[英]How to deploy staging in Google Cloud Platform with Kubernetes and Gitlab CI/CD?
I am playing with Docker
, Kubernetes
, Google Cloud Platform(GCP)
and Gitlab
recently to achieve CI/CD
from commit
to staging
. 我最近与
Docker
, Kubernetes
, Google Cloud Platform(GCP)
和Gitlab
一起玩,以实现从commit
到staging
CI/CD
。 So far I have succeeded testing
, building
and pushing
the image to Container registry of Gitlab
. 到目前为止,我已成功
testing
, building
并将映像pushing
送到Container registry of Gitlab
。
I have a small node and docker application which output 'Hello world'
. 我有一个小节点和docker应用程序,输出
'Hello world'
。 Also, I have built my docker image in Container registry of Gitlab
. 另外,我已经在
Container registry of Gitlab
。 At this moment the process is docker-in-docker. 目前,该过程为docker-in-docker。 I want to push my image from
Gitlab container registry
to Kubernetes engine
in GCP. 我想将我的映像从
Gitlab container registry
推Kubernetes engine
GCP中的Kubernetes engine
。 I have installed both kubectl
and gcloud sdk
. 我已经安装了
kubectl
和gcloud sdk
。 The Auto DevOps seems to be promising but I want to implement my own .gitlab-ci.yml
file. Auto DevOps似乎很有前途,但我想实现自己的
.gitlab-ci.yml
文件。
Here is my .gitlab-ci.yml
below: 这是我的
.gitlab-ci.yml
下面:
stages:
- testing
- build
- staging
variables:
CONTAINER_TEST_IMAGE: registry.gitlab.com/surajneupane55/node-app-
testing
CONTAINER_RELEASE_IMAGE: registry.gitlab.com/surajneupane55/node-
app-testing:latest
test:
stage: testing
image: node:boron
script:
- npm install
- npm test
build_image:
stage: build
only: [master]
image: docker:git
services:
- docker:dind
script:
- docker login -u gitlab-ci-token -p $CI_BUILD_TOKEN
registry.gitlab.com/surajneupane55
- docker build -t $CONTAINER_TEST_IMAGE .
- docker push $CONTAINER_TEST_IMAGE
staging_site:
//I need help here!!!
//For staging my project in Kubernetes cluster in GCP
//Already created node-app Kubernetes cluster
Please, let me know if my approach is wrong since this is my first learning project with CI/CD. 请让我知道我的方法是否错误,因为这是我在CI / CD的第一个学习项目。
A simple gitlab-ci.yml
file to build and deploy in GKE with Google Container Registry(GCR)
. 一个简单的
gitlab-ci.yml
文件,可使用Google Container Registry(GCR)
在GKE中构建和部署。 First, we build image and push it to GCR. 首先,我们构建图像并将其推送到GCR。 With valid credentials, we can easily connect the GKE with GCR and deploy.
使用有效的凭据,我们可以轻松地将GKE与GCR连接并进行部署。
stages:
- build
- deploy
variables:
CONTAINER_TEST_IMAGE: gcr.io/node-testing-189614/node-testing:latest
build_image:
stage: build
only: [master]
image: google/cloud-sdk
services:
- docker:dind
script:
- echo "$GOOGLE_KEY_SECRET" > key.json # Google Cloud service accounts
- gcloud auth activate-service-account --key-file key.json
- gcloud config set project node-testing-189614
- gcloud container builds submit -t $CONTAINER_TEST_IMAGE .
deploy_staging:
image: google/cloud-sdk
stage: deploy
script:
- echo "$GOOGLE_KEY_SECRET" > key.json # Google Cloud service accounts
- gcloud auth activate-service-account --key-file key.json
- gcloud config set project node-testing-189614
- gcloud config set compute/zone europe-west1-b
- gcloud config set container/use_client_certificate True
- gcloud container clusters get-credentials node-testing
- kubectl delete pods --all
- kubectl apply -f staging.yml
environment:
name: staging
url: http://***.***.**.***:****/ //External IP from Kubernetes
only:
- master
Above we delete pods in GKE because we always want to update the image with the latest tag. 在上方,我们删除GKE中的Pod,因为我们一直想用最新的标签更新图像。 The best possible solution available so far is to delete the pods and let the
staging.yml
file creates new one if not available. 到目前为止,最好的解决方案是删除吊舱,并让
staging.yml
文件创建一个新的吊舱(如果不可用)。
Finally staging.yml
looks like this: 最后,
staging.yml
如下所示:
apiVersion: apps/v1beta1
kind: Deployment
metadata:
name: node-testing
spec:
replicas: 2
template:
metadata:
labels:
app: node-testing
spec:
containers:
- name: node-testing
image: gcr.io/node-testing-189614/node-testing:latest
imagePullPolicy: Always
ports:
- containerPort: 8080
imagePullSecrets:
- name: gcr.io/node-testing-189614/node-testing
Yu do not need the image to actualy be stored in GCR to be able to use it in your GKE, although having it nearby is nice. Yu不需要实际将图像存储在GCR中就可以在您的GKE中使用它,尽管在附近有它很好。 You need a service account on gcloud so that you have a non expiring auth to GCR (or you need to use gcloud cli to auth to GCR) then just tag the image and push it.
您需要在gcloud上有一个服务帐户,这样您才能对GCR进行不过期的身份验证(或者您需要使用gcloud cli对GCR进行身份验证),然后只需标记图像并将其推送即可。
Running it on kubernetes is a different story, and I strongly encurage you to also look at Helm for creating installation charts for your application that can be reused for multiple environments. 在kubernetes上运行它是另外一回事了,我强烈建议您也了解一下Helm,它为您的应用程序创建了可在多个环境中重复使用的安装图表。
You can decouple your configuration from CI to make it more reliable and secure if you follow the GitOps approach. 如果遵循GitOps方法,则可以将配置与CI分离,以使其更可靠,更安全。
Please take a look at my answer to another very similar question . 请看一下我对另一个非常相似的问题的回答 。
For a more high-level overview, see also: 有关更高级的概述,请参见:
Disclaimer: I am a Kubernetes contributor and Weaveworks employee. 免责声明:我是Kubernetes贡献者和Weaveworks员工。 We build open-source and commercial tools that help people to get to production with Kubernetes sooner.
我们构建了开源和商业工具,可帮助人们更快地使用Kubernetes进行生产。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.