connection between ACR and your DevOps project
    Project Settings → Service connections → New Service Connection → Docker Registry → Azure Container Registry → {Choose subscription} → {Select your container registry} → Name the service connection → Save
  • Use the docker image in your pipeline.yml
container:
image: {your_acr_name}.azurecr.io/{docker-image}:{tag}
endpoint: {Name_of_your_service_connection}