基于 GitLab CI 和阿里云 k8s 的持续交付解决方案

527 字
3 分钟
...阅读
...评论
基于 GitLab CI 和阿里云 k8s 的持续交付解决方案

今年对于我个人而言,在 DevOps 上的最大收获,莫过于摸索了这套基于 GitLab CI 和 k8s 的持续交付解决方案,其实原理都很简单,在我去年的方案里又做了改进,实现了基于 git tag 的触发方式,并且把原先的本地打包推镜像改为在 GitLab Runner 上打包推镜像。

这套解决方案大致流程是这样的:

  1. 推送代码,在代码中配置 gitlab-ci.yml
  2. 推送 tag,触发 GitLab Runner 编译 docker 镜像,并推送至阿里云镜像仓库
  3. 在阿里云 k8s 上基于镜像仓库创建应用,并创建重新部署的触发器,在镜像更新时触发该触发器

这样,以后每次推送新的 tag 上去,就可以实现自动打包&部署了。

下面,我来详细讲解下所有步骤。

配置 GitLab Runner

config.toml
concurrent = 1
check_interval = 0

[session_server]
session_timeout = 1800

[[runners]]
name = "common-runner"
url = "https://git.xxx.xxx"
token = "TOKEN"
executor = "docker"

[runners.custom_build_dir]

[runners.cache]

[runners.cache.s3]

[runners.cache.gcs]

[runners.docker]
tls_verify = false
image = "docker:latest"
privileged = false
disable_entrypoint_overwrite = false
oom_kill_disable = false
disable_cache = false
volumes = [
  "/var/run/docker.sock:/var/run/docker.sock",
  "/xxx/gitlab-runner/cache:/cache"
]
shm_size = 0

其中 tokenGitLab Admin Area / Overview / Runners 中可以找到,或者也可以从 Project / Settings / CI/CD 中找到项目专用的 Runner token。

代码配置

前端(node)

Dockerfile
FROM node:10-alpine

WORKDIR /app

COPY package.json /app
COPY yarn.lock /app
RUN yarn install
COPY . /app
RUN yarn build

EXPOSE 8888
ENV APP_ENV $APP_ENV
CMD ["yarn", "start"]
.gitlab-ci.yml
image: docker:latest

variables:
  REGISTRY: registry.cn-hangzhou.aliyuncs.com
  USERNAME: your username
  PASSWORD: your password
  NAMESPACE: your namespace
  PROJECT_NAME: your project name

stages:
  - build

docker-build:
  stage: build
  image: docker:latest
  script:
    - docker login --username=$USERNAME $REGISTRY -p $PASSWORD
    - docker build -t $REGISTRY/$NAMESPACE/$PROJECT_NAME:$CI_COMMIT_REF_NAME -t $REGISTRY/$NAMESPACE/$PROJECT_NAME:latest .
    - docker push $REGISTRY/$NAMESPACE/$PROJECT_NAME:$CI_COMMIT_REF_NAME
    - docker push $REGISTRY/$NAMESPACE/$PROJECT_NAME:latest
  only:
    - tags

后端(spring boot)

Dockerfile
FROM openjdk:11-jre-slim

RUN ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime

VOLUME /tmp

COPY target/xxx-api.jar app.jar
ENV SPRING_PROFILES_ACTIVE="prd"
ENV JAVA_OPTS="-Xmx256m"
ENTRYPOINT [ "java", "-Djava.security.egd=file:/dev/./urandom", "-jar", "/app.jar"]
.gitlab-ci.yml
image: docker:latest

variables:
  MAVEN_OPTS: -Dmaven.repo.local=/cache/.m2/repository
  REGISTRY: registry.cn-hangzhou.aliyuncs.com
  USERNAME: your username
  PASSWORD: your password
  NAMESPACE: your namespace
  PROJECT_NAME: your project name

stages:
  - package
  - build

maven-package:
  image: maven:3.6-jdk-11-slim
  stage: package
  script:
    - mvn $MAVEN_OPTS clean package -Dmaven.test.skip=true
    - cp target/$PROJECT_NAME.jar /cache/jars/
  only:
    - tags

docker-build:
  stage: build
  image: docker:latest
  script:
    - docker login --username=$USERNAME $REGISTRY -p $PASSWORD
    - mkdir target
    - cp /cache/jars/$PROJECT_NAME.jar target
    - docker build -t $REGISTRY/$NAMESPACE/$PROJECT_NAME:$CI_COMMIT_REF_NAME -t $REGISTRY/$NAMESPACE/$PROJECT_NAME:latest .
    - docker push $REGISTRY/$NAMESPACE/$PROJECT_NAME:$CI_COMMIT_REF_NAME
    - docker push $REGISTRY/$NAMESPACE/$PROJECT_NAME:latest
  only:
    - tags

阿里云 k8s 配置

应用创建触发器:

复制触发器 URL 到镜像仓库中创建推送触发器:

完成。

评论区
Copyright © Bean Deng