您好,登錄后才能下訂單哦!
這篇文章主要介紹“Drone怎么在kubernetes環(huán)境下打包并部署”,在日常操作中,相信很多人在Drone怎么在kubernetes環(huán)境下打包并部署問(wèn)題上存在疑惑,小編查閱了各式資料,整理出簡(jiǎn)單好用的操作方法,希望對(duì)大家解答”Drone怎么在kubernetes環(huán)境下打包并部署”的疑惑有所幫助!接下來(lái),請(qǐng)跟著小編一起來(lái)學(xué)習(xí)吧!
1. drone是一款使用 Go 開發(fā)的開源的 CI 自動(dòng)構(gòu)建平臺(tái)。原生 Docker 支持,kubernetes也是支持的。drone比argo, tekton更快,更簡(jiǎn)單,比jenkins更輕量化。drone云原生概念+1,做了很多事不用考慮+1,gitlab/github能看到構(gòu)建結(jié)果+1
環(huán)境:kubernetes 1.18+, helm3 參考官方
https://github.com/drone/charts
https://docs.drone.io/server/provider/gitlab/
創(chuàng)建namespace, 添加倉(cāng)庫(kù)
kubectl create ns drone helm repo add drone https://charts.drone.io helm repo update
在gitlab中創(chuàng)建一個(gè)OAuth應(yīng)用。Redirect URI是drone的地址并加一個(gè)/login,授權(quán)兩個(gè)api, read_user
增加一個(gè)文件drone-server-overrides.yaml
。這里使用的traefik。需要一個(gè)數(shù)據(jù)庫(kù)鏈接,默認(rèn)使用的sqllite,本例使用postgres
image: tag: 1.10.1 ingress: enabled: true annotations: traefik.ingress.kubernetes.io/router.tls: "true" traefik.ingress.kubernetes.io/router.entrypoints: websecure traefik.ingress.kubernetes.io/router.tls.certresolver: aliyun traefik.ingress.kubernetes.io/router.tls.domains.0.main: drone.your_domain.com hosts: - host: drone.your_domain.com paths: - "/" env: DRONE_SERVER_HOST: drone.your_domain.com:31000 DRONE_SERVER_PROTO: https # 更新已存在并關(guān)連的gitlab帳號(hào)為admin權(quán)限,需要重啟pod,參考https://docs.drone.io/server/user/admin/ DRONE_USER_CREATE: username:your_gitlab_username,admin:true # 通過(guò)openssl rand -hex 16生成一個(gè) DRONE_RPC_SECRET: c7a536a3af5e2809f3d0d34a71a13302 DRONE_GITLAB_CLIENT_ID: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx DRONE_GITLAB_CLIENT_SECRET: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx DRONE_GITLAB_SERVER: https://your_gitlab_url # oauth會(huì)驗(yàn)證gitlab證書,如果驗(yàn)證不過(guò),需要打開 #DRONE_GITLAB_SKIP_VERIFY: true DRONE_DATABASE_DRIVER: postgres DRONE_DATABASE_DATASOURCE: postgres://postgres:password@192.168.1.10:5433/drone?sslmode=disable persistentVolume: enabled: false
創(chuàng)建drone server
helm install --namespace drone \ server \ drone/drone \ -f drone-server-overrides.yaml
創(chuàng)建runner文件drone-runner-kube-values.yaml
image: tag: latest rbac: buildNamespaces: - drone env: # 同server的kubernetes service名稱 DRONE_RPC_HOST: server-drone DRONE_RPC_SECRET: c7a536a3af5e2809f3d0d34a71a13302 DRONE_NAMESPACE_DEFAULT: drone
運(yùn)行runner
helm install --namespace drone \ drone-runner-kube \ drone/drone-runner-kube \ -f drone-runner-kube-values.yaml
查看pod是否跑起來(lái)了
$ kubectl get pods -n drone NAME READY STATUS RESTARTS AGE drone-runner-kube-6554c9df64-2znff 1/1 Running 0 3h26m server-drone-647875c9f-t5bfx 1/1 Running 0 3h31m
解析域名并訪問(wèn)導(dǎo)出的Ingress。第一次訪問(wèn)會(huì)跳轉(zhuǎn)到gitlab,要求授權(quán)
在項(xiàng)目下創(chuàng)建.drone.yml
。drone docker插件參考
kind: pipeline type: kubernetes name: default steps: - name: 編譯&構(gòu)建鏡像 image: plugins/docker # 掛載主機(jī)的docker volumes: - name: docker path: /var/run/docker.sock settings: repo: registry.your_registry.com:31000/your_project/test-ci registry: registry.your_registry.com:31000 mirror: https://hub-mirror.c.163.com username: username password: password # 更多變量參考https://docs.drone.io/pipeline/environment/reference/ tags: - ${DRONE_TAG=latest} - build-${DRONE_BUILD_NUMBER} - name: 部署到k8s image: jeessy/dron8s:0.4.0 settings: yaml: ./deployment-test.yaml image_addr: registry.your_registry.com:31000/your_project/${DRONE_REPO_NAME}:build-${DRONE_BUILD_NUMBER}
11.1 deployment-test.yaml
apiVersion: v1 kind: Namespace metadata: name: {{.repo_namespace}} --- apiVersion: apps/v1 kind: Deployment metadata: name: {{.repo_name}} namespace: {{.repo_namespace}} spec: selector: matchLabels: app: {{.repo_name}} replicas: 1 template: metadata: labels: app: {{.repo_name}} spec: imagePullSecrets: - name: harbor-registry-secret containers: - name: {{.repo_name}} image: {{.image_addr}} ports: - containerPort: 80 --- apiVersion: v1 kind: Service metadata: name: {{.repo_name}}-svc namespace: {{.repo_namespace}} spec: selector: app: {{.repo_name}} ports: - protocol: TCP port: 80 targetPort: 80 --- # 私有倉(cāng)庫(kù) apiVersion: v1 kind: Secret metadata: name: harbor-registry-secret namespace: {{.repo_namespace}} type: kubernetes.io/dockerconfigjson data: .dockerconfigjson: xxxxx
說(shuō)明:部署到k8s可以使用pelotech/drone-helm3
或jeessy/dron8s
。兩個(gè)插件本人都提交過(guò)代碼。根據(jù)情況使用,helm配置更復(fù)雜,個(gè)人推介使用dron8s,可使用集群中使用,無(wú)需在drone中添加kube_token https://github.com/bh90210/dron8s#in-cluster-use
pelotech/drone-helm3
是連接helm和kubernetes的一個(gè)插件。通過(guò)它就可以把項(xiàng)目下的helm自動(dòng)部到kubernetes中。參考官方
使用helm create test-ci
創(chuàng)建helm項(xiàng)目,并放到項(xiàng)目下。根據(jù)實(shí)際情況修改templates
文件夾下的模板。參考官方教程
圖為運(yùn)行后效果
到此,關(guān)于“Drone怎么在kubernetes環(huán)境下打包并部署”的學(xué)習(xí)就結(jié)束了,希望能夠解決大家的疑惑。理論與實(shí)踐的搭配能更好的幫助大家學(xué)習(xí),快去試試吧!若想繼續(xù)學(xué)習(xí)更多相關(guān)知識(shí),請(qǐng)繼續(xù)關(guān)注億速云網(wǎng)站,小編會(huì)繼續(xù)努力為大家?guī)?lái)更多實(shí)用的文章!
免責(zé)聲明:本站發(fā)布的內(nèi)容(圖片、視頻和文字)以原創(chuàng)、轉(zhuǎn)載和分享為主,文章觀點(diǎn)不代表本網(wǎng)站立場(chǎng),如果涉及侵權(quán)請(qǐng)聯(lián)系站長(zhǎng)郵箱:is@yisu.com進(jìn)行舉報(bào),并提供相關(guān)證據(jù),一經(jīng)查實(shí),將立刻刪除涉嫌侵權(quán)內(nèi)容。