[英]How to enable Continuous Deployment to an internal server from BitBucket
I need some guidance and advice please on if / how I can implement a CI / CD pipeline for a corporate PHP Laravel application that is hosted on an internal server with limited access and no public IP. Unfortunately my DevOps knowledge is limited and despite a lot of Google searches, I have no idea if I am on the right track or if I am a million miles away.我需要一些指导和建议,请告诉我是否/如何为公司 PHP Laravel 应用程序实施 CI / CD 管道,该应用程序托管在访问受限且没有公共 IP 的内部服务器上。不幸的是,我的 DevOps 知识有限,尽管很多谷歌搜索,我不知道我是否在正确的轨道上,或者我是否在一百万英里之外。 Everything that I have read so far looks at using Web Hooks which as far as I can tell are reliant on a public IP / domain.
到目前为止,我所阅读的所有内容都着眼于使用 Web Hook,据我所知,这些 Hook 依赖于公共 IP / 域。
At present I can work on the application on my laptop and push changes to BitBucket Cloud.目前我可以在笔记本电脑上处理应用程序并将更改推送到 BitBucket Cloud。 While I have managed to create a bitbucket-pipelines.yml file that will automatically build and test any branches that are pushed, I then have to access the server to pull the code manually and run the various scripts as required, which I would much prefer to automate.
虽然我设法创建了一个 bitbucket-pipelines.yml 文件,它将自动构建和测试任何被推送的分支,然后我必须访问服务器以手动提取代码并根据需要运行各种脚本,我更喜欢这样做自动化。
I need to understand please what options there are for implementing continuous deployment given the circumstances and limitations?鉴于情况和限制,我需要了解实施持续部署有哪些选择?
If anyone could offer some pointers then I would be very grateful.如果有人可以提供一些指示,那么我将不胜感激。
Thanks谢谢
You can't push to a machine that is unreachable but there are some alternatives.您无法推送到无法访问的机器,但有一些替代方法。
Configure a bastion host , so an external CI/CD runner can ssh through it into your server.配置一个堡垒主机,这样一个外部 CI/CD 运行器可以通过它 ssh 进入你的服务器。 Allow inbound port 22 connections from your CI/CD provider CIDR blocks to your bastion host https://ip-ranges.atlassian.com/
允许从 CI/CD 提供商 CIDR 块到堡垒主机的入站端口 22 连接https://ip-ranges.atlassian.com/
Setup a CI/CD self-hosted runner in the same.network than the server.在与服务器相同的网络中设置 CI/CD自托管运行器。 https://support.atlassian.com/bitbucket-cloud/docs/runners/ Use that runner for the deployment step to ssh into your server private IP address .
https://support.atlassian.com/bitbucket-cloud/docs/runners/使用该运行程序将 ssh 部署到您的服务器私有地址 IP中。
Setup a pull-based deployment strategy .设置基于拉动的部署策略。 Your deployment step only registers the new wanted version, eg moving a
release/production
branch on the commit ref where the deploy was triggered.您的部署步骤仅注册新的所需版本,例如,在触发部署的提交引用上移动
release/production
分支。 In your server, setup some kind of subscription to the latest release/deployment, eg a cron task to frequently fetch the production git branch.在您的服务器中,设置对最新发布/部署的某种订阅,例如一个 cron 任务来频繁获取生产 git 分支。 Upon changes, restart services and run any task you need.
更改后,重新启动服务并运行您需要的任何任务。
ansible-pull
can be handy for this purpose. ansible-pull
可以很方便地用于此目的。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.