cicd 04--建構自動化釋出流程
- 1 簡介
- 2 建構過程
-
- 2.1 功能說明
- 2.2 jenkins & gitlab 配置
- 2.3 測試結果
- 3 注意事項
- 4 說明
1 簡介
在實際項目中,為了提高開發人員的服務釋出效率,避免使用者手動build鏡像、通過腳本(或kubectl)更新服務,通常需要為重要的服務建構一套自動化釋出流程。
簡單來說,開發人員送出代碼,MR 到 master 分支,觸發 build 鏡像操作,并自動推送到鏡像倉庫,然後更新到測試或者預釋出環境,使用者測試ok後通知sre團隊,sre團隊觸發更新到線上或生産環境。
本文基于該思路建構一個企業可用的自動化釋出流程,分享在此處以便于有需要的i小夥伴或自己查閱學習,後續針對該類型的自動化流程的優化事宜也會補充在此處。
2 建構過程
2.1 功能說明
主要功能子產品如下:
- 清理空間(Clean workspace)
- 下載下傳代碼(Clone Repo)
- 同步代碼(Scp to sre-cicd)
- build鏡像(Build docker images)
- 打tag(Set tag)
- 檢查deploy(check deploy exists)
- 釋出到k8s(deploy to k8s)
- 告警通知(Declarative: Post Actions)
2.2 jenkins & gitlab 配置
jenkins基礎配置:
GitLab Repository Name: 填寫gitlab 的url
Build Trigger-> Accepted Merge Request Events: True
Filter branches by regex: Target Branch Regex 填寫 .*master
Secret token: 自動生成即可
gitlab 配置:
在 settings->integrations 中新加Webhooks,
URL: 填寫jenkins 中build Triggers的url
Secret Token:填寫jenkins中生成的 Secret token
Trigger: Merge request events(可按需增加其它方式)
涉及的參數說明:
cluster = 'yourNamespace'
namespace = 'sre-test'
deployment = 'xg-nginx-prod'
container_name = 'xg-nginx'
docker_repo = 'yourDockerRepoNamespace/yourDockerImageName'
branch = 'master'
repo_url = "[email protected]/test-flask.git"
work_dir = 'gitlab_test_flask'
涉及的節點:
SRE_BUILD_NODE: 用于build鏡像,并将其推送到阿裡雲鏡像倉庫
slave: 該節點用于clone git代碼,并将其rsync到 docker build機器上
SRE_NODE: 用于執行kubectl或helm操作
jenkinsfile 配置:
cluster = 'yourNamespace'
namespace = 'sre-test'
deployment = 'xg-nginx-prod'
container_name = 'xg-nginx'
docker_repo = 'yourDockerRepoNamespace/yourDockerImageName'
branch = 'master'
repo_url = "[email protected]/test-flask.git"
work_dir = 'gitlab_test_flask'
def createVersion() {
return new Date().format('yyyyMMdd-HHmmss')
}
image_version = createVersion()
default_description = "${namespace}/${deployment}:${image_version}"
currentBuild.description = "${default_description}"
pipeline {
agent {
node {
label 'SRE_BUILD_NODE'
}
}
environment {
para = "para_just_for_test"
}
stages {
stage('Clean workspace') {
agent {
node {
label 'SRE-Build01-Server'
}
}
steps {
sh """
echo 'clean workspace'
rm -fr /data/nas-sre-prod/jenkins/apps/${work_dir}/*
"""
}
}
stage("Clone Repo"){
agent {
node {
label 'slave'
}
}
steps {
echo 'Clone repo, ${branch}'
sh """
pwd
ls
"""
deleteDir()
dir("${work_dir}"){
git(
url: "${repo_url}",
credentialsId: '73*yourGitCredentialsId*74',
branch: "${branch}"
)
}
}
}
stage('Scp to sre-cicd') {
agent {
node {
label 'slave'
}
}
steps {
sh """
pwd
rsync -Lra ${work_dir} --exclude ${work_dir}/.git 106.yourSre-cicdMachine.148:/data/nas-sre-prod/jenkins/apps/
if [ \$? -ne 0 ]
then
echo "Found some error when copy the repo"
fi
"""
}
}
stage('Build docker images') {
agent {
node {
label 'SRE_BUILD_NODE'
}
}
steps {
sh """
echo 'build docker image'
pwd
ls
cd /data/nas-sre-prod/jenkins/apps/${work_dir}/
if [ ! -f Dockerfile ]
then
echo "No available dockerfile in workspace"
fi
if [ ! -f build_docker.sh ]
then
echo "No available build_docker.sh in workspace"
fi
bash build_docker.sh ${docker_repo} ${image_version}
pwd
ls
"""
}
}
stage('Set tag') {
agent {
node {
label 'slave'
}
}
steps {
dir("${work_dir}"){
echo 'set tag'
sh """
git tag -m "Build docker image ${image_version} for ${branch}/${image_version}" ${branch}/${image_version}`
git describe
git push origin ${branch}/${image_version}`
"""
}
}
}
stage('check deploy exists') {
agent {
node {
label 'SRE_NODE'
}
}
steps {
echo 'Hello, check deployment ${cluster} ${namespace}/${deployment} exists'
sh "/usr/local/bin/kubectl --kubeconfig /home/yourHome/.kube/config-${cluster} -n ${namespace} get deploy ${deployment}"
}
}
stage('deploy to k8s') {
agent {
node {
label 'SRE_NODE'
}
}
steps {
echo 'deploy to k8s'
sh """
/usr/local/bin/kubectl --kubeconfig /home/yourHome/.kube/config-${cluster} -n ${namespace} set image deployment/${deployment} ${container_name}=registry-vpc.cn-shanghai.aliyuncs.com/${docker_repo}:${image_version}
"""
}
}
}
post {
always {
echo 'I have finished'
}
success {
echo "all in one, succeed!"
sh """
curl -X POST -H "Content-Type: application/json" -d '{"msg_type":"text","content":{"text":"sre_test_flask_debug notify, ${namespace}/${deployment}:${image_version}, succeed!"}}' https://open.feishu.cn/open-apis/bot/v2/hook/46**yourFeiShuGroupWebhook**05
"""
}
failure {
echo "all in one, failed!"
sh """
curl -X POST -H "Content-Type: application/json" -d '{"msg_type":"text","content":{"text":"sre_test_flask_debug notify, ${namespace}/${deployment}:${image_version}, failed!"}}' https://open.feishu.cn/open-apis/bot/v2/hook/46**yourFeiShuGroupWebhook**05
"""
}
}
}
2.3 測試結果
jenkins 執行結果:
k8s 鏡像效果:
3 注意事項
- jenkins 中字尾比對方式在不同版本中可能有輕微的差別,是以使用最新版本jenkins的時候需要根據實際情況對比測試。
4 說明
軟體環境:
Docker: 20.10.*
K8s: 1.12
jenkins 版本:2.299
參考文檔:
jenkins 官方文檔