From d75e65ad507ace6961ab750ed2d114584bb0588d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ren=C3=A9=20Jochum?= Date: Wed, 17 Jul 2019 14:02:14 +0200 Subject: [PATCH] Add post kubernetes rancher CI/CD pipeline --- content/post/first-hugo.md | 1 + .../post/kubernetes-rancher-cd-pipeline.md | 86 +++++++++++++++++++ 2 files changed, 87 insertions(+) create mode 100644 content/post/kubernetes-rancher-cd-pipeline.md diff --git a/content/post/first-hugo.md b/content/post/first-hugo.md index d817c9e..a8161ac 100644 --- a/content/post/first-hugo.md +++ b/content/post/first-hugo.md @@ -7,6 +7,7 @@ tags: - atom - markdown - sublime + - My Blog --- Today i moved my wordpress blog to hugo, it will allow me to **post faster** use **less resources** and i can **share** my content **on [github](https://github.com/pcdummy/pc-dummy.net)**. diff --git a/content/post/kubernetes-rancher-cd-pipeline.md b/content/post/kubernetes-rancher-cd-pipeline.md new file mode 100644 index 0000000..bb84749 --- /dev/null +++ b/content/post/kubernetes-rancher-cd-pipeline.md @@ -0,0 +1,86 @@ +--- +date: 2019-07-17T00:00:00+01:00 +title: Kubernetes-Rancher CI/CD Pipeline +author: pcdummy +tags: + - HOWTO + - Kubernetes + - Rancher + - CI/CD + - My Blog + +--- +Today i moved my [gohugo.io](https://gohugo.io/) blog from a lxd hosting to our Kubernetes -dev Cluster at the [Webmeisterei](https://webmeisterei.com). + +We have our own [Gitlab](https://git.webmeisterei.com) so and we run our own registry on the -dev Cluster, i thought it will be easy to do so but it wasn't that easy and i lost about 8 Hours until i found out that had to open the required Ports on the Firewall :). + + +#### Tools in use + +- [Rancher](https://rancher.com/) 2.x for Kubernetes with RBAC, Metrics, Logging and much more. +- [Gitlab](https://about.gitlab.com/) on-premises alternative to github.com +- [Harbor](https://goharbor.io/) not yet in use but will be soon our container registry +- [cert-manager](https://github.com/jetstack/cert-manager) +- [Let's Encrypt](https://letsencrypt.org/) Let's Encrypt + +#### The Docker Container + +I use a [multi-stage build](https://docs.docker.com/develop/develop-images/multistage-build/) to generate the page in a container and serve a copy of the page after in a nginx container. + +See this [Dockerfile](https://git.webmeisterei.com/jochum/rene.jochums.at/blob/master/Dockerfile) + +```bash +# Build public with hugo +FROM jguyomard/hugo-builder:latest + +COPY . /build + +WORKDIR /build + +RUN hugo -b https://rene.jochums.at -v -t persona + +# Copy to a nginx container +FROM nginx:1.17-alpine + +COPY docker/nginx/nginx.conf /etc/nginx/ +COPY docker/nginx/default.conf /etc/nginx/conf.d/ + +# This is important "COPY --from=0" line where --from=0 means copy from the first container. +COPY --from=0 /build/public /var/www/rene.jochums.at +``` + +#### The Deployment + +With lots of try-and-error testing i got this [deployment.yaml](https://git.webmeisterei.com/jochum/rene.jochums.at/blob/master/deployment.yaml) together. + +Its important that you have to add the registry to your Project first, in this case **registry.dev.wmk8s.com**. + + +#### And the pipeline itself + +The last step after the container and the deployment was to create a .rancher-pipeline.yml in my repo, I used Rancher -> Cluster dev -> Project -> Workloads -> Pipelines to generate it. + +```yaml +stages: +- name: Build + steps: + - publishImageConfig: + dockerfilePath: ./Dockerfile + buildContext: . + tag: pcdummy/renejochumsat:latest + pushRemote: true + registry: registry.dev.wmk8s.com +- name: Deploy + steps: + - applyYamlConfig: + path: ./deployment.yaml +timeout: 60 +notification: + recipients: + - recipient: rene@webmeisterei.com + notifier: local:n-mtzwd + condition: + - Success + - Changed + - Failed +```