Ko te punaha taunakitanga ihirangi ataata ipurangi e mahihia ana e matou he whanaketanga arumoni kati, a, ko te tikanga he huinga-waahanga maha o nga waahanga rangatira me nga waahanga tuwhera. Ko te kaupapa o te tuhi i tenei tuhinga he whakamaarama i te whakatinanatanga o te punaha whakahiato kahui docker swarm mo te waahi whakaari me te kore e whakararu i te rerenga mahi kua whakaritea o a maatau mahi i roto i te wa poto. E rua nga wahanga o te korero ka tukuna atu ki to aro. Ko te waahanga tuatahi e whakaatu ana i te CI / CD i mua i te whakamahi i te docker swarm, ko te tuarua e whakaatu ana i te tukanga o tana whakatinanatanga. Ko te hunga karekau e aro ki te panui i te waahanga tuatahi ka taea te neke ki te tuarua.
Wahanga I
Hoki i te tau tawhiti, tawhiti, me tere te whakarite i te tukanga CI / CD. Ko tetahi o nga tikanga kia kaua e whakamahi Docker mo te whakatakotoranga Kua whakawhanakehia nga waahanga mo nga take maha:
- mo te mahi pono me te pumau o nga waahanga i roto i te Whakangao (ara, ko te tikanga kia kaua e whakamahi mariko)
- Ko nga kaiwhakawhanake rangatira kaore i pirangi ki te mahi tahi me Docker (he rerekee, engari koina tena)
- e ai ki nga whakaaro whakaaro o te whakahaere R&D
Ko nga hanganga, te taapu me nga whakaritenga tuatahi mo te MVP i whakaatuhia e whai ake nei:
- 4 Intel® X5650 tūmau me Debian (kotahi atu miihini kaha kua tino whakawhanakehia)
- Ko te whakawhanaketanga o nga waahanga ritenga ka mahia i C ++, Python3
- Ko nga taputapu matua tuatoru i whakamahia: Kafka, Clickhouse, Airflow, Redis, Grafana, Postgresql, Mysql, ...
- Nga paipa mo te hanga me te whakamatautau i nga waahanga motuhake mo te patuiro me te tuku
Ko tetahi o nga patai tuatahi e tika ana kia whakatutukihia i te waahi tuatahi ko te pehea e tukuna ai nga waahanga ritenga ki tetahi taiao (CI / CD).
I whakatau matou ki te whakauru nahanaha nga waahanga tuatoru me te whakahou nahanaha. Ko nga tono ritenga i whakawhanakehia i roto i te C++, i te Python ranei ka taea te tuku i nga huarahi maha. I roto i a raatau, hei tauira: te hanga i nga kohinga punaha, ka tukuna ki te putunga o nga whakaahua kua hangaia, katahi ka whakauru ki runga i nga kaitoro. Mo te take kaore i mohiotia, i whiriwhiria tetahi atu tikanga, ara: ma te whakamahi CI, ka whakahiatohia nga konae whakahaere tono, ka hangaia he taiao kaupapa mariko, ka whakauruhia nga waahanga py mai i requirements.txt, ka tukuna katoatia enei taonga me nga whirihora, nga tuhinga me te te taha o te taiao tono ki nga tūmau. I muri mai, ka whakarewahia nga tono hei kaiwhakamahi mariko kaore he mana kaiwhakahaere.
I tohua a Gitlab-CI hei punaha CI/CD. He penei te ahua o te pipeline hua:
Ko te hanganga, he penei te ahua o gitlab-ci.yml
---
variables:
# минимальная версия ЦПУ на серверах, где разворачивается кластер
CMAKE_CPUTYPE: "westmere"
DEBIAN: "MYREGISTRY:5000/debian:latest"
before_script:
- eval $(ssh-agent -s)
- ssh-add <(echo "$SSH_PRIVATE_KEY")
- mkdir -p ~/.ssh && echo -e "Host *ntStrictHostKeyChecking nonn" > ~/.ssh/config
stages:
- build
- testing
- deploy
debug.debian:
stage: build
image: $DEBIAN
script:
- cd builds/release && ./build.sh
paths:
- bin/
- builds/release/bin/
when: always
release.debian:
stage: build
image: $DEBIAN
script:
- cd builds/release && ./build.sh
paths:
- bin/
- builds/release/bin/
when: always
## testing stage
tests.codestyle:
stage: testing
image: $DEBIAN
dependencies:
- release.debian
script:
- /bin/bash run_tests.sh -t codestyle -b "${CI_COMMIT_REF_NAME}_codestyle"
tests.debug.debian:
stage: testing
image: $DEBIAN
dependencies:
- debug.debian
script:
- /bin/bash run_tests.sh -e codestyle/test_pylint.py -b "${CI_COMMIT_REF_NAME}_debian_debug"
artifacts:
paths:
- run_tests/username/
when: always
expire_in: 1 week
tests.release.debian:
stage: testing
image: $DEBIAN
dependencies:
- release.debian
script:
- /bin/bash run_tests.sh -e codestyle/test_pylint.py -b "${CI_COMMIT_REF_NAME}_debian_release"
artifacts:
paths:
- run_tests/username/
when: always
expire_in: 1 week
## staging stage
deploy_staging:
stage: deploy
environment: staging
image: $DEBIAN
dependencies:
- release.debian
script:
- cd scripts/deploy/ &&
python3 createconfig.py -s $CI_ENVIRONMENT_NAME &&
/bin/bash install_venv.sh -d -r ../../requirements.txt &&
python3 prepare_init.d.py &&
python3 deploy.py -s $CI_ENVIRONMENT_NAME
when: manual
He mea tika kia mohiohia ko te huihuinga me te whakamatautau ka whakahaerehia i runga i tana ake ahua, kei reira kua whakauruhia nga kohinga punaha katoa me etahi atu tautuhinga.
Ahakoa he mea whakamere ia o enei tuhinga i roto i nga mahi, engari ko te tikanga kare au e korero mo aua tuhinga, ka roa te roa o te whakaahuatanga o ia tuhinga, a ehara tenei i te kaupapa o te tuhinga. Ka aro noa ahau ki te mea kei roto i te waahanga tuku he raupapa o nga tuhi tuhi:
- waihangaconfig.py - ka waihanga i te konae settings.ini me nga tautuhinga wae i roto i nga momo taiao mo te tukunga a muri ake nei (Whakaahuatanga, Whakaputa, Whakamatau, ...)
- install_venv.sh - ka hangaia he taiao mariko mo nga waahanga py i roto i tetahi raarangi motuhake ka kape ki nga kaitoro mamao
- prepare_init.d.py — ka whakarite i nga tuhinga timata-mutu mo te waahanga i runga i te tauira
- deploy.py - ka pirau ka whakaara ano i nga waahanga hou
Kua pahemo te wa. I whakakapihia te waahi whakaari ki te mahi o mua me te whakaputa. He tautoko taapiri mo te hua i runga i tetahi atu tohatoha (CentOS). Kua taapirihia e 5 nga kaitoro tinana kaha ake me te tatini mariko. Na ka kaha ake te uaua mo nga kaiwhakawhanake me nga kaiwhakaatu ki te whakamatautau i a raatau mahi i roto i te taiao tata atu ki te ahua mahi. I tenei wa, ka maarama kaore e taea te mahi me te kore ia ...
Wahi II
Na, ko ta maatau roopu he punaha whakamiharo o nga waahanga takirua takirua kaore i te whakaahuahia e Dockerfiles. Ka taea anake e koe te whirihora mo te tuku ki tetahi taiao motuhake. Ko ta matou mahi ko te toha i te kahui ki roto i te waahi whakaari hei whakamatautau i mua i te whakamatautau i mua i te tuku.
Ko te tikanga, he maha nga tautau e rere ana i te wa kotahi: ko te maha o nga mahi kei roto i te ahua kua oti, kua tata ranei ki te whakaoti. Ko nga kaha o nga kaitoro kei a matou e tuku ana ki te whakahaere i etahi tautau ki runga i ia tūmau. Me wehe ke ia kapoi tuutuu (kaore he mokowhititanga i nga tauranga, raarangi korero, aha atu).
Ko ta matou rawa tino nui ko to matou wa, a, kaore i te nui o maatau.
Mo te tiimata tere, i tohua e matou a Docker Swarm na te ngawari me te ngawari o te hoahoanga. Ko te mea tuatahi i mahia e matou ko te hanga i tetahi kaiwhakahaere me etahi pona kei runga i nga kaitoro mamao:
$ docker node ls
ID HOSTNAME STATUS AVAILABILITY MANAGER STATUS ENGINE VERSION
kilqc94pi2upzvabttikrfr5d nop-test-1 Ready Active 19.03.2
jilwe56pl2zvabupryuosdj78 nop-test-2 Ready Active 19.03.2
j5a4yz1kr2xke6b1ohoqlnbq5 * nop-test-3 Ready Active Leader 19.03.2
Whai muri, hanga he whatunga:
$ docker network create --driver overlay --subnet 10.10.10.0/24 nw_swarm
I muri mai, i honoa e matou a Gitlab-CI me te Swarm nodes mo te mana mamao o nga pona mai i te CI: te whakauru i nga tiwhikete, te tautuhi i nga taurangi ngaro, me te whakarite i te ratonga Docker i runga i te tūmau mana. Ko tenei i whakaora ia matou i te wa roa.
I muri mai, i taapirihia e matou nga mahi hanga me te whakangaro ki .gitlab-ci .yml.
He torutoru ano nga mahi kua taapirihia ki .gitlab-ci .yml
## staging stage
deploy_staging:
stage: testing
before_script:
- echo "override global 'before_script'"
image: "REGISTRY:5000/docker:latest"
environment: staging
dependencies: []
variables:
DOCKER_CERT_PATH: "/certs"
DOCKER_HOST: tcp://10.50.173.107:2376
DOCKER_TLS_VERIFY: 1
CI_BIN_DEPENDENCIES_JOB: "release.centos.7"
script:
- mkdir -p $DOCKER_CERT_PATH
- echo "$TLSCACERT" > $DOCKER_CERT_PATH/ca.pem
- echo "$TLSCERT" > $DOCKER_CERT_PATH/cert.pem
- echo "$TLSKEY" > $DOCKER_CERT_PATH/key.pem
- docker stack deploy -c docker-compose.yml ${CI_ENVIRONMENT_NAME}_${CI_COMMIT_REF_NAME} --with-registry-auth
- rm -rf $DOCKER_CERT_PATH
when: manual
## stop staging stage
stop_staging:
stage: testing
before_script:
- echo "override global 'before_script'"
image: "REGISTRY:5000/docker:latest"
environment: staging
dependencies: []
variables:
DOCKER_CERT_PATH: "/certs"
DOCKER_HOST: tcp://10.50.173.107:2376
DOCKER_TLS_VERIFY: 1
script:
- mkdir -p $DOCKER_CERT_PATH
- echo "$TLSCACERT" > $DOCKER_CERT_PATH/ca.pem
- echo "$TLSCERT" > $DOCKER_CERT_PATH/cert.pem
- echo "$TLSKEY" > $DOCKER_CERT_PATH/key.pem
- docker stack rm ${CI_ENVIRONMENT_NAME}_${CI_COMMIT_REF_NAME}
# TODO: need check that stopped
when: manual
Mai i te snippet waehere i runga ake nei, ka kite koe e rua nga paatene (deploy_staging, stop_staging) kua taapirihia ki nga Pipelines, me mahi a-ringa.
Ko te ingoa o te puranga e rite ana ki te ingoa o te peka, a me ranea tenei ahurei. Ko nga ratonga kei roto i te puranga ka whiwhi i nga wahitau IP ahurei, me nga tauranga, nga raarangi, me era atu. ka wehea, engari he rite tonu mai i te puranga ki te puranga (na te mea he rite te konae whirihoranga mo nga puranga katoa) - ko ta matou i hiahia. Ka tohatohahia e matou te puranga (cluster) ma te whakamahi docker-compose.yml, e whakaahua ana i to tatou tautau.
docker-compose.yml
---
version: '3'
services:
userprop:
image: redis:alpine
deploy:
replicas: 1
placement:
constraints: [node.id == kilqc94pi2upzvabttikrfr5d]
restart_policy:
condition: none
networks:
nw_swarm:
celery_bcd:
image: redis:alpine
deploy:
replicas: 1
placement:
constraints: [node.id == kilqc94pi2upzvabttikrfr5d]
restart_policy:
condition: none
networks:
nw_swarm:
schedulerdb:
image: mariadb:latest
environment:
MYSQL_ALLOW_EMPTY_PASSWORD: 'yes'
MYSQL_DATABASE: schedulerdb
MYSQL_USER: ****
MYSQL_PASSWORD: ****
command: ['--character-set-server=utf8mb4', '--collation-server=utf8mb4_unicode_ci', '--explicit_defaults_for_timestamp=1']
deploy:
replicas: 1
placement:
constraints: [node.id == kilqc94pi2upzvabttikrfr5d]
restart_policy:
condition: none
networks:
nw_swarm:
celerydb:
image: mariadb:latest
environment:
MYSQL_ALLOW_EMPTY_PASSWORD: 'yes'
MYSQL_DATABASE: celerydb
MYSQL_USER: ****
MYSQL_PASSWORD: ****
deploy:
replicas: 1
placement:
constraints: [node.id == kilqc94pi2upzvabttikrfr5d]
restart_policy:
condition: none
networks:
nw_swarm:
cluster:
image: $CENTOS7
environment:
- CENTOS
- CI_ENVIRONMENT_NAME
- CI_API_V4_URL
- CI_REPOSITORY_URL
- CI_PROJECT_ID
- CI_PROJECT_URL
- CI_PROJECT_PATH
- CI_PROJECT_NAME
- CI_COMMIT_REF_NAME
- CI_BIN_DEPENDENCIES_JOB
command: >
sudo -u myusername -H /bin/bash -c ". /etc/profile &&
mkdir -p /storage1/$CI_COMMIT_REF_NAME/$CI_PROJECT_NAME &&
cd /storage1/$CI_COMMIT_REF_NAME/$CI_PROJECT_NAME &&
git clone -b $CI_COMMIT_REF_NAME $CI_REPOSITORY_URL . &&
curl $CI_API_V4_URL/projects/$CI_PROJECT_ID/jobs/artifacts/$CI_COMMIT_REF_NAME/download?job=$CI_BIN_DEPENDENCIES_JOB -o artifacts.zip &&
unzip artifacts.zip ;
cd /storage1/$CI_COMMIT_REF_NAME/$CI_PROJECT_NAME/scripts/deploy/ &&
python3 createconfig.py -s $CI_ENVIRONMENT_NAME &&
/bin/bash install_venv.sh -d -r ../../requirements.txt &&
python3 prepare_init.d.py &&
python3 deploy.py -s $CI_ENVIRONMENT_NAME"
deploy:
replicas: 1
placement:
constraints: [node.id == kilqc94pi2upzvabttikrfr5d]
restart_policy:
condition: none
tty: true
stdin_open: true
networks:
nw_swarm:
networks:
nw_swarm:
external: true
I konei ka kite koe kei te hono nga waahanga e tetahi whatunga (nw_swarm) ka waatea ki a raatau ano.
Ko nga waahanga punaha (i runga i te redis, mysql) ka wehea mai i te puna whanui o nga waahanga ritenga (i roto i nga mahere me nga mea ritenga ka wehewehea hei ratonga). Ko te ahua o te whakatakotoranga o ta tatou kahui ka rite ki te tuku CMD ki roto i to maatau ahua nui kua whirihorahia, a, i te nuinga o te waa, karekau he rereke mai i te whakatakotoranga kua whakaahuatia i te Wahanga I. Ka whakaatu ahau i nga rereketanga:
- git clone... - tikina nga konae hei horahanga (createconfig.py, install_venv.sh, etc.)
- kopiko... && wetewete... - tango me te wetewete i nga taonga toi (nga taputapu kua whakahiato)
Kotahi noa te raru kaore ano kia whakaahuatia: ko nga waahanga he atanga tukutuku kaore e uru mai i nga kaitirotiro kaiwhakawhanake. Ka whakatauhia e matou tenei raru ma te whakamahi takawaenga whakamuri, penei:
I roto i te .gitlab-ci.yml, i muri i te tohatoha i te puranga tautau, ka taapirihia e matou te raina o te tuku i te taurite (e, ka mahia, ka whakahou noa i tana whirihoranga (ka hanga i nga konae whirihoranga nginx hou kia rite ki te tauira: /etc/nginx/conf. d/${CI_COMMIT_REF_NAME}.conf) - tirohia te waehere docker-compose-nginx.yml)
- docker stack deploy -c docker-compose-nginx.yml ${CI_ENVIRONMENT_NAME} --with-registry-auth
docker-compose-nginx.yml
---
version: '3'
services:
nginx:
image: nginx:latest
environment:
CI_COMMIT_REF_NAME: ${CI_COMMIT_REF_NAME}
NGINX_CONFIG: |-
server {
listen 8080;
server_name staging_${CI_COMMIT_REF_NAME}_cluster.dev;
location / {
proxy_pass http://staging_${CI_COMMIT_REF_NAME}_cluster:8080;
}
}
server {
listen 5555;
server_name staging_${CI_COMMIT_REF_NAME}_cluster.dev;
location / {
proxy_pass http://staging_${CI_COMMIT_REF_NAME}_cluster:5555;
}
}
volumes:
- /tmp/staging/nginx:/etc/nginx/conf.d
command:
/bin/bash -c "echo -e "$$NGINX_CONFIG" > /etc/nginx/conf.d/${CI_COMMIT_REF_NAME}.conf;
nginx -g "daemon off;";
/etc/init.d/nginx reload"
ports:
- 8080:8080
- 5555:5555
- 3000:3000
- 443:443
- 80:80
deploy:
replicas: 1
placement:
constraints: [node.id == kilqc94pi2upzvabttikrfr5d]
restart_policy:
condition: none
networks:
nw_swarm:
networks:
nw_swarm:
external: true
I runga i nga rorohiko whanaketanga, whakahou /etc/hosts; tohua te url ki te nginx:
10.50.173.106 staging_BRANCH-1831_cluster.dev
Na, kua whakatinanahia te whakatakotoranga o nga kapoi tuutuu motuhake ka taea e nga kaiwhakawhanake te whakahaere i a raatau i nga tau e tika ana hei tirotiro i a raatau mahi.
Mahere a meake nei:
- Wehea a maatau waahanga hei ratonga
- Whai mo ia Dockerfile
- Ka kite aunoa i nga pona iti kua utaina i roto i te puranga
- Tauwhāitihia ngā kōpuku mā te tauira ingoa (kaua ki te whakamahi id pēnei i te tuhinga)
- Tāpirihia he haki kua pakaru te tāpae
- ...
Nga mihi nui mo .
Source: will.com