Rancher2.x流水线自动化部署

程序员文章站 2022-04-10 14:38:33

1、概述由于一些项目使用了rancher进行部署发布，所以使用Rancher的流水线自动部署功能实现CICD，从gitlab、harbor安装，到流水线配置和中间的一些问题一一进行详细介绍解答。 2、准备工作前期的Docker和Rancher安装就不在描述，直接进入正题 2.1 gitlab安装 ......

1、概述

　　由于一些项目使用了rancher进行部署发布，所以使用rancher的流水线自动部署功能实现cicd，从gitlab、harbor安装，到流水线配置和中间的一些问题一一进行详细介绍解答。

2、准备工作

　　前期的docker和rancher安装就不在描述，直接进入正题

　　2.1 gitlab安装

　　　　　gitlab安装很简单，配置到相应pvc和external_url即可

　　　　　 yaml文件如下

apiversion: apps/v1beta2
kind: deployment
metadata:
  annotations:
    deployment.kubernetes.io/revision: "1"
    field.cattle.io/creatorid: user-ff6zz
    field.cattle.io/publicendpoints: '[{"addresses":["10.10.1.3"],"port":31901,"protocol":"tcp","servicename":"gitlab:gitlab-nodeport","allnodes":true}]'
  creationtimestamp: "2019-12-02t12:48:28z"
  generation: 2
  labels:
    cattle.io/creator: norman
    workload.user.cattle.io/workloadselector: deployment-gitlab-gitlab
  name: gitlab
  namespace: gitlab
  resourceversion: "3780"
  selflink: /apis/apps/v1beta2/namespaces/gitlab/deployments/gitlab
  uid: 68d9ca46-80bf-4b2b-af50-a9e69aadf12a
spec:
  progressdeadlineseconds: 600
  replicas: 1
  revisionhistorylimit: 10
  selector:
    matchlabels:
      workload.user.cattle.io/workloadselector: deployment-gitlab-gitlab
  strategy:
    rollingupdate:
      maxsurge: 1
      maxunavailable: 0
    type: rollingupdate
  template:
    metadata:
      annotations:
        cattle.io/timestamp: "2019-12-02t12:48:37z"
        field.cattle.io/ports: '[[{"containerport":31901,"dnsname":"gitlab-nodeport","kind":"nodeport","name":"31901tcp319011","protocol":"tcp","sourceport":31901}]]'
      creationtimestamp: null
      labels:
        workload.user.cattle.io/workloadselector: deployment-gitlab-gitlab
    spec:
      containers:
      - env:
        - name: gitlab_omnibus_config
          value: external_url 'http://10.10.1.3:31901'
        image: gitlab/gitlab-ce:12.4.5-ce.0
        imagepullpolicy: always
        name: gitlab
        ports:
        - containerport: 31901
          name: 31901tcp319011
          protocol: tcp
        resources: {}
        securitycontext:
          allowprivilegeescalation: false
          capabilities: {}
          privileged: false
          readonlyrootfilesystem: false
          runasnonroot: false
        stdin: true
        terminationmessagepath: /dev/termination-log
        terminationmessagepolicy: file
        tty: true
        volumemounts:
        - mountpath: /etc/gitlab
          name: vol1
        - mountpath: /var/log/gitlab
          name: vol2
        - mountpath: /var/opt/gitlab
          name: vol3
      dnspolicy: clusterfirst
      restartpolicy: always
      schedulername: default-scheduler
      securitycontext: {}
      terminationgraceperiodseconds: 30
      volumes:
      - name: vol1
        persistentvolumeclaim:
          claimname: gitlab-config
      - name: vol2
        persistentvolumeclaim:
          claimname: gitlab-log
      - name: vol3
        persistentvolumeclaim:
          claimname: gitlab-data
status:
  availablereplicas: 1
  conditions:
  - lasttransitiontime: "2019-12-02t12:51:23z"
    lastupdatetime: "2019-12-02t12:51:23z"
    message: deployment has minimum availability.
    reason: minimumreplicasavailable
    status: "true"
    type: available
  - lasttransitiontime: "2019-12-02t12:48:28z"
    lastupdatetime: "2019-12-02t12:51:23z"
    message: replicaset "gitlab-db7b54f5c" has successfully progressed.
    reason: newreplicasetavailable
    status: "true"
    type: progressing
  observedgeneration: 2
  readyreplicas: 1
  replicas: 1
  updatedreplicas: 12.2

　　2.2 harbor安装

　　　　　harbor私有docker镜像仓库安装，为了做到持久化，先行安装pgsql和redis。pgsql安装好后先创建registry,clair,notary_server,notary_signer4个数据库然后在商店选择harbor，配置相关选项，然后在harbor启动后，如果没有使用https，需要在node主机上的docker配置文件daemon.json中加入harbor私用镜像库地址 "insecure-registries":["10.10.1.3:30003"]，不然docker会报证书问题的错误。然后在rancher的资源->镜像库凭证中添加相关凭证。最后把接下来需要的镜像上传到harbor,上传前需要docker login。

docker pull mcr.microsoft.com/dotnet/core/sdk:3.0
docker tag mcr.microsoft.com/dotnet/core/sdk:3.0 10.10.1.3:30003/jfwang/mcr.microsoft.com/dotnet/core/sdk:3.0
docker push 10.10.1.3:30003/jfwang/mcr.microsoft.com/dotnet/core/sdk:3.0

　　　　　 Rancher2.x流水线自动化部署

3、配置流水线

　　配置rancher的token和key在后续自动部署的时候直接操作容器，

Rancher2.x流水线自动化部署

点击添加key，然后记住token和key。

然后在工作负载->流水线->配置代码库->认证&同步代码库，我这里选择的gitlab，按照配置即可

Rancher2.x流水线自动化部署

授权成功后，需要在setting->network->outbound requests下勾选allow requests to the local network from web hooks and services，这样代码的pull命令才会触发钩子。

同步完代码库后，点击启用，点击编辑配置对流水线进行具体配置。

第一步clone代码是自带的无需配置

第二步执行测试操作，点击添加阶段。然后在阶段里添加步骤，步骤类型为运行脚本，基础镜像填你执行命令的所需镜像，不同程序语言执行不同的脚本

Rancher2.x流水线自动化部署

第三步发布程序，步骤类型和基础镜像和第二步一样，脚本为发布脚本

第四不构建镜像，步骤类型构建并发布镜像，dockerfile路径就填写你代码中dockerfile的路径，镜像名称如果你要push到自己的镜像仓库则规则必须是镜像项目名/程序名，不然无权限，最后勾选我们最开始配置的私有镜像仓库地址。

Rancher2.x流水线自动化部署

dockerfile

from 10.10.1.3:30003/jfwang/mcr.microsoft.com/dotnet/core/aspnet:3.0 as runtime
workdir /app
copy /src/publish ./
entrypoint ["dotnet", "pipeline-example-dotnetcore.dll"]

第五步，因我们要自动部署应用到rancher，为了重复部署的时候防止端口被占用，名称重复等等，我们直接先通过rancher api 执行删除pod操作。注意如果不是用的https要在最后面加-k参数，不然会报证书错误。

curl -u "{token}:{key}" \
-x delete \
-h 'accept: application/json' \
'https://10.10.1.3/v3/project/c-24h9n:p-f9cxk/workloads/deployment:default:pipeline-example-dotnetcore' -k

第六步通过yaml部署应用

路径填写代码中的yaml路径

yaml

apiversion: apps/v1beta2
kind: deployment
metadata: 
  name: pipeline-example-dotnetcore
  namespace: default
spec:
  progressdeadlineseconds: 600
  replicas: 1
  revisionhistorylimit: 10
  selector:
    matchlabels:
      workload.user.cattle.io/workloadselector: deployment-default-pipeline-example-dotnetcore
  strategy:
    type: recreate
  template:
    metadata:
      annotations:
        cattle.io/timestamp: "2019-12-01t08:37:18z"
        field.cattle.io/ports: '[[{"containerport":80,"dnsname":"pipeline-example-dotnetcore-hostport","hostport":5000,"kind":"hostport","name":"5000tcp50000","protocol":"tcp","sourceport":5000}]]'
      creationtimestamp: null
      labels:
        workload.user.cattle.io/workloadselector: deployment-default-pipeline-example-dotnetcore
    spec:
      containers:
      - image: ${cicd_image}:1.${cicd_execution_sequence}
        imagepullpolicy: always
        name: pipeline-example-dotnetcore
        ports:
        - containerport: 80
          hostport: 5000
          name: 5000tcp50000
          protocol: tcp
        resources: {}
        securitycontext:
          allowprivilegeescalation: false
          capabilities: {}
          privileged: false
          readonlyrootfilesystem: false
          runasnonroot: false
        stdin: true
        terminationmessagepath: /dev/termination-log
        terminationmessagepolicy: file
        tty: true
      dnspolicy: clusterfirst
      imagepullsecrets:
      - name: harbor
      restartpolicy: always
      schedulername: default-scheduler
      securitycontext: {}
      terminationgraceperiodseconds: 30
status:
  availablereplicas: 1
  conditions:
  - lasttransitiontime: "2019-12-01t08:37:21z"
    lastupdatetime: "2019-12-01t08:37:21z"
    message: deployment has minimum availability.
    reason: minimumreplicasavailable
    status: "true"
    type: available
  - lasttransitiontime: "2019-12-01t08:32:53z"
    lastupdatetime: "2019-12-01t08:37:21z"
    message: replicaset "pipeline-example-dotnetcore-84d4cfbb75" has successfully progressed.
    reason: newreplicasetavailable
    status: "true"
    type: progressing
  observedgeneration: 7
  readyreplicas: 1
  replicas: 1
  updatedreplicas: 1

至此全部部署完毕。

上一篇： IDEA和Eclipse启动优化

下一篇： Python爬虫：AGE动漫下载之 selenium 版

Rancher2.x流水线自动化部署

1、概述

2、准备工作

2.1 gitlab安装

2.2 harbor安装

3、配置流水线

使用pm2自动化部署node项目的方法步骤

Linux下自动化部署ASP.NET CORE 3.1（Docker+Jenkins+Nginx）

详解Linux下自动化部署工具Puppet 的注册方式与常用命令

ansible自动化部署之场景应用

实现android自动化测试部署与运行Shell脚本分享

Python自动化部署工具Fabric的简单上手指南

使用Git实现Laravel项目的自动化部署

Linux 自动化部署Rsyslog服务

运维自动化之系统部署 PXE（二）

【nodejs原理&源码赏析（9）】用node-ssh实现轻量级自动化部署