[英]How to deploy software builds from Azure DevOps to internal servers?
We have our software hosted in Git on Azure DevOps and built using a build pipeline (which primarily uses a Cake script).我们的软件托管在 Azure DevOps 上的 Git 中,并使用构建管道(主要使用 Cake 脚本)构建。 We are now looking to deploy this software using the Azure DevOps release pipeline.
我们现在正在寻求使用 Azure DevOps 发布管道部署此软件。 However, all of our application servers are behind our firewall, inside of our network, and don't have any port open except for 80 and 443 for the web applications.
但是,我们所有的应用程序服务器都在我们的防火墙后面,在我们的网络内部,除了 web 应用程序的 80 和 443 端口之外,没有任何端口开放。 We have dev, staging, and production servers for our apps (including some for load balancing).
我们的应用程序有开发、登台和生产服务器(包括一些用于负载平衡的服务器)。 All I really need is to copy the artifact, backup the current code to a separate folder on the server, deploy and unzip the artifact file in the root deployment folder, and restart IIS on those servers.
我真正需要的是复制工件,将当前代码备份到服务器上的单独文件夹,在根部署文件夹中部署和解压缩工件文件,然后在这些服务器上重新启动 IIS。
My company is rather large and bureaucratic so there are some hoops we have to jump through for due diligence before we even attempt this new process.我的公司相当大而且官僚,所以在我们尝试这个新流程之前,我们必须跳过一些尽职调查。 In that spirit, I am trying to find the best solution.
本着这种精神,我正在努力寻找最佳解决方案。 If you can offer your advice, and in particular, offer any other solution we did not think of, that would be helpful:
如果您能提供您的建议,特别是提供我们没有想到的任何其他解决方案,那将很有帮助:
If you have a better solution for this problem or a more common solution, let me know.如果您对此问题有更好的解决方案或更常见的解决方案,请告诉我。 If you think I should one of the 4 above solutions, let me know.
如果您认为我应该是上述 4 个解决方案之一,请告诉我。 If you can expand on any of the options above, please do.
如果您可以扩展上述任何选项,请执行此操作。
ADO agents only require external connectivity, so they talk to ADO, not vice versa. ADO 代理只需要外部连接,因此它们与 ADO 对话,反之则不然。 So you only need 443 outbound to a couple of ADO urls.
所以你只需要 443 出站到几个 ADO url。
Reading: https://docs.microsoft.com/en-us/azure/devops/pipelines/agents/agents?view=azure-devops#communication阅读: https : //docs.microsoft.com/en-us/azure/devops/pipelines/agents/agents?view=azure-devops#communication
https://docs.microsoft.com/en-us/azure/devops/pipelines/agents/v2-windows?view=azure-devops#im-running-a-firewall-and-my-code-is-in-azure-repos-what-urls-does-the-agent-need-to-communicate-with https://docs.microsoft.com/en-us/azure/devops/pipelines/agents/v2-windows?view=azure-devops#im-running-a-firewall-and-my-code-is-in- azure-repos-what-urls-does-the-agent-need-to-communicate-with
You could use Environments.您可以使用环境。 Create Environment for each VM (that includes creating agent on your machine) and then use the
environment
parameter in YAML pipelines deployment job.为每个 VM 创建环境(包括在您的机器上创建代理),然后在 YAML 管道部署作业中使用
environment
参数。 The deployment job can then do whatever you need (deploy webapp, move files, backup, etc..) on your target machine, regardless whether it's on private network.然后,部署作业可以在您的目标机器上执行您需要的任何操作(部署 webapp、移动文件、备份等),无论它是否在专用网络上。
More reading - Azure DevOps Environments: https://learn.microsoft.com/en-us/azure/devops/pipelines/process/environments?view=azure-devops更多阅读 - Azure DevOps 环境: https://learn.microsoft.com/en-us/azure/devops/pipelines/process/environments?view=azure-devops
Using deployment job: https://learn.microsoft.com/en-us/azure/devops/pipelines/process/deployment-jobs?view=azure-devops使用部署作业: https://learn.microsoft.com/en-us/azure/devops/pipelines/process/deployment-jobs?view=azure-devops
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.