Docker

Prerequisites

This section provides all required dependencies to install and start the server with Docker.

Dependency 1: Docker

Docker will be used for downloading the server and managing the lifecycle of the application.

You can refer to Docker’s official documentation on installing and configuring the service.

Dependency 2: Redis

Redis will be used for storing workloads, created by the server, that will run on a worker.

You can refer to Redis’s official documentation on installing and configuring the service.

Installation

This section provides an example of installing the server with Docker.

Step 1: Download the Image

Download the Docker image for the Vela server from DockerHub.

You can use the docker pull command to download the image:

$ docker pull target/vela-server:latest

Step 2: Create an Encryption Key

Create an Advanced Encryption Standard (AES) key used for encrypting sensitive data at rest in the database.

You can use the openssl command to generate the AES key:

$ openssl aes-128-cbc -k secret -P -md sha1

Step 3: Create a Shared Secret

Create a shared secret used for authenticating communication between workers and the server.

You can use the openssl command to generate the shared secret:

$ openssl rand -hex 16

Step 4: Create the private key

Create a private key used for minting and validating user, worker auth, and build JWT tokens.

You can also use the openssl command to generate the key.

$ openssl rand -hex 16

Step 5: Create the signing key pair

Create a key pair (ed25519) used for signing queue items. Items are signed via private key and opened via public key in the server and worker, respectively. The key pair must be base64 encoded prior to being supplied to the server. The server distributes the public key to registered workers, therefore both keys must be provided to the server.

To make it easier, you can use this Go Playground program to generate an encoded key pair that is ready to use. For security we recommend running the program locally.

Step 6: Create an OAuth Application

Vela requires OAuth application credentials from a source control management (SCM) provider.

These credentials are used to authenticate and authorize actions preformed within the platform.

Vela has support for many Source Control Management (SCM) providers to enable the preferences of you and your team.

You can follow the SCM reference for instructions on creating the OAuth application.

Step 7: Start the Server

Start the Vela server as a Docker container that is configured via environment variables.

You can use the docker run command to start the server:

$ docker run \
  --detach=true \
  --env=VELA_ADDR=https://vela-server.example.com \
  --env=VELA_DATABASE_ENCRYPTION_KEY=<encryption-key> \
  --env=VELA_QUEUE_DRIVER=redis \
  --env=VELA_QUEUE_ADDR=redis://<password>@<hostname>:<port>/<database> \
  --env=VELA_QUEUE_PRIVATE_KEY=<signing-private-key> \
  --env=VELA_QUEUE_PUBLIC_KEY=<signing-public-key> \
  --env=VELA_PORT=443 \
  --env=VELA_SERVER_PRIVATE_KEY=<private-key> \
  --env=VELA_SCM_CLIENT=<oauth-client-id> \
  --env=VELA_SCM_SECRET=<oauth-client-secret> \
  --env=VELA_WEBUI_ADDR=https://vela.example.com \
  --name=server \
  --publish=80:80 \
  --publish=443:443 \
  --restart=always \
  target/vela-server:latest

  --env=VELA_SECRET=<shared_secret>

Step 8: Verify the Server Logs

Ensure the server started up successfully and is running as expected by viewing the logs.

You can use the docker logs command to inspect the logs:

$ docker logs server

Step 9: Install Workers

After the server is up and running, you need to install workers to run workloads.

Please refer to the worker installation docs for more information.