Ndabhala iiwebhusayithi zam zokuqala ekupheleni kweminyaka engama-90. Emva phaya kwakulula kakhulu ukuzifaka kucwangco lokusebenza. Bekukho iseva ye-Apache kwi-host host ethile ekwabelwana ngayo, ungangena kule seva nge-FTP ngokubhala into enje ftp://ftp.example.com. Emva koko kufuneka ufake igama lakho kunye negama lokugqitha kwaye ulayishe iifayile kwiseva. Kwakukho amaxesha ahlukeneyo, yonke into yayilula ngoko kunangoku.
Kumashumi amabini eminyaka ukususela ngoko, yonke into itshintshe kakhulu. Iiwebhusayithi ziye zantsonkotha ngakumbi; kufuneka zidityaniswe ngaphambi kokuba zikhutshelwe imveliso. Umncedisi omnye waba ziiseva ezininzi ezisebenza ngasemva kwezilinganisi zomthwalo, kwaye ukusetyenziswa kweenkqubo zolawulo lwenguqulelo kwaba yinto eqhelekileyo.
Kwiprojekthi yam yobuqu ndibe noqwalaselo olukhethekileyo. Kwaye bendisazi ukuba ndifuna ukukwazi ukuhambisa indawo kwimveliso ngokwenza isenzo esinye: ikhowudi yokubhala kwisebe. master kwiGitHub. Ukongeza, bendisazi ukuba ukuze ndiqinisekise ukusebenza kwesicelo sam esincinci sewebhu, andifuni kulawula iqela elikhulu le-Kubernetes, okanye ndisebenzise itekhnoloji yeDocker Swarm, okanye ndigcine iiseva ngeepods, iiarhente kunye nazo zonke iintlobo zezinye. izinto ezintsonkothileyo. Ukuze ndifezekise injongo yokwenza umsebenzi ube lula kangangoko kunokwenzeka, kwakufuneka ndiqhelane neCI/CD.
Ukuba uneprojekthi encinci (kule meko, iprojekthi yeNode.js) kwaye ungathanda ukwazi indlela yokwenza ngokuzenzekelayo ukusasazwa kwale projekthi, ngelixa uqinisekisa ukuba oko kugcinwe kwindawo yokugcina kuhambelana ngqo noko kusebenza kwimveliso, ngoko ke cinga ukuba unokuba nomdla kweli nqaku.
Izinto ezifunekayo kuqala
Umfundi weli nqaku kulindeleke ukuba abe nokuqonda okusisiseko komgca womyalelo kunye nokubhala izikripthi zeBash. Ukongeza, uya kufuna iiakhawunti и .
Iinjongo
Andiyi kuthetha ukuba eli nqaku lingabizwa ngokungenamiqathango ngokuthi "isifundo". Oku kungaphezulu koxwebhu apho ndithetha ngento endiyifundileyo kwaye ndichaze inkqubo endifanelayo yokuvavanya kunye nokuthunyelwa kwekhowudi kwimveliso, eyenziwa kwipasi enye ezenzekelayo.
Yiloo nto ke umsebenzi wam wagqiba ekubeni.
Ngekhowudi eposwe kulo naliphi na isebe logcino ngaphandle master, kwenziwa ezi ntshukumo zilandelayo:
- Iprojekthi yokwakha kwiTravis CI iyaqala.
- Zonke iiyunithi, ukudibanisa kunye nokuphela-to-ekupheleni iimvavanyo ziyenziwa.
Kuphela ikhowudi ewela kuyo master, kwenziwa oku kulandelayo:
- Yonke into ekhankanywe ngasentla, kunye...
- Ukwakha umfanekiso weDocker ngokusekelwe kwikhowudi yangoku, useto kunye nokusingqongileyo.
- Ukuthumela umfanekiso kwi-Docker Hub.
- Uqhagamshelwano kwiseva yemveliso.
- Ukulayisha umfanekiso osuka kwi-Docker Hub ukuya kwiseva.
- Ukumisa i-container yangoku kwaye uqale entsha ngokusekelwe kumfanekiso omtsha.
Ukuba awazi nto kwaphela malunga neDocker, imifanekiso kunye nezikhongozeli, ungakhathazeki. Ndiza kukuxelela konke ngayo.
Yintoni i-CI/CD?
Isishunqulelo esithi CI/CD simela “uhlanganiso oluqhubekayo/nokusasazwa ngokuqhubekayo.”
▍Ukuhlanganiswa okuqhubekayo
Udibaniso oluqhubekayo yinkqubo apho abaphuhlisi benza izibophelelo kwindawo yokugcina ikhowudi yomthombo weprojekthi (ngokuqhelekileyo isebe master). Ngexesha elifanayo, umgangatho wekhowudi uqinisekiswa ngovavanyo oluzenzekelayo.
▍Ukusasazwa ngokuqhubekayo
Ukusasazwa ngokuqhubekayo kukuhanjiswa rhoqo, ngokuzenzekelayo kwekhowudi kwimveliso. Inxalenye yesibini ye-CI/CD acronym ngamanye amaxesha ichazwa ngokuthi "ukuhanjiswa okuqhubekayo." Oku ngokusisiseko kuyafana “nokusasazwa ngokuqhubekayo”, kodwa “unikezelo oluqhubekayo” luthetha imfuneko yokuqinisekisa iinguqu ngesandla phambi kokuqala inkqubo yokusasazwa kweprojekthi.
Qalisa
I-app endandiyisebenzisa ukufunda yonke le nto ibizwa ngokuba . Le yiprojekthi yewebhu endisebenza kuyo, eyilelwe ukuthatha amanqaku. Ekuqaleni ndazama ukwenza -iprojekthi, okanye isicelo sokuphela kwangaphambili ngaphandle komncedisi, ukuze kuthathwe ithuba lokubamba okusemgangathweni kunye neprojekthi yokusasazwa kwezakhono ezinikezelayo. . Njengoko ubunzima besicelo bukhula, kwafuneka ndenze inxalenye yeseva yayo, oko kwakuthetha ukuba kuya kufuneka ndenze isicwangciso sam sokudibanisa okuzenzekelayo kunye nokuthunyelwa kweprojekthi ngokuzenzekelayo.
Kwimeko yam, isicelo ngumncedisi we-Express osebenza kwindawo ye-Node.js, ekhonza iphepha elinye le-React application kunye nokuxhasa i-API ekhuselekileyo ye-server-side. Olu lwakhiwo lulandela isicwangciso esinokufunyanwa kuyo Isikhokelo sokungqinisisa isitaki esipheleleyo.
Ndabonisana naye , oyingcaphephe kwi-automation, kwaye ndambuza into ekufuneka ndiyenzile ukuze yonke into isebenze ngendlela endifuna ngayo. Undinike umbono wokuba kufuneka kujongeke njani ukuhamba komsebenzi okuzenzekelayo, okuchazwe kwicandelo leeNjongo zeli nqaku. Ukuba nezi njongo kuthetha ukuba kufuneka ndibone indlela yokusebenzisa iDocker.
Docker
I-Docker sisixhobo esithi, ngenxa yetekhnoloji ye-containerization, ivumela ukuba izicelo zisasazwe ngokulula, zihanjiswe kwaye ziqhutywe kwindawo efanayo, nokuba iqonga le-Docker ngokwayo liqhuba kwiindawo ezahlukeneyo. Okokuqala, bekufuneka ndibeke izandla zam kwisixhobo somyalelo weDocker (CLI). Isikhokelo sokufakela iDocker asinakubizwa ngokuba sicace kakhulu kwaye siyaqondakala, kodwa kuyo unokufunda ukuba ukuze uthathe inyathelo lokuqala lokufakela, kufuneka ukhuphele iDocker Desktop (yeMac okanye iWindows).
I-Docker Hub iphantse yafana nayo yegit yokugcina, okanye irejistri yeepakethe zeJavaScript. Le yindawo yokugcina kwi-intanethi yemifanekiso yeDocker. Yile nto iDocker Desktop iqhagamshela kuyo.
Ke, ukuze uqalise ngeDocker, kufuneka wenze izinto ezimbini:
- Faka ifayile .
- Bhalisa kwi .
Emva koku, unokujonga ukuba iDocker CLI iyasebenza ngokusebenzisa lo myalelo ulandelayo ukujonga inguqulelo yeDocker:
docker -vOkulandelayo, ngena kwi-Docker Hub ngokufaka igama lakho lomsebenzisi kunye negama lokugqitha xa ubuzwa:
docker loginUkusebenzisa iDocker, kuya kufuneka uqonde iikhonsepthi zemifanekiso kunye nezikhongozeli.
▍Imifanekiso
Umfanekiso yinto efana neplani equlethe imiyalelo yokudibanisa isikhongozeli. Lo ngumfanekiso okhawulezayo wenkqubo yefayile yesicelo kunye nezicwangciso. Abaphuhlisi banokwabelana ngokulula ngemifanekiso.
# Вывод сведений обо всех образах
docker imagesLo myalelo uya kukhupha itafile enesihloko esilandelayo:
REPOSITORY TAG IMAGE ID CREATED SIZE
---Okulandelayo siza kujonga eminye imizekelo yemiyalelo ekwifomathi efanayo - okokuqala kukho umyalelo onoluvo, kwaye emva koko umzekelo wento enokuyikhupha.
▍ Izikhongozeli
Isikhongozeli yimpahla ephunyeziweyo equlethe yonke into efunekayo ukuqhuba usetyenziso. Isicelo esinale ndlela siya kuhlala sisebenza ngokufanayo, kungakhathaliseki ukuba sisiphi isiseko: kwindawo esecaleni nakwimeko efanayo. Ingongoma kukuba imizekelo yomfanekiso ofanayo iqaliswa kwiindawo ezahlukeneyo.
# Перечисление всех контейнеров
docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
---▍ Iithegi
Ithegi luphawu loguqulelo oluthile lomfanekiso.
▍Ireferensi ekhawulezayo kwimiyalelo yeDocker
Nantsi isishwankathelo semiyalelo yeDocker esetyenziswa ngokuqhelekileyo.
Iqela
Umxholo
Intshukumo
Umfanekiso
Ukwakha umfanekiso kwiDockerfile
Umfanekiso
Ukuthegiswa komfanekiso
Umfanekiso
Ukudwelisa imifanekiso
Isikhongozelo
Ukuqhuba isikhongozeli esekwe kumfanekiso
Umfanekiso
Ukulayisha umfanekiso kwirejista
Umfanekiso
Ilayisha umfanekiso kwirejista
Isikhongozelo
Uluhlu lwezikhongozeli
Umfanekiso/Isikhongozeli
Ukususa iziqulathi ezingasetyenziswanga kunye nemifanekiso
▍Dockerfile
Ndiyayazi indlela yokuqhuba isicelo semveliso ekuhlaleni. Ndine-Webpack yoqwalaselo eyilelwe ukwakha iReact esele yenziwe isicelo. Okulandelayo, ndinomyalelo oqala iseva esekwe kwiNode.js kwizibuko 5000. Ijongeka ngolu hlobo:
npm i # установка зависимостей
npm run build # сборка React-приложения
npm run start # запуск Node-сервераKufuneka kuqatshelwe ukuba andinayo umzekelo wesicelo sale nto. Kodwa apha, kuvavanyo, nasiphi na isicelo esilula seNode siya kwenza.
Ukuze usebenzise isikhongozeli, kuya kufuneka unike imiyalelo kwiDocker. Oku kwenziwa ngefayile ebizwa Dockerfile, ibekwe kulawulo lweengcambu zeprojekthi. Le fayile, ekuqaleni, ibonakala ingaqondakali.
Kodwa oko iqulethe kuchaza kuphela, kunye nemiyalelo ekhethekileyo, into efana nokumisela indawo yokusebenza. Nantsi eminye yale miyalelo:
- — Lo myalelo uqalisa ifayile. Ichaza umfanekiso osisiseko apho isikhongozeli sakhiwe khona.
- — Ukukhuphela iifayile kumthombo wasekuhlaleni kwisikhongozeli.
- — Ukuseta uluhlu olusebenzayo lwemiyalelo elandelayo.
- - Baleka imiyalelo.
- — Useto lwezibuko.
- — Isalathiso somyalelo oza kuphunyezwa.
Dockerfile inokujongeka ngolu hlobo:
# Загрузить базовый образ
FROM node:12-alpine
# Скопировать файлы из текущей директории в директорию app/
COPY . app/
# Использовать app/ в роли рабочей директории
WORKDIR app/
# Установить зависимости (команда npm ci похожа npm i, но используется для автоматизированных сборок)
RUN npm ci --only-production
# Собрать клиентское React-приложение для продакшна
RUN npm run build
# Прослушивать указанный порт
EXPOSE 5000
# Запустить Node-сервер
ENTRYPOINT npm run startNgokuxhomekeke kumfanekiso wesiseko owukhethayo, unokufuna ukufaka ukuxhomekeka okongeziweyo. Inyani kukuba eminye imifanekiso esisiseko (njengeNode Alpine Linux) yenziwe ngenjongo yokuyenza icwecwe kangangoko kunokwenzeka. Ngenxa yoko, basenokungabi nazo ezinye iinkqubo ozilindeleyo.
▍Ukwakha, ukubeka ithegi kunye nokuqhuba isikhongozeli
Indibano yendawo kunye nokuqaliswa kwesikhongozeli emva kokuba siye Dockerfile, imisebenzi ilula kakhulu. Ngaphambi kokuba utyhale umfanekiso kwi-Docker Hub, kufuneka uwuvavanye ekuhlaleni.
▍Indibano
Okokuqala kufuneka uqokelele , ichaza igama kwaye, ngokuzikhethela, ithegi (ukuba ithegi ayichazwanga, inkqubo iya kwabela ngokuzenzekelayo ithegi emfanekisweni. latest).
# Сборка образа
docker build -t <image>:<tag> .Emva kokuqhuba lo myalelo, unokubukela iDocker isenza umfanekiso.
Sending build context to Docker daemon 2.88MB
Step 1/9 : FROM node:12-alpine
---> ...выполнение этапов сборки...
Successfully built 123456789123
Successfully tagged <image>:<tag>
Ulwakhiwo lungathatha imizuzu embalwa - konke kuxhomekeke ekubeni bangaphi abantu abaxhomekeke kuwe. Nje ukuba ukwakhiwa kugqityiwe, unokuqhuba umyalelo docker images kwaye ujonge inkcazo yomfanekiso wakho omtsha.
REPOSITORY TAG IMAGE ID CREATED SIZE
<image> latest 123456789123 About a minute ago x.xxGB▍Qalisa
Umfanekiso wenziwa. Oku kuthetha ukuba ungaqhuba isikhongozeli esekwe kuso. Kuba ndifuna ukukwazi ukufikelela kwisicelo esisebenza kwisikhongozeli localhost:5000, mna, kwicala lasekhohlo lesi sibini 5000:5000 kumyalelo olandelayo ofakiweyo 5000. Kwicala lasekunene yi-container port.
# Запуск с использованием локального порта 5000 и порта контейнера 5000
docker run -p 5000:5000 <image>:<tag>
Ngoku ukuba isikhongozeli senziwe kwaye sisebenza, ungasebenzisa umyalelo docker ps ukujonga ulwazi malunga nesi sikhongozeli (okanye ungasebenzisa umyalelo docker ps -a, ebonisa ulwazi malunga nazo zonke izikhongozeli, hayi nje eziqhubayo).
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
987654321234 <image> "/bin/sh -c 'npm run…" 6 seconds ago Up 6 seconds 0.0.0.0:5000->5000/tcp stoic_darwin
Ukuba ngoku uye kwidilesi localhost:5000 — ungabona iphepha lesicelo esisebenzayo elijongeka ngokufanayo nephepha lesicelo esisebenza kwindawo yemveliso.
▍Ukuthega nokupapasha
Ukuze sisebenzise enye yemifanekiso eyenziweyo kwi-server yokuvelisa, kufuneka sikwazi ukukhuphela lo mfanekiso kwi-Docker Hub. Oku kuthetha ukuba kufuneka kuqala wenze indawo yokugcina iprojekthi kwiDocker Hub. Emva koku, siya kuba nendawo apho sinokuthumela khona umfanekiso. Umfanekiso kufuneka unikwe elinye igama ukuze igama lawo liqale ngegama lethu lomsebenzisi le-Docker Hub. Oku kufuneka kulandelwe ligama lendawo yokugcina. Nayiphi ithegi inokubekwa ekupheleni kwegama. Ngezantsi umzekelo wokubiza imifanekiso usebenzisa olu cwangciso.
Ngoku unokwakha umfanekiso ngegama elitsha kwaye usebenzise umyalelo docker push ukuyityhala kwindawo yokugcina i-Docker Hub.
docker build -t <username>/<repository>:<tag> .
docker tag <username>/<repository>:<tag> <username>/<repository>:latest
docker push <username>/<repository>:<tag>
# На практике это может выглядеть, например, так:
docker build -t user/app:v1.0.0 .
docker tag user/app:v1.0.0 user/app:latest
docker push user/app:v1.0.0Ukuba yonke into ihamba kakuhle, umfanekiso uya kufumaneka kwi-Docker Hub kwaye unokulayishwa ngokulula kwiseva okanye udluliselwe kwabanye abaphuhlisi.
Amanyathelo alandelayo
Ukuza kuthi ga ngoku siye saqinisekisa ukuba isicelo, sikwimo yesikhongozeli seDocker, sisebenza ekuhlaleni. Sifake isitya kwiDocker Hub. Konke oku kuthetha ukuba sele senze inkqubela entle kakhulu kwinjongo yethu. Ngoku kufuneka siphendule imibuzo emibini engakumbi:
- Ukumisela isixhobo seCI sokuvavanya kunye nokuthunyelwa kwekhowudi.
- Ukumisela iseva yemveliso ukuze ikhuphe kwaye iqhube ikhowudi yethu.
Kwimeko yethu, sisebenzisa . Njengomncedisi - .
Kufuneka kuqatshelwe ukuba apha ungasebenzisa enye indibaniselwano yeenkonzo. Ngokomzekelo, endaweni yeTravis CI, ungasebenzisa i-CircleCI okanye i-Github Actions. Kwaye endaweni yeDigitalOcean-AWS okanye iLinode.
Sagqiba ekubeni sisebenze kunye neTravis CI, kwaye sele ndinento elungiselelwe kule nkonzo. Ngoko ke, ngoku ndiza kuthetha ngokufutshane malunga nendlela yokuyilungiselela umsebenzi.
UTravis CI
I-Travis CI sisixhobo sokuvavanya kunye nokuthunyelwa kwekhowudi. Andiyi kuthanda ukungena kwiingxaki zokumisela iTravis CI, ekubeni iprojekthi nganye iyingqayizivele, kwaye oku akuyi kuzisa inzuzo enkulu. Kodwa ndiza kugubungela iziseko ukuze uqalise ukuba uthatha isigqibo sokusebenzisa iTravis CI. Nokuba ukhetha iTravis CI, iCircleCI, iJenkins, okanye enye into, iindlela ezifanayo zoqwalaselo ziya kusetyenziswa kuyo yonke indawo.
Ukuqalisa ngeTravis CI, yiya ku kwaye wenze i-akhawunti. Emva koko udibanise iTravis CI kunye neakhawunti yakho yeGitHub. Xa ucwangcisa inkqubo, kuya kufuneka ukhankanye indawo yokugcina apho ufuna ukwenza umsebenzi ngokuzenzekelayo kwaye uvule ukufikelela kuyo. (Ndisebenzisa iGitHub, kodwa ndiqinisekile ukuba iTravis CI inokudibanisa neBitBucket, kunye neGitLab, kunye nezinye iinkonzo ezifanayo).
Ngalo lonke ixesha i-Travis CI iqaliswa, umncedisi uqaliswa, uphumeza imiyalelo echazwe kwifayile yoqwalaselo, kubandakanywa nokuhambisa amasebe ahambelanayo ogcino.
▍Umjikelo wobomi bomsebenzi
Travis CI ifayile yoqwalaselo ebizwa .travis.yml kwaye igcinwe kulawulo lweengcambu zeprojekthi, ixhasa umba weziganeko imisebenzi. Ezi ziganeko zidweliswe ngolandelelwano ezenzeka ngalo:
apt addonscache componentsbefore_installinstallbefore_scriptscriptbefore_cacheafter_success или after_failurebefore_deploydeployafter_deployafter_script
▍Uvavanyo
Kwifayile yoqwalaselo ndiza kuqwalasela iseva yeTravis CI yendawo. Ndikhethe iNode ye-12 njengolwimi kwaye ndaxelela inkqubo ukuba ifake ukuxhomekeka okufunekayo ukusebenzisa iDocker.
Yonke into edweliswe kuyo .travis.yml, iya kuphunyezwa xa zonke izicelo zokutsalwa zenziwe kuwo onke amasebe ovimba, ngaphandle kokuba kuchazwe ngenye indlela. Eli lilungu eliluncedo kuba lithetha ukuba sinokuvavanya yonke ikhowudi ezayo kwindawo yokugcina. Oku kukwazisa ukuba ikhowudi ikulungele na ukubhalela isebe. master, kwaye ingaba iya kwaphula inkqubo yokwakha iprojekthi. Kolu lungelelwaniso lwehlabathi, ndifaka yonke into endaweni, sebenzisa iseva yeWebpack dev ngasemva (oku luphawu lokuhamba kwam), kwaye qhuba iimvavanyo.
Ukuba ufuna ukuba indawo yakho yokugcina ibonise iibheji ezibonisa ukugqunywa kovavanyo, Unokufumana imiyalelo emifutshane ngokusebenzisa i-Jest, i-Travis CI kunye ne-Coveralls ukuqokelela nokubonisa olu lwazi.
Ke nanku umxholo wefayile .travis.yml:
# Установить язык
language: node_js
# Установить версию Node.js
node_js:
- '12'
services:
# Использовать командную строку Docker
- docker
install:
# Установить зависимости для тестов
- npm ci
before_script:
# Запустить сервер и клиент для тестов
- npm run dev &
script:
# Запустить тесты
- npm run testApha kulapho izenzo ezenziwayo kuwo onke amasebe ovimba kunye nezicelo zokutsalwa ziphela.
▍ Ukusasazwa
Ngokusekelwe kwingcinga yokuba zonke iimvavanyo ezizenzekelayo zigqitywe ngempumelelo, sinako, okukhethwa kukho, ukuhambisa ikhowudi kumncedisi wokuvelisa. Kuba sifuna ukwenza oku kuphela kwikhowudi evela kwisebe master, sinika inkqubo imiyalelo efanelekileyo kwimimiselo yokuthunyelwa. Ngaphambi kokuba uzame ukusebenzisa ikhowudi esiza kuyijonga ngokulandelayo kwiprojekthi yakho, ndingathanda ukukulumkisa ukuba kufuneka ube neskripthi sokwenyani esibizelwe ukuthunyelwa.
deploy:
# Собрать Docker-контейнер и отправить его на Docker Hub
provider: script
script: bash deploy.sh
on:
branch: masterIskripthi sokusasaza sisombulula iingxaki ezimbini:
- Yakha, ithegi kwaye uthumele umfanekiso kwi-Docker Hub usebenzisa isixhobo seCI (kwimeko yethu, iTravis CI).
- Ukulayisha umfanekiso kumncedisi, ukumisa isitya esidala kwaye uqale entsha (kwimeko yethu, umncedisi uqhuba kwi-platform ye-DigitalOcean).
Okokuqala, kufuneka usete inkqubo ezenzekelayo yokwakha, ukumaka, kunye nokutyhala umfanekiso kwi-Docker Hub. Konke oku kufana kakhulu noko sele sikwenzile ngesandla, ngaphandle kokuba sifuna iqhinga lokwabela iithegi ezizodwa kwimifanekiso kunye nokungena okuzenzekelayo. Ndibe nobunzima ngezinye iinkcukacha zeskripthi sokusasazwa, njengesicwangciso sokuthega, ukungena ngemvume, ukufakwa kwekhowudi yesitshixo se-SSH, ukusekwa koqhagamshelwano lwe-SSH. Kodwa ngethamsanqa umfana wam ulunge kakhulu nge-bash, njengezinye izinto ezininzi. Wandinceda ukuba ndibhale lo mbhalo.
Ke, inxalenye yokuqala yeskripthi ifaka umfanekiso kwiDocker Hub. Oku kulula kakhulu ukwenza. Iskimu sokuthegiswa endisisebenzisileyo sibandakanya ukudibanisa i-git hash kunye ne-git tag, ukuba ikhona. Oku kuqinisekisa ukuba ithegi yodwa kwaye yenza kube lula ukuchonga indibano esekelwe kuyo. DOCKER_USERNAME и DOCKER_PASSWORD zizinto eziguquguqukayo zokusingqongileyo ezinokusetwa kusetyenziswa ujongano lweTravis CI. I-Travis CI iya kwenza ngokuzenzekelayo idatha ebuthathaka ukuze ingaweli kwizandla ezingalunganga.
Nali icandelo lokuqala leskripthi deploy.sh.
#!/bin/sh
set -e # Остановить скрипт при наличии ошибок
IMAGE="<username>/<repository>" # Образ Docker
GIT_VERSION=$(git describe --always --abbrev --tags --long) # Git-хэш и теги
# Сборка и тегирование образа
docker build -t ${IMAGE}:${GIT_VERSION} .
docker tag ${IMAGE}:${GIT_VERSION} ${IMAGE}:latest
# Вход в Docker Hub и выгрузка образа
echo "${DOCKER_PASSWORD}" | docker login -u "${DOCKER_USERNAME}" --password-stdin
docker push ${IMAGE}:${GIT_VERSION}
Inxalenye yesibini yeskripthi iya kuba yintoni ixhomekeke ngokupheleleyo kuwuphi umamkeli owusebenzisayo kunye nendlela uqhagamshelo olulungelelaniswe ngayo. Kwimeko yam, ekubeni ndisebenzisa i-Digital Ocean, ndisebenzisa imiyalelo ukuxhuma kumncedisi . Xa usebenza nge-AWS, usetyenziso luya kusetyenziswa aws, kwaye nangokunjalo.
Ukuseta iseva bekungekho nzima kakhulu. Ke, ndiseta i-droplet esekwe kumfanekiso wesiseko. Kufuneka kuqatshelwe ukuba inkqubo endiyikhethileyo ifuna ukufakwa ngesandla kweDocker kunye nokuqaliswa kweDocker ngesandla esisodwa. Ndisebenzise Ubuntu 18.04 ukufaka iDocker, ke ukuba usebenzisa Ubuntu ukwenza okufanayo, unokulandela. isikhokelo esilula.
Andithethi apha malunga nemiyalelo ethile yenkonzo, kuba lo mba unokwahluka kakhulu kwiimeko ezahlukeneyo. Ndiza kunika isicwangciso ngokubanzi sesenzo esiya kwenziwa emva kokuqhagamshela nge-SSH kwiseva apho iprojekthi iya kuthunyelwa khona:
- Kufuneka sifumane inkonkxa esebenzayo ngoku kwaye siyimise.
- Emva koko kufuneka uqalise isikhongozeli esitsha ngasemva.
- Kuya kufuneka usete izibuko lendawo yomncedisi ukuba
80- oku kuya kukuvumela ukuba ufake indawo kwidilesi enjeexample.com, ngaphandle kokuchaza izibuko, kunokusebenzisa idilesi enjeexample.com:5000. - Ekugqibeleni, kufuneka ucime zonke izitya kunye nemifanekiso endala.
Naku ukuqhubeka kwescript.
# Найти ID работающего контейнера
CONTAINER_ID=$(docker ps | grep takenote | cut -d" " -f1)
# Остановить старый контейнер, запустить новый, очистить систему
docker stop ${CONTAINER_ID}
docker run --restart unless-stopped -d -p 80:5000 ${IMAGE}:${GIT_VERSION}
docker system prune -a -fEzinye izinto zokuhoya
Kungenzeka ukuba xa uqhagamshela kumncedisi nge-SSH ukusuka kwiTravis CI, uya kubona isilumkiso esiya kukuthintela ukuba uqhubeke nofakelo njengoko inkqubo iya kulinda impendulo yomsebenzisi.
The authenticity of host '<hostname> (<IP address>)' can't be established.
RSA key fingerprint is <key fingerprint>.
Are you sure you want to continue connecting (yes/no)?
Ndifunde ukuba isitshixo somtya sinokufakwa ngekhowudi kwi-base64 ukuze siyigcine ngendlela esinokusebenza ngayo ngokulula nangokuthembeka. Kwinqanaba lofakelo, unokwenza ikhowudi yesitshixo sikawonke-wonke kwaye uyibhale kwifayile known_hosts ukuze ukhuphe impazamo engentla.
echo <public key> | base64 # выводит <публичный ключ, закодированный в base64>Enyanisweni, lo myalelo unokujongeka ngolu hlobo:
echo "123.45.67.89 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAklOUpkDHrfHY17SbrmTIpNLTGK9Tjom/BWDSU
GPl+nafzlHDTYW7hdI4yZ5ew18JH4JW9jbhUFrviQzM7xlELEVf4h9lFX5QVkbPppSwg0cda3
Pbv7kOdJ/MTyBlWXFCR+HAo3FXRitBqxiX1nKhXpHAZsMciLq8V6RjsNAQwdsdMFvSlVK/7XA
t3FaoJoAsncM1Q9x5+3V0Ww68/eIFmb1zuUFljQJKprrX88XypNDvjYNby6vw/Pb0rwert/En
mZ+AW4OZPnTPI89ZPmVMLuayrD2cE86Z/il8b+gw3r3+1nKatmIkjn2so1d01QraTlMqVSsbx
NrRFi9wrf+M7Q== [email protected]" | base64Kwaye nantsi into eyivelisayo-umtya we-base64 onekhowudi:
MTIzLjQ1LjY3Ljg5IHNzaC1yc2EgQUFBQUIzTnphQzF5YzJFQUFBQUJJd0FBQVFFQWtsT1Vwa0RIcmZIWTE3U2JybVRJcE5MVEdLOVRqb20vQldEU1UKR1BsK25hZnpsSERUWVc3aGRJNHlaNWV3MThKSDRKVzlqYmhVRnJ2aVF6TTd4bEVMRVZmNGg5bEZYNVFWa2JQcHBTd2cwY2RhMwpQYnY3a09kSi9NVHlCbFdYRkNSK0hBbzNGWFJpdEJxeGlYMW5LaFhwSEFac01jaUxxOFY2UmpzTkFRd2RzZE1GdlNsVksvN1hBCnQzRmFvSm9Bc25jTTFROXg1KzNWMFd3NjgvZUlGbWIxenVVRmxqUUpLcHJyWDg4WHlwTkR2allOYnk2dncvUGIwcndlcnQvRW4KbVorQVc0T1pQblRQSTg5WlBtVk1MdWF5ckQyY0U4NlovaWw4YitndzNyMysxbkthdG1Ja2puMnNvMWQwMVFyYVRsTXFWU3NieApOclJGaTl3cmYrTTdRPT0geW91QGV4YW1wbGUuY29tCg==Nanku umyalelo okhankanywe ngasentla
install:
- echo < публичный ключ, закодированный в base64> | base64 -d >> $HOME/.ssh/known_hostsIndlela efanayo inokusetyenziselwa isitshixo sabucala xa useka umdibaniso, kuba unokufuna isitshixo sabucala ukufikelela kumncedisi. Xa usebenza ngesitshixo, kufuneka uqinisekise ukuba igcinwe ngokukhuselekileyo kwindawo eguquguqukayo yeTravis CI kwaye ayiboniswa naphi na.
Enye into ekufuneka uyiqaphele kukuba unokufuna ukusebenzisa iskripthi sonke sokusasazwa njengomgca omnye, umzekelo - nge doctl. Oku kusenokufuna umgudu ongakumbi.
doctl compute ssh <droplet> --ssh-command "все команды будут здесь && здесь"I-TLS/SSL kunye nokuLinganisa koMyilelo
Emva kokuba ndenze yonke into ekhankanywe ngasentla, ingxaki yokugqibela endidibana nayo kukuba umncedisi wayengenayo i-SSL. Kuba ndisebenzisa iseva yeNode.js, ukuze ndinyanzelise reverse proxy Nginx kwaye Masibethele, kufuneka ukhe ucinge kakhulu.
Khange ndifune ukwenza konke oku kucwangciswa kwe-SSL ngesandla, ndiye ndadala isilinganisi somthwalo kwaye ndirekhoda iinkcukacha zayo kwi-DNS. Kwimeko ye-DigitalOcean, umzekelo, ukwenza isiqinisekiso esizityikityayo esizityikityayo kwisilinganisi somthwalo yinkqubo elula, esimahla kwaye ekhawulezayo. Le ndlela inenzuzo eyongeziweyo eyenza kube lula kakhulu ukuseta i-SSL kwiiseva ezininzi ezisebenza ngasemva kwe-balancer yomthwalo xa kuyimfuneko. Oku kuvumela abancedisi ngokwabo ukuba "bangacingi" nge-SSL kwaphela, kodwa kwangaxeshanye basebenzise izibuko njengesiqhelo. 80. Ke ukuseta i-SSL kwisilinganisi somthwalo kulula kakhulu kwaye kulula ngakumbi kunezinye iindlela zokuseta i-SSL.
Ngoku ungavala onke amazibuko kumncedisi owamkela udibaniso olungenayo - ngaphandle kwezibuko 80, esetyenziselwa ukunxibelelana ne-balancer yomthwalo, kunye nezibuko 22 ye-SSH. Ngenxa yoko, inzame yokufikelela ngokuthe ngqo kwiseva nakweyiphi na izibuko ngaphandle kwezi zimbini iya kusilela.
Iziphumo
Emva kokuba ndenze yonke into endiyithethileyo kwesi sixhobo, hayi iqonga leDocker okanye iingqikelelo zamatyathanga e-CI/CD azenzekelayo aphinde andoyike. Ndakwazi ukuseta ikhonkco lokudibanisa eliqhubekayo, apho ikhowudi ivavanywa ngaphambi kokuba ihambe kwimveliso kwaye ikhowudi isetyenziswe ngokuzenzekelayo kumncedisi. Konke oku kusekutsha kum, kwaye ndiqinisekile ukuba kukho iindlela zokuphucula ukuhamba kwam okuzenzekelayo kwaye kusebenze ngakumbi. Ngoko ukuba unazo naziphi na izimvo ngalo mba, nceda undazise. yazi. Ndiyathemba ukuba eli nqaku likuncedile kwiinzame zakho. Ndifuna ukukholelwa ukuba emva kokuyifunda, uye wafunda okuninzi njengoko ndifundile ngelixa ucinga ngayo yonke into endithethe ngayo kuyo.
PS Kwiphepha lethu kukho umfanekiso , enokufakwa ngonqakrazo olunye. Ungajonga ukusebenza kwezikhongozeli kwi . Bonke abathengi abatsha banikwa iintsuku ezi-3 zovavanyo simahla.
Bafundi abathandekayo! Ngaba usebenzisa itekhnoloji yeCI/CD kwiiprojekthi zakho?
umthombo: www.habr.com