Makina opangira makanema apa intaneti omwe tikugwira nawo ntchito ndi chitukuko chotsekedwa ndipo mwaukadaulo ndi gulu lazinthu zambiri za eni ake ndi magwero otseguka. Cholinga cholembera nkhaniyi ndikufotokozera kukhazikitsidwa kwa dongosolo lamagulu a docker swarm papulatifomu, popanda kusokoneza kayendedwe kathu kokhazikika kwanthawi yochepa. Nkhani yomwe yaperekedwa kwa inu yagawidwa m'magawo awiri. Gawo loyamba limafotokoza za CI / CD musanagwiritse ntchito gulu la docker, ndipo gawo lachiwiri limafotokoza njira yoyendetsera ntchitoyi. Amene alibe chidwi chowerenga gawo loyamba akhoza kupita ku gawo lachiwiri.
Gawo I
Kalekale, kunali kofunikira kukhazikitsa ndondomeko ya CI / CD mwamsanga. Chimodzi mwazofunikira sichinali kugwiritsa ntchito Docker za kutumiza zigawo zikupangidwa pazifukwa zingapo:
- kuti magwiridwe antchito odalirika komanso okhazikika apangidwe mu Production (i.e., kwenikweni, chofunikira osagwiritsa ntchito virtualization)
- otsogolera otsogola sanafune kugwira ntchito ndi Docker (zachilendo, koma ndi momwe zinalili)
- pazifukwa zamaganizidwe za kasamalidwe ka R&D
Zomangamanga, milu ndi zofunikira zoyambira za MVP zinali motere:
- Ma seva 4 a Intel® X5650 okhala ndi Debian (makina amodzi amphamvu kwambiri opangira chitukuko)
- Kupanga zida zanu zamachitidwe kumachitika mu C ++, Python3
- Zida zazikulu zachitatu zomwe zimagwiritsidwa ntchito: Kafka, Clickhouse, Airflow, Redis, Grafana, Postgresql, Mysql, ...
- Mapaipi omangira ndi kuyesa magawo padera kuti athetse vuto ndi kumasulidwa
Limodzi mwa mafunso oyamba omwe akuyenera kuthetsedwa pa gawo loyambirira ndi momwe zigawo zachikhalidwe zidzagwiritsidwira ntchito kumalo aliwonse (CI / CD).
Tinaganiza zokhazikitsa zigawo za chipani chachitatu mwadongosolo ndikusintha mwadongosolo. Mapulogalamu opangidwa mu C ++ kapena Python amatha kutumizidwa m'njira zingapo. Pakati pawo, mwachitsanzo: kupanga phukusi ladongosolo, kuwatumiza kumalo osungirako zithunzi zomwe zasonkhanitsidwa ndikuyika kwawo pamaseva. Pazifukwa zomwe sizikudziwika kale, njira ina idasankhidwa, yomwe ndi: kugwiritsa ntchito CI, mafayilo omwe angagwiritsidwe ntchito amapangidwa, chilengedwe cha polojekiti chimapangidwa, ma py modules ochokera ku requirements.txt amayikidwa, ndipo zonsezi zimatumizidwa pamodzi ndi configs, scripts ndi malo ogwiritsira ntchito omwe akutsatiridwa ndi ma seva. Chotsatira, mapulogalamu amayambitsidwa kuchokera kwa wogwiritsa ntchito popanda ufulu wa woyang'anira.
Gitlab-CI idasankhidwa kukhala CI/CD system. Chotsatira chotsatira chidawoneka motere:
Mwamakhalidwe, gitlab-ci.yml imawoneka motere:
---
variables:
# минимальная версия ЦПУ на серверах, где разворачивается кластер
CMAKE_CPUTYPE: "westmere"
DEBIAN: "MYREGISTRY:5000/debian:latest"
before_script:
- eval $(ssh-agent -s)
- ssh-add <(echo "$SSH_PRIVATE_KEY")
- mkdir -p ~/.ssh && echo -e "Host *ntStrictHostKeyChecking nonn" > ~/.ssh/config
stages:
- build
- testing
- deploy
debug.debian:
stage: build
image: $DEBIAN
script:
- cd builds/release && ./build.sh
paths:
- bin/
- builds/release/bin/
when: always
release.debian:
stage: build
image: $DEBIAN
script:
- cd builds/release && ./build.sh
paths:
- bin/
- builds/release/bin/
when: always
## testing stage
tests.codestyle:
stage: testing
image: $DEBIAN
dependencies:
- release.debian
script:
- /bin/bash run_tests.sh -t codestyle -b "${CI_COMMIT_REF_NAME}_codestyle"
tests.debug.debian:
stage: testing
image: $DEBIAN
dependencies:
- debug.debian
script:
- /bin/bash run_tests.sh -e codestyle/test_pylint.py -b "${CI_COMMIT_REF_NAME}_debian_debug"
artifacts:
paths:
- run_tests/username/
when: always
expire_in: 1 week
tests.release.debian:
stage: testing
image: $DEBIAN
dependencies:
- release.debian
script:
- /bin/bash run_tests.sh -e codestyle/test_pylint.py -b "${CI_COMMIT_REF_NAME}_debian_release"
artifacts:
paths:
- run_tests/username/
when: always
expire_in: 1 week
## staging stage
deploy_staging:
stage: deploy
environment: staging
image: $DEBIAN
dependencies:
- release.debian
script:
- cd scripts/deploy/ &&
python3 createconfig.py -s $CI_ENVIRONMENT_NAME &&
/bin/bash install_venv.sh -d -r ../../requirements.txt &&
python3 prepare_init.d.py &&
python3 deploy.py -s $CI_ENVIRONMENT_NAME
when: manual
Ndikoyenera kudziwa kuti kusonkhana ndi kuyesa kumachitika pa chithunzi chake, kumene ma phukusi onse ofunikira amaikidwa kale ndipo makonda ena amapangidwa.
Ngakhale kuti malemba onsewa mu ntchito ndi osangalatsa mwa njira yakeyake, sindilankhula za iwo; kufotokoza aliyense wa iwo kumatenga nthawi ndipo ichi sichinali cholinga cha nkhaniyi. Ndiloleni ndikuwonetseni kuti gawo lotumizira limakhala ndi mndandanda wamawu oyitanitsa:
- createconfig.py - imapanga fayilo ya settings.ini yokhala ndi zoikamo za zigawo zosiyanasiyana m'madera osiyanasiyana kuti zitumizidwe (Kukonzekera, Kupanga, Kuyesa, ...)
- install_venv.sh - imapanga malo enieni a zigawo za py mu bukhu linalake ndikuzikopera ku ma seva akutali
- ready_init.d.py - amakonza zolemba za magawo oyambira oyambira kutengera template
- deploy.py - imatumiza ndikuyambitsanso zida zatsopano
Nthawi inapita. Gawo lokonzekera lidasinthidwa ndi kupanga ndi kupanga. Thandizo la malonda lawonjezedwa pa kugawa kwinanso (CentOS). Ma seva ena amphamvu a 5 ndi ma seva ena khumi ndi awiri adawonjezedwa. Ndipo zidakhala zovuta kwa opanga ndi oyesa kuyesa ntchito zawo pamalo omwe ali pafupi kwambiri ndi momwe akugwirira ntchito. Panthawiyi zinaonekeratu kuti sikutheka kuchita popanda iye ...
Gawo II
Chifukwa chake, gulu lathu ndi dongosolo lochititsa chidwi la magawo khumi ndi awiri omwe sanafotokozedwe ndi Dockerfiles. Mutha kuyikonza kuti itumizidwe kudera linalake mwambiri. Ntchito yathu ndikuyika gululo pamalo ochitira masewerawa kuti liyesedwe asanatulutsidwe.
Mwachidziwitso, pakhoza kukhala magulu angapo ogwira ntchito nthawi imodzi: kuchuluka kwa ntchito zomwe zatsirizidwa kapena zatsala pang'ono kutha. Mphamvu za ma seva zomwe tili nazo zimatilola kuyendetsa magulu angapo pa seva iliyonse. Gulu lirilonse liyenera kukhala lokhalokha (pasapezeke kuphatikizika kwamadoko, akalozera, ndi zina).
Chinthu chathu chofunika kwambiri ndi nthawi yathu, ndipo tinalibe zambiri.
Poyambira mwachangu, tidasankha Docker Swarm chifukwa cha kuphweka kwake komanso kamangidwe kosinthika. Chinthu choyamba chomwe tidachita ndikupanga manejala ndi ma node angapo pamaseva akutali:
$ docker node ls
ID HOSTNAME STATUS AVAILABILITY MANAGER STATUS ENGINE VERSION
kilqc94pi2upzvabttikrfr5d nop-test-1 Ready Active 19.03.2
jilwe56pl2zvabupryuosdj78 nop-test-2 Ready Active 19.03.2
j5a4yz1kr2xke6b1ohoqlnbq5 * nop-test-3 Ready Active Leader 19.03.2
Kenako, tinapanga network:
$ docker network create --driver overlay --subnet 10.10.10.0/24 nw_swarm
Kenako, tidalumikiza node za Gitlab-CI ndi Swarm potengera kuwongolera kwakutali kwa node kuchokera ku CI: kukhazikitsa ziphaso, kukhazikitsa zosintha zachinsinsi, ndikukhazikitsanso ntchito ya Docker pa seva yoyang'anira. Ic idatipulumutsa nthawi yambiri.
Kenaka, tinawonjezera ntchito zopanga ndi kuwononga stack mu .gitlab-ci .yml.
Ntchito zina zingapo zawonjezedwa ku .gitlab-ci .yml
## staging stage
deploy_staging:
stage: testing
before_script:
- echo "override global 'before_script'"
image: "REGISTRY:5000/docker:latest"
environment: staging
dependencies: []
variables:
DOCKER_CERT_PATH: "/certs"
DOCKER_HOST: tcp://10.50.173.107:2376
DOCKER_TLS_VERIFY: 1
CI_BIN_DEPENDENCIES_JOB: "release.centos.7"
script:
- mkdir -p $DOCKER_CERT_PATH
- echo "$TLSCACERT" > $DOCKER_CERT_PATH/ca.pem
- echo "$TLSCERT" > $DOCKER_CERT_PATH/cert.pem
- echo "$TLSKEY" > $DOCKER_CERT_PATH/key.pem
- docker stack deploy -c docker-compose.yml ${CI_ENVIRONMENT_NAME}_${CI_COMMIT_REF_NAME} --with-registry-auth
- rm -rf $DOCKER_CERT_PATH
when: manual
## stop staging stage
stop_staging:
stage: testing
before_script:
- echo "override global 'before_script'"
image: "REGISTRY:5000/docker:latest"
environment: staging
dependencies: []
variables:
DOCKER_CERT_PATH: "/certs"
DOCKER_HOST: tcp://10.50.173.107:2376
DOCKER_TLS_VERIFY: 1
script:
- mkdir -p $DOCKER_CERT_PATH
- echo "$TLSCACERT" > $DOCKER_CERT_PATH/ca.pem
- echo "$TLSCERT" > $DOCKER_CERT_PATH/cert.pem
- echo "$TLSKEY" > $DOCKER_CERT_PATH/key.pem
- docker stack rm ${CI_ENVIRONMENT_NAME}_${CI_COMMIT_REF_NAME}
# TODO: need check that stopped
when: manual
Kuchokera pamakina omwe ali pamwambapa zikuwonekeratu kuti mabatani awiri awonjezedwa ku Mapaipi (deploy_staging, stop_staging) omwe amafunikira kuchitapo kanthu pamanja.
Dzina la stack limagwirizana ndi dzina la nthambi ndipo kusiyanitsa kumeneku kuyenera kukhala kokwanira. Ntchito zomwe zili mu stack zimalandila ma adilesi apadera a IP, ndi madoko, zolemba, ndi zina. adzakhala olekanitsidwa, koma chimodzimodzi kuchokera ku stack kupita ku stack (popeza fayilo yosinthira ndi yofanana pamagulu onse) - ndizomwe tinkafuna. Timayika stack (masango) pogwiritsa ntchito makina oyimba.yml, lomwe limafotokoza gulu lathu.
makina oyimba.yml
---
version: '3'
services:
userprop:
image: redis:alpine
deploy:
replicas: 1
placement:
constraints: [node.id == kilqc94pi2upzvabttikrfr5d]
restart_policy:
condition: none
networks:
nw_swarm:
celery_bcd:
image: redis:alpine
deploy:
replicas: 1
placement:
constraints: [node.id == kilqc94pi2upzvabttikrfr5d]
restart_policy:
condition: none
networks:
nw_swarm:
schedulerdb:
image: mariadb:latest
environment:
MYSQL_ALLOW_EMPTY_PASSWORD: 'yes'
MYSQL_DATABASE: schedulerdb
MYSQL_USER: ****
MYSQL_PASSWORD: ****
command: ['--character-set-server=utf8mb4', '--collation-server=utf8mb4_unicode_ci', '--explicit_defaults_for_timestamp=1']
deploy:
replicas: 1
placement:
constraints: [node.id == kilqc94pi2upzvabttikrfr5d]
restart_policy:
condition: none
networks:
nw_swarm:
celerydb:
image: mariadb:latest
environment:
MYSQL_ALLOW_EMPTY_PASSWORD: 'yes'
MYSQL_DATABASE: celerydb
MYSQL_USER: ****
MYSQL_PASSWORD: ****
deploy:
replicas: 1
placement:
constraints: [node.id == kilqc94pi2upzvabttikrfr5d]
restart_policy:
condition: none
networks:
nw_swarm:
cluster:
image: $CENTOS7
environment:
- CENTOS
- CI_ENVIRONMENT_NAME
- CI_API_V4_URL
- CI_REPOSITORY_URL
- CI_PROJECT_ID
- CI_PROJECT_URL
- CI_PROJECT_PATH
- CI_PROJECT_NAME
- CI_COMMIT_REF_NAME
- CI_BIN_DEPENDENCIES_JOB
command: >
sudo -u myusername -H /bin/bash -c ". /etc/profile &&
mkdir -p /storage1/$CI_COMMIT_REF_NAME/$CI_PROJECT_NAME &&
cd /storage1/$CI_COMMIT_REF_NAME/$CI_PROJECT_NAME &&
git clone -b $CI_COMMIT_REF_NAME $CI_REPOSITORY_URL . &&
curl $CI_API_V4_URL/projects/$CI_PROJECT_ID/jobs/artifacts/$CI_COMMIT_REF_NAME/download?job=$CI_BIN_DEPENDENCIES_JOB -o artifacts.zip &&
unzip artifacts.zip ;
cd /storage1/$CI_COMMIT_REF_NAME/$CI_PROJECT_NAME/scripts/deploy/ &&
python3 createconfig.py -s $CI_ENVIRONMENT_NAME &&
/bin/bash install_venv.sh -d -r ../../requirements.txt &&
python3 prepare_init.d.py &&
python3 deploy.py -s $CI_ENVIRONMENT_NAME"
deploy:
replicas: 1
placement:
constraints: [node.id == kilqc94pi2upzvabttikrfr5d]
restart_policy:
condition: none
tty: true
stdin_open: true
networks:
nw_swarm:
networks:
nw_swarm:
external: true
Apa mutha kuwona kuti zigawozo zimalumikizidwa ndi netiweki imodzi (nw_swarm) ndipo zimatha kupezeka wina ndi mnzake.
Zigawo zamakina (zotengera redis, mysql) zimasiyanitsidwa ndi dziwe lambiri la zigawo zachikhalidwe (mu mapulani, zida zachikhalidwe zimagawidwanso ngati mautumiki). Gawo lotumizira gulu lathu likuwoneka ngati kusamutsa CMD ku chithunzi chathu chimodzi chachikulu chokhazikitsidwa ndipo, mwachidziwikire, sikusiyana kwenikweni ndi kutumizidwa komwe kwafotokozedwa mu Gawo I. Nditsindika kusiyana kwake:
- git clone... - timapeza mafayilo ofunikira kuti tigwiritse ntchito (createconfig.py, install_venv.sh, etc.)
- curl... && tsegulani... - Tsitsani ndikutsegula zinthu zakale (zophatikizidwa)
Pali vuto limodzi lokha lomwe silinadziwikebe: zigawo zomwe zili ndi mawonekedwe a intaneti sizipezeka kuchokera kwa osakatula. Timathetsa vutoli pogwiritsa ntchito reverse proxy, motere:
Mu .gitlab-ci.yml, mutatha kutumiza masango, yonjezerani mzere wogwiritsira ntchito balancer (yomwe, ikadzipereka, imangosintha makonzedwe ake (imapanga mafayilo atsopano a nginx malinga ndi template: /etc/nginx/conf.d /${CI_COMMIT_REF_NAME}.conf) - onani code docker-compose-nginx.yml)
- docker stack deploy -c docker-compose-nginx.yml ${CI_ENVIRONMENT_NAME} --with-registry-auth
docker-compose-nginx.yml
---
version: '3'
services:
nginx:
image: nginx:latest
environment:
CI_COMMIT_REF_NAME: ${CI_COMMIT_REF_NAME}
NGINX_CONFIG: |-
server {
listen 8080;
server_name staging_${CI_COMMIT_REF_NAME}_cluster.dev;
location / {
proxy_pass http://staging_${CI_COMMIT_REF_NAME}_cluster:8080;
}
}
server {
listen 5555;
server_name staging_${CI_COMMIT_REF_NAME}_cluster.dev;
location / {
proxy_pass http://staging_${CI_COMMIT_REF_NAME}_cluster:5555;
}
}
volumes:
- /tmp/staging/nginx:/etc/nginx/conf.d
command:
/bin/bash -c "echo -e "$$NGINX_CONFIG" > /etc/nginx/conf.d/${CI_COMMIT_REF_NAME}.conf;
nginx -g "daemon off;";
/etc/init.d/nginx reload"
ports:
- 8080:8080
- 5555:5555
- 3000:3000
- 443:443
- 80:80
deploy:
replicas: 1
placement:
constraints: [node.id == kilqc94pi2upzvabttikrfr5d]
restart_policy:
condition: none
networks:
nw_swarm:
networks:
nw_swarm:
external: true
Pa makompyuta opanga mapulogalamu, sinthani /etc/hosts; ikani ulalo ku nginx:
10.50.173.106 staging_BRANCH-1831_cluster.dev
Chifukwa chake, kutumizidwa kwamagulu odzipatula kwakhazikitsidwa ndipo opanga tsopano atha kuwayambitsa mumtundu uliwonse wokwanira kuyesa ntchito zawo.
Zolinga zamtsogolo:
- Siyanitsani zigawo zathu ngati ntchito
- Pangani Dockerfile iliyonse
- Zindikirani zokha ma node osadzaza mu stack
- Tchulani mfundo pogwiritsa ntchito template ya dzina (m'malo mogwiritsa ntchito id monga momwe zilili m'nkhaniyo)
- Onjezani cheke kuti stack yawonongeka
- ...
Mwapadera zikomo .
Source: www.habr.com