Kubernetes CI/CD | GitHub Actions + Argo CD | GitOps
Kirish
Ushbu qo'llanmada biz Kubernetes uchun CI/CD yozamiz. Amaliyotda GitHub, GitHub Actions, GHCR(GitHub Container Registry), GCR(Google Container Registry), Docker, Dockerhub va Argo CD ishlatamiz. Ushbu amaliyot uchun devops-journey (opens in a new tab) loyihasi tanlandi. Shu loyiha manba kodlaridan (opens in a new tab) foydalanib Kubernetes CI/CD yozishni amaliyot qilamiz. Amaliyotimizda CI qismini GitHub Actions orqali CD qismini esa Argo CD orqali amalga oshiramiz. Qani unda sayotimizni boshladik!
Ishni boshlash
Ushbu amaliyot uchun bizga kerak bo'ladi:
- Ishlab turgan Kubernetes cluster
- helm va NGINX Ingress Controller
- Cert-Manager
- Argo CD
- Dockerhub, GCR
Ushbu qo'llanmani yaxshi tushinish uchun quyidagi qo'llanmalarni ko'rib chiqish tavsiya qilinadi!
-
Ishlashga tayyor Kubernetes yaratish uchun: Kubernetes klaster yaratish va sozlash(kubeadm) (opens in a new tab)
-
Cert-Manager uchun: Kubernetesga Cert-Manager o'rnatish va sozlash (opens in a new tab)
-
Argo CD o'rnatish uchun: Kubernetesga Argo CD o'rnatish va sozlash (opens in a new tab)
ESLATMA-> Ushbu amaliyotda biz devops-journey (opens in a new tab) platformasi manba kodlaridan foydalanamiz. Stars(yulduzcha) bosib qo'yish esdan chiqmasin :)
Amaliyotda ishlatilgan devops-journey-k8s (opens in a new tab) va manifests-k8s (opens in a new tab) repositoriyalar.
Amaliyot sturkturasi quyidagicha: Amaliyotda GitHub ishlatamiz va bizda application repositoriyamiz va manifests repositoriyamiz bo'ladi. Manifests repositoriya bu Kubernetes uchun deployment va service .yaml konfiguratsiyalarni o'zida saqlab turadigan repositoriya bo'ladi. Application repositoriyamizda applicationimiz kodlari Dockerfile va GitHub Actions bo'ladi. Application repositoriyamizga GitHub Actions yozamiz, uning ishi main branchda o'zgarish bo'lganda avtomatik ishga tushadi, docker image build qilib, Container Registryga github.sha unique key bilan tag qo'shib push qiladi va manifests repositoriyadagi deployment.yaml konfiguratsiyadagi docker imageni yangilab qo'yadi. Manifests repositoriya esa Argo CDga webhook orqali ulangan bo'ladi, manifests repositoriyada o'zgarish bo'lganida Argo CD avtomatik ishga tushadi.
Qisqa qilib aytganda application repositoriyaga o'zgarish bo'lganida GitHub Actions avtomatik ishga tushib, docker image build qilib, github.sha unique key bilan tag qo'shib Container Registryga push qiladi va keyin Manifest repositoriyadagi docker imageni yangilab qo'yadi, Manifests repositoriyada o'zgarish bo'lganida Argo CD avtomatik ishga tushadi va applicationimizni Kubernetes klasterimizga deploy qiladi.
GitHub Actionsda CI yozish
Amaliyotni birinchi qismni bu Application repositoriyamizga GitHub Actions yozishdir. Birinchi CI actionimiz vazifasi main branchga commit bo'lganida avtomatik ishga tushib, docker image build qilib, github.sha unique tag bilan Docker registryga push qilish vazifalarini bajaradi. Ushbu amaliyotda biz Container Registry sifatida GHCR(GitHub Container Registry), GCR(Google Container Registry) va Dockerhub ishlatamiz va namunalar yozamiz siz o'zingizga qulayini tanlab foydalanasiz. Amaliyotda GHCR GitHub Container Registry ishlatdik lekin boshqa registrylar uchun ham namunalar berib konfiguratsiyalar yozilgan.
GHCR GitHub Conatiner Registry
Keling birinchisiga GHCR GitHub Conatiner Registry bilan ishlaydigan GitHub Actions yozamiz.
GitHub Actions uchun loyihamiz root directoriyasida .github ichida workflows va gitops.yml fayl ochamiz:
GitHub Actions uchun environment qilib olganimizdan keyin gitops.yml ga yamlda GitHub Actions yozamiz.
name: GitOps CI/CD
on:
push:
branches: [ main ]
pull_request:
branches: [ main ]
env:
CONTAINER_NAME: devops-journey
REGISTRY: ghcr.io
IMAGE_NAME: ${{ github.repository }}
GITHUB_TOKEN: ${{ secrets.PERSONAL_TOKEN }}
jobs:
build_and_push:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v2
- name: Login to GitHub Container Registry
run: echo "${GITHUB_TOKEN}" | docker login -u "${{ github.actor }}" --password-stdin "${{ env.REGISTRY }}"
- name: Build and push Docker image
uses: docker/build-push-action@v2
with:
context: .
push: true
tags: "${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ github.sha }}"Keling ushbu GitHub Actionsni o'rganib chiqamiz:
name: GitOps CI/CD
on:
push:
branches: [ main ]
pull_request:
branches: [ main ]name Bu GitHub Actiosnga berilgan nom. Koddagi belgilangan qism esa Trigger deb nomlanadi. Vazifasi main branchga commit push qilinsa yoki pull request merge qilinsa GitHub Actionsni avtomatik ishga tushirib beradi.
env:
CONTAINER_NAME: devops-journey
REGISTRY: ghcr.io
IMAGE_NAME: ${{ github.repository }}
GITHUB_TOKEN: ${{ secrets.PERSONAL_TOKEN }}Ushbu qism Environment qismi hisoblanadi, ya'ni ushbu qismda GitHub Actionsda ishlatadigan environmentlarimizni yozamiz va GitHub Actionsda buni ishlatamiz.
- CONTAINER_NAME-> Bu qsimda Docker containerimiz nomi beriladi.
- REGISTRY-> Bu qismda Container Registry url manzili beriladi GHCR uchun ghcr.io.
- IMAGE_NAME-> Docker image nomi bu holda GitHub repositoriyaga bog'langan.
- GITHUB_TOKEN-> Bu qismda GitHub secretsdan
PERSONAL_TOKENnomli secretni ishlatadi. GHCR'ga login qilib kirish uchun personal access token kerak bo'ladi. GitHub personal accsess token olish uchun quyidagi qo'llanmadan foydalanishingiz mumkin GitHub Personal Access Token (opens in a new tab). Personal Access Token olganingizdan keyin uni repositoriya secretlariga qo'shib qo'yishingiz kerak.
1-> Repositoriyaga kirib Settings bo'limiga o'tib -> Secrets and variables -> Actions -> New repository secret PERSONAL_TOKEN nomli secret yaratib olamiz.
-> Repository -> Settings -> Secrets and variables -> Actions -> New repository secret
2-> GitHubdagi Personal Access Tokenimizni joylashtiramiz
jobs:
build_and_push:
runs-on: ubuntu-latestWorkflow Ubuntu-ning latest versiyasida ishlaydigan build_and_push nomli bitta jobga ega. Ya'ni build_and_push nomli job ubuntu:latesda ishlaydi.
steps:
- name: Checkout code
uses: actions/checkout@v2Ushbu qadam Repositoriyani clone qilib oladi(git clone) actions/checkout@v2 (opens in a new tab).
- name: Login to GitHub Container Registry
run: echo "${GITHUB_TOKEN}" | docker login -u "${{ github.actor }}" --password-stdin "${{ env.REGISTRY }}"Ushbu bosqichda GitHub Actions GitHub Container Registryga berilgan PERSONAL_TOKEN orqali kiradi.
- name: Build and push Docker image
uses: docker/build-push-action@v2
with:
context: .
push: true
tags: "${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ github.sha }}"Ushbu bosqich repositoriyadagi Dockerfile orqali Docker image build qilib uni GitHub Container Registryga github.sha bilan tag qo'shib push qiladi. Docker image build qilish va push qilishda docker/build-push-action@v2 (opens in a new tab)dan foydalanadi.
Keling GitHub Actionsni ishga tushiramiz. Buning uchun personal access tokenni GitHub secretsga qo'shib yaml konfiguratsiyamizni GitHub'ga push qilamiz va u avtomatik ishga tushishi kerak.
Repositoriyamizda Actions bo'limiga o'tsak bizni GitHub Actionimiz ishlab turganini chiqishi kerak.
Okey! Hammasi yaxshi ishladi. Endi esa keyingi bosqichga o'tsak bo'ladi, ya'ni manifests repositoriyadagi image urlni yangilab qo'yish. GitHubda yana bitta manifests-k8s (opens in a new tab) nomli repositoriya ochib olamiz unga Kubernetes yaml konfiguratsiyalarimizni yozamiz.
Repositoriya tuzilishi quyidagicha. Har bir loyiha uchun alohida papka yaratiladi va loyiha papkalari ichida config fayllari bo'ladi: deployment.yaml, service.yaml va boshqalar. Bizda hozir bitta loyiha bo'lgani uchun bitta devops-journey nomli papkamiz bor.
├── devops-journey
│ ├── deployment.yaml
│ └── service.yaml
└── README.mddeployment.yaml faylida docker image url berilgan qatori bor, bizning vazifamiz har safar loyihalarimizda GitHub Actions ishga tushib yangi docker image build qilganida uni shu manifests-k8s repositoriyadagi deployment.yaml faylidagi image urlni yangilab qo'yishdir.
apiVersion: apps/v1
kind: Deployment
metadata:
name: devops-journey-deployment
spec:
replicas: 3
selector:
matchLabels:
app: devops-journey
template:
metadata:
labels:
app: devops-journey
spec:
containers:
- name: devops-journey-container
image: ghcr.io/devops-journey-uz/devops-journey-k8s:7204fba4278c9d8567ad5a0968cca4e1aac15c84
ports:
- containerPort: 3000
imagePullSecrets:
- name: ghcrKeling buning uchun GitHub Action'imizni quyidagicha yangilaymiz.
name: GitOps CI/CD
on:
push:
branches: [ main ]
pull_request:
branches: [ main ]
env:
CONTAINER_NAME: devops-journey
REGISTRY: ghcr.io
IMAGE_NAME: ${{ github.repository }}
GITHUB_TOKEN: ${{ secrets.PERSONAL_TOKEN }}
MANIFEST_REPO_URL: ${{ secrets.MANIFEST_REPO_URL }}
MANIFEST_PATH: ${{ secrets.MANIFEST_PATH }}
jobs:
build_and_push:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v2
- name: Login to GitHub Container Registry
run: echo "${GITHUB_TOKEN}" | docker login -u "${{ github.actor }}" --password-stdin "${{ env.REGISTRY }}"
- name: Build and push Docker image
uses: docker/build-push-action@v2
with:
context: .
push: true
tags: "${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ github.sha }}"
update-manifest:
runs-on: ubuntu-latest
needs: ['build_and_push']
steps:
- name: Update manifest repository
uses: actions/checkout@v2
with:
repository: ${{ env.MANIFEST_REPO_URL }}
path: manifests
token: ${{ secrets.PERSONAL_TOKEN }}
ref: main
- name: Update deployment.yaml in manifest repository
run: |
cd manifests
echo "${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ github.sha }}"
new_image="${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ github.sha }}"
sed -i "s|image: .*|image: $new_image|g" ${{ env.MANIFEST_PATH }}/deployment.yaml
git config --global user.email "${{ secrets.GIT_EMAIL }}"
git config --global user.name "${{ secrets.GIT_USERNAME }}"
git add ${{ env.MANIFEST_PATH }}/deployment.yaml
git diff --cached --exit-code || git commit -m "Update image tag to $new_image" && git push origin mainUshbu GitHub Action'imiz uchun bir nechta secretlar va envrironmentlar qo'shdik keling ko'rib chiqamiz.
-> Repository -> Settings -> Secrets and variables -> Actions -> New repository secret
- MANIFEST_REPO_URL-> Bu manifest repositoriyamiz url manzili hisoblanadi. Quyidagicha GitHub Actions secret qo'shamiz. Bizda github.com/devops-journey-uz/manifests-k8s (opens in a new tab) repositoriyamiz bor secretga esa
devops-journeyuz/manifests-k8sdeb qo'shamiz yani{owner}/{repo}ko'rinishida.
- MANIFEST_PATH-> Bu esa manifests repositoriyamizda applicationimiz konfiguratsiyalari qaysi papkada turgani bildiradi. manifests-k8s repositoriyamizda devops-journey papkasida configlarimiz joylashgan
- GIT_EMAIL-> Biz bunga GitHub emailimizni yozamiz. Buning sababi GitHub manifests repositoriyaga commit tashlash uchun foydalanadi.
- GIT_USERNAME-> Bunga esa GitHub username'yimizni yozamiz.
Keling endi GitHub Action'imizdagi manifestni yangilash qismini ko'rib chiqamiz.
update-manifest:
runs-on: ubuntu-latest
needs: ['build_and_push']
steps:
- name: Update manifest repository
uses: actions/checkout@v2
with:
repository: ${{ env.MANIFEST_REPO_URL }}
path: manifests
token: ${{ secrets.PERSONAL_TOKEN }}
ref: main
- name: Update deployment.yaml in manifest repository
run: |
cd manifests
echo "${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ github.sha }}"
new_image="${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ github.sha }}"
sed -i "s|image: .*|image: $new_image|g" ${{ env.MANIFEST_PATH }}/deployment.yaml
git config --global user.email "${{ secrets.GIT_EMAIL }}"
git config --global user.name "${{ secrets.GIT_USERNAME }}"
git add ${{ env.MANIFEST_PATH }}/deployment.yaml
git diff --cached --exit-code || git commit -m "Update image tag to $new_image" && git push origin mainUshbu konfiguratsiya build_and_push bosqichi o'z ishini yakunlaganidan keyin boshlanadi. Ya'ni docker image build qilinib Conatiner Registryga push qilinganidan keyin, berilgan MANIFEST_REPO_URL dan manifest repositoriyani checkout qilib clone qilib oladi. Clone qilish jarayonida autentifikatsiya uchun PERSONAL_TOKENdan foydalanadi. Keyingi bosqichda esa sed orqali deployment.yaml dagi image urlni yangilaydi va GIT_USERNAME, GIT_EMAIL bilan git konfiguratsiya qilib o'zgarishlarni berilgan manifests repositoriyaga push qiladi va o'z ishini yakunlaydi.
Keling GitHub Action'imizni ishga tushiramiz.
Ikki bosqich ham muvaffaqiyatli bo'lishi kerak va manifests repositoriyamizni tekshirganimizda yangi docker image urlni qo'yib commit qilgan bo'lishi kerak.
Okeeeyy! Bizda hammasi yaxshi, hammasini uddaladik. Biz GHCR GitHub Container Registrydan foydalanish uchun GitHub Action yozib muvaffaqiyatli ishga tushirdik. Endi boshqa Container registrylar uchun ham naumunalar yozamiz.
Dockerhub
Dockerhub uchun yuqorida GitHub Actions quyidagicha o'zgarishlar bo'ladi.
Dockerhub Actionsga qo'shiladigan secretlar
- DOCKER_USERNAME-> Dockerhub Username yozamiz.
- DOCKER_PASSWORD-> Dockerhubga login qilib kirish uchun Accsess Token.
Dockerhubdan ro'yxatdan o'tib Access Token olish bo'yicha qo'llanma (opens in a new tab).
name: GitOps CI/CD
on:
push:
branches: [ main ]
pull_request:
branches: [ main ]
env:
IMAGE_NAME: devopsjourneyuz
CONTAINER_NAME: devops-journey
DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}
MANIFEST_REPO_URL: ${{ secrets.MANIFEST_REPO_URL }}
MANIFEST_PATH: ${{ secrets.MANIFEST_PATH }}
jobs:
build_and_push:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v2
- name: Log in to DockerHub
uses: docker/login-action@v1
with:
username: ${{ env.DOCKER_USERNAME }}
password: ${{ env.DOCKER_PASSWORD }}
- name: Build and push Docker image
id: docker_build
uses: docker/build-push-action@v2
with:
context: .
push: true
tags: |
${{ env.DOCKER_USERNAME }}/${{ env.IMAGE_NAME }}:latest
${{ env.DOCKER_USERNAME }}/${{ env.IMAGE_NAME }}:${{ github.sha }}
update-manifest:
runs-on: ubuntu-latest
needs: ['build_and_push']
steps:
- name: Update manifest repository
uses: actions/checkout@v2
with:
repository: ${{ env.MANIFEST_REPO_URL }}
path: manifests
token: ${{ secrets.PERSONAL_TOKEN }}
ref: main
- name: Update deployment.yaml in manifest repository
run: |
cd manifests
echo "${{ env.DOCKER_USERNAME }}/${{ env.IMAGE_NAME }}:${{ github.sha }}"
new_image="${{ env.DOCKER_USERNAME }}/${{ env.IMAGE_NAME }}:${{ github.sha }}"
sed -i "s|image: .*|image: $new_image|g" ${{ env.MANIFEST_PATH }}/deployment.yaml
git config --global user.email "${{ secrets.GIT_EMAIL }}"
git config --global user.name "${{ secrets.GIT_USERNAME }}"
git add ${{ env.MANIFEST_PATH }}/deployment.yaml
git diff --cached --exit-code || git commit -m "Update image tag to $new_image" && git push origin mainGCR Google Conatiner Registry
GCR uchun konfiguratsiyamiz quyidagicha.
GCR uchun Actionsga qo'shiladigan secretlar:
- GCP_PROJECT_ID-> Bu Google Cloud project IDsi
- GCP_SERVICE_ACCOUNT_KEY-> Bu GCR uchun Service Account secret keyi hisoblanadi.
GCP_SERVICE_ACCOUNT_KEY olish GCP_PROJECT_ID ni bilish bo'yicha qo'llanma (opens in a new tab).
name: GitOps CI/CD
on:
push:
branches: [ main ]
pull_request:
branches: [ main ]
env:
IMAGE_NAME: devops-journey-image
CONTAINER_NAME: devops-journey
GCP_PROJECT_ID: ${{ secrets.GCP_PROJECT_ID }}
GCP_SERVICE_ACCOUNT_KEY: ${{ secrets.GCP_SERVICE_ACCOUNT_KEY }}
jobs:
build_and_push:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v2
- name: Setup Google Cloud SDK
uses: google-github-actions/setup-gcloud@v0.2.1
with:
service_account_key: ${{ env.GCP_SERVICE_ACCOUNT_KEY }}
project_id: ${{ env.GCP_PROJECT_ID }}
- name: Configure Docker to use the gcloud command-line tool as a credential helper
run: |
gcloud --quiet auth configure-docker
- name: Build and push Docker image
uses: docker/build-push-action@v2
with:
context: .
push: true
tags: gcr.io/${{ env.GCP_PROJECT_ID }}/${{ env.IMAGE_NAME }}:${{ github.sha }}
update-manifest:
runs-on: ubuntu-latest
needs: ['build_and_push']
steps:
- name: Update manifest repository
uses: actions/checkout@v2
with:
repository: ${{ env.MANIFEST_REPO_URL }}
path: manifests
token: ${{ secrets.PERSONAL_TOKEN }}
ref: main
- name: Update deployment.yaml in manifest repository
run: |
cd manifests
echo gcr.io/${{ env.GCP_PROJECT_ID }}/${{ env.IMAGE_NAME }}:${{ github.sha }}
new_image=gcr.io/${{ env.GCP_PROJECT_ID }}/${{ env.IMAGE_NAME }}:${{ github.sha }}
sed -i "s|image: .*|image: $new_image|g" ${{ env.MANIFEST_PATH }}/deployment.yaml
git config --global user.email "${{ secrets.GIT_EMAIL }}"
git config --global user.name "${{ secrets.GIT_USERNAME }}"
git add ${{ env.MANIFEST_PATH }}/deployment.yaml
git diff --cached --exit-code || git commit -m "Update image tag to $new_image" && git push origin mainArgo CD
Okeeey! Shu paytagacha biz yuqorida GitHub Actions orqali CI qismini tayyorlab muvaffaqiyatli ishga tushirib oldik. Endi esa Argo CD bilan CD qismi qoldi.
Ushbu qimsni arxitekturasini tushuntiradigan bo'lsam: biz manifests repositoriyamizni ArgoCD ga webhook orqali ulab olamiz. Kubernetes klasterimiz private Container Registrydan docker imagelarni pull qilishi uchun bitta namespace ochib private registry uchun secret ochamiz. ArgoCD'ga manifests repositoriyamizni qo'shib devops-journey loyihamizni Kubnernetesga deploy qilamiz.
Kubernetes klaster sozlash
Biz private Container Registry ishlatayotganimiz uchun Kubernetesda Container Registryga login qilib, docker imagelarni pull qilishi uchun secret qo'shib olamiz.
1-> Applicationimizni deploy qilish uchun bitta namespace yaratib olamiz va Conatiner Registry secretni ushbu namespacega joylashtiramiz.
kubectl create namespace prod2-> GHCRga login qilish uchun secret qo'shamiz.
kubectl create secret docker-registry ghcr \
--docker-server=ghcr.io \
--docker-username=ismoilovdevml \
--docker-password=bizni_tokenimiz \
--docker-email=emeilimiz@gmail.com \
-n prodUshbu buyruq orqali biz prod nomli nampespaceda ghcr nomli docker-registry secret yaratdik. Ushbu ghcr nomli secretni deployment.yaml konfiguratsiyamizda imagePullSecretsda belgilab ketamiz
apiVersion: apps/v1
kind: Deployment
metadata:
name: devops-journey-deployment
spec:
replicas: 3
selector:
matchLabels:
app: devops-journey
template:
metadata:
labels:
app: devops-journey
spec:
containers:
- name: devops-journey-container
image: ghcr.io/devops-journey-uz/devops-journey-k8s:fd87b00b525ff7dcbdeef570656b533f23b80912
ports:
- containerPort: 3000
imagePullSecrets:
- name: ghcrArgoCD sozlash
Okeeey! Kubernetes sozlab olganimizdan keyin ArgoCD bilan ishlashni boshlasak bo'ladi. Birinchi navbatda ArgoCDga kirib Settings bo'limiga o'tib manifests-k8s repositoriyamizni qo'shib ulab olishimiz kerak.
-> ArgoCD -> Settings -> Repositories -> CONNECT REPO
CONNECT REPOni bosib manifests-k8s repositoriyamizni ulab olamiz. Connection metodni HTTPS qilib Usernamega GitHub username va Passwordga personal access tokenimizni yozamiz va repositoriyamizni ulab olamiz.
CONNECT bosganimizdan keyin hammasi to'gri bo'lsa muvaffaqiyatli ulanishi kerak.
Repositoiyamizni ArgoCDga qo'shib ulab olganimizdan keyin ArgoCD da application yaratib olamiz
-> Applications -> CREATE APPLICATION bosib application yaratish bo'limiga o'tamiz.
Applicationga nom beramiz, bizni holatda devops-journey Repository urlga repositoriyamiz ulr manizlini ko'rsatamiz Pathga esa devops-journey uchun yozgan configlarimiz papkasini yo'lini ko'rsatamiz, bu holda ./devops-journey va namespacega ochib olgan namespaceni ya'ni prod namespaceni ko'rsatamiz va CREATE qilib yaratib olamiz.
Application yaratib olganimizdan keyin unga kiramiz bu holda Sync holatda bo'ladi va biz bergan Kubernetes service.yaml va deployment.yaml orqali Kuberenetesga deploy qiladi.
Bu holda to'liq ishga tushgani
Okeey hammasi yaxshi, keling Kubernetesda prod namespaceni tekshirib ko'ramiz.
kubectl get pods -n prod
kubectl get services -n prodBizda uchta pod va devops-journey-service servisi 3000 portda ishlab turibti keling applicationimizni NGINX Ingress Controller orqali expose qilib domen ulab Cert-Manager bilan SSL sertifikat olib domen ulab chiqarib yuboramiz.
mkdir devops-journey
cd devops-journey
nano ingress.yamlQuyidagicha konfiguratsiya qilamiz.
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: devops-journey-ingress
namespace: prod
annotations:
cert-manager.io/cluster-issuer: "letsencrypt-prod"
spec:
ingressClassName: "nginx"
rules:
- host: k8s.devops-journey.uz
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: devops-journey-service
port:
number: 3000
tls:
- hosts:
- k8s.devops-journey.uz
secretName: devops-journey-tlsdevops-journey.uz (opens in a new tab) domenimizga k8s subdomen qo'shib k8s.devops-journey.uz (opens in a new tab) domenini ulaymiz. Bundan oldin DNS hostingdan k8s subdomen qo'shib, k8s-master klasterimizni static IP manzilini qo'shib qo'yamiz va ingress.yaml konfiguratsiyamizni apply qilamiz.
kubectl apply -f ingress.yamlKeling endi hammasi ishlayotganini bilish uchun k8s.devops-journey.uz (opens in a new tab) domeniga brauzer orqali kiramiz.
Ohhooo Mazzami silaga mazzami...
Okey hammasi yaxshi, hammasi meni nazoratim ostida :). Hammasini muvaffaqiyatli ishga tushirdik lekin, bitta narsa qoldi ya'ni manifests-k8s (opens in a new tab) repositoriyamizni ArgoCD bilan webhook orqali ulamadik. Hop bu bizga nimaga kerak bu har gal ArgoCDni qo'lda ishga tushirmasdan shunchaki GitHubdagi application repositoriyamizda o'zgarish bo'lganida avtomatik ishga tushirib kuberenetesga deploy qilib qo'yishi uchun kerak.
Buning uchun manifests-k8s (opens in a new tab) repositoriyamiz Settings -> Webhooks bo'limga o'tib webhook qo'shamiz.
-> Settings -> Webhooks -> Add webhook
ArgoCD url manzili oxiriga /api/webhook qo'shib Connection typega application/json tanlab qo'yamiz va Just the push event tanlab Add Webhook bosib webhook ulab olamiz.
Deyarli hamma ishni tugatdik. Keling butun CI/CDni tekshirib ko'ramiz.
devops-journey-k8s (opens in a new tab) repositoriyamizga o'zgartirish kiritamiz va buyo'giga o'zi avtomatik ishga tushib Kubernetesga deploy bo'lishi kerak. Platformamiz boshida chiqib turgan GitOpsni birga o'rganamiz matnini GitOpsni birga o'rganamiz | K8s ga o'zgartiramiz va commit qilamiz va avtomatik Kubernetesga deploy bo'lishi kerak. Qani keettik sinaymiz.
Men o'zgartirish qilib push qildim endi kuzatamiz:
GitHub Actionimiz yaxshi muvaffaqiyatli ishladi: manifests-k8s repositoriyamizga o'zgarishlar kelib tushgan.
ArgoCD webhook orqali avtomatik ishga tushdi va hammasi muvaffaqiyatli bo'ldi.
k8s.devops-journey.uz (opens in a new tab)ga kirib ko'rganimzida biz GitOpsni birga o'rganamiz | K8sni ko'ramiz.
Huuuhh! Va nihoyat bizda hammasi muvaffaqiyatli ishga tushdi.
Qo'shimcha
Qo'shimcha Resurslar
- Gitlab Server o'rnatish va sozlash (opens in a new tab)
- Github Actions bilan Flutter CI/CD (opens in a new tab)
- Github Actions bilan Anroid CI/CD (opens in a new tab)
- Github Actions CI/CD (opens in a new tab)
- Linux Serverlarga Jenkins o'rnatish (opens in a new tab)
- Koddan Servergacha: Jenkins bilan Docker CI/CD va Discord bilan integratsiya (opens in a new tab)
- Gitlab CI | Releaselar va Integrationlar (opens in a new tab)
- Kubernetes CI/CD | GitHub Actions + Argo CD | GitOps (opens in a new tab)
- Kubernetesga Kirish (opens in a new tab)
- Kubernetes Arxitekturasi (opens in a new tab)
- Kubernetes Obyektlari (opens in a new tab)
- Kubernesga Cert-Manager o'rnatish va sozlash (opens in a new tab)
- Kubernetesga Argo CD o'rnatish va sozlash (opens in a new tab)
Sana: 2024.02.03(2024-yil 3-fevral)
Oxirgi yangilanish: 2024.02.03(2024-yil 3-fevral)
Muallif: Otabek Ismoilov
| Telegram (opens in a new tab) | GitHub (opens in a new tab) | LinkedIn (opens in a new tab) |
|---|