CI/CD pipeline
CI:持续集成,实现开发人员的流程自动化;
CD:持续交付/持续部署,
基于Kubernetes的CDpipeline通常依赖以下组件:
1.版本控制系统:源代码仓库(gitlab)
2.CI Server:持续集成的自动化,可以构建出Docker Image;(jenkins)
3.Docker Registry:Docker Image存储服务
4. kubernetes Cluster:用于服务编排
我的集群:
1 [root@master01 ~]# kubectl get nodes 2 NAME STATUS ROLES AGE VERSION 3 master01 Ready control-plane,master 7d8h v1.22.0 4 node01 Ready <none> 7d7h v1.22.0 5 node02 Ready <none> 7d7h v1.22.0
CI/CD流水线所有的pod都放在devops名称空间下,所以先创建名称空间:
[root@master01 app]# cat devops-ns.yaml apiVersion: v1 kind: Namespace metadata: name: devops
开始部署gitlab,yaml文件如下:
[root@master01 gitlab]# cat gitlab-deploy.yaml
---
apiVersion: v1
kind: Service
metadata:
name: gitlab-svc
namespace: devops
spec:
selector:
app: gitlab
type: NodePort
ports:
- name: http
port: 80
nodePort: 30080
- name: ssh
port: 22
nodePort: 30022
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: gitlab
namespace: devops
spec:
replicas: 1
selector:
matchLabels:
app: gitlab
revisionHistoryLimit: 10
template:
metadata:
labels:
app: gitlab
spec:
nodeName: node02
containers:
- name: gitlab
image: gitlab/gitlab-ce
imagePullPolicy: IfNotPresent
ports:
- name: http
containerPort: 80
- name: ssh
containerPort: 22
volumeMounts:
- name: data
mountPath: /var/opt/gitlab
- name: config
mountPath: /etc/gitlab
- name: logs
mountPath: /var/log/gitlab
volumes:
- name: data
hostPath:
type: "DirectoryOrCreate"
path: /mnt/nfs/gitlab/gitlab/data
- name: config
hostPath:
type: "DirectoryOrCreate"
path: /mnt/nfs/gitlab/gitlab/config
- name: logs
hostPath:
type: "DirectoryOrCreate"
path: /mnt/nfs/gitlab/gitlab/logs
注意:该版本的gitlab在启动时如果不指定root的密码,gitlab需要初始化很长时间,密码存储在容器下的/etc/gitlab/initial_root_password文件中;
如果要指定密码,需要使用secret创建一个密码作为参数传递给容器:
[root@master01 gitlab]# echo -n wuhuanchn > password #必须加参数-n,表示不输出换行符,否则密码就包括\n字符了 [root@master01 gitlab]# kubectl create secret generic gitlab-root-password --from-file=password --dry-run -o yaml > gitlab-root-password.yaml [root@master01 gitlab]# vim gitlab-root-password.yaml apiVersion: v1 data: password: d3VodWFuY2hu kind: Secret metadata: name: gitlab-root-password namespace: devops
# secret必须是名称空间级别的资源,需要加上namespace,否则deploy创建时查不到这个secret
gitlab的deploy文件需要修改为:
apiVersion: apps/v1
kind: Deployment
metadata:
name: gitlab
namespace: devops
spec:
replicas: 1
selector:
matchLabels:
app: gitlab
revisionHistoryLimit: 10
template:
metadata:
labels:
app: gitlab
spec:
nodeName: node02
containers:
- name: gitlab
image: gitlab/gitlab-ce:13.12.10-ce.0
imagePullPolicy: IfNotPresent
env:
- name: HOSTNAME
value: gitlab.example.com
- name: GITLAB_ROOT_PASSWORD
valueFrom:
secretKeyRef:
name: gitlab-root-password
key: password
ports:
- name: http
containerPort: 80
- name: ssh
containerPort: 22
volumeMounts:
- name: data
mountPath: /var/opt/gitlab
- name: config
mountPath: /etc/gitlab
- name: logs
mountPath: /var/log/gitlab
volumes:
- name: data
hostPath:
type: "DirectoryOrCreate"
path: /mnt/nfs/gitlab/gitlab/data
- name: config
hostPath:
type: "DirectoryOrCreate"
path: /mnt/nfs/gitlab/gitlab/config
- name: logs
hostPath:
type: "DirectoryOrCreate"
path: /mnt/nfs/gitlab/gitlab/logs
初始化的时候会在以下界面卡住很长时间,整个初始化大概需要10分钟,不知道正不正常,后面尝试使用外部存储看看;
Recipe: gitlab::database_migrations
* ruby_block[check remote PG version] action nothing (skipped due to action :nothing)
* rails_migration[gitlab-rails] action run
* bash[migrate gitlab-rails database] action run
[execute] psql:/opt/gitlab/embedded/service/gitlab-rails/db/structure.sql:9: NOTICE: extension "btree_gist" already exists, skipping
psql:/opt/gitlab/embedded/service/gitlab-rails/db/structure.sql:11: NOTICE: extension "pg_trgm" already exists, skipping
gitlab已经搭建完成,可以修改下页面语言——>Preferences——>本地化——>语言里选择汉语。