摘要:可以利用特性,根據(jù)負(fù)載壓力來動(dòng)態(tài)調(diào)整的數(shù)量����。部署到集群以后,可以利用已有的日志系統(tǒng)和監(jiān)控系統(tǒng)�����。即使用,也應(yīng)該掛載到中����,保證數(shù)據(jù)的安全。所有都部署到命名空間下����,這個(gè)已經(jīng)建好了。
前言
本文主要講如何把drone部署到k8s集群當(dāng)中�����,本身drone這種基于容器的pipeline方式�,和k8s是相當(dāng)契合的���。這樣的好處有:
k8s集群守護(hù)drone-server 和drone-agent���。
可以利用rpc特性,根據(jù)agent負(fù)載壓力來動(dòng)態(tài)調(diào)整agent的數(shù)量���。當(dāng)然即使不動(dòng)態(tài)調(diào)整���,我們手動(dòng)調(diào)整一下復(fù)制集的數(shù)目也是相當(dāng)簡(jiǎn)單的��。
部署到k8s集群以后��,可以利用k8s已有的日志系統(tǒng)和監(jiān)控系統(tǒng)�����。
其實(shí)在接下來的文章系列中�����,我們會(huì)不斷側(cè)重于k8s相關(guān)�。依舊是直接先上yaml文件���,先來一個(gè)直觀的感受�����。
相關(guān)yaml文件
ConfigMap在此處可以理解為drone應(yīng)用的配置文件�。這里有關(guān)于server和agent一系列設(shè)置��。不過在k8s中大家需要注意的是:更新configmap以后�,對(duì)于掛載該configmap的應(yīng)用�����,配置內(nèi)容并不能立即生效����,大約需要10s�����。
apiVersion: v1
kind: ConfigMap
metadata:
name: drone-config
namespace: devops
data:
#######################
# Drone Server Config #
#######################
# server host name
server.host: drone.xxx.com
# start the server in debug mode
server.debug: "false"
# open user registration
server.open: "true"
# database driver, defaul as sqlite3
server.database.driver: sqlite3
# database driver configuration string
server.database.datasource: drone.sqlite
# remote parameters (Gogs)
server.remote.gogs: "true"
server.remote.gogs.url: "http://gogs.xxx.com"
server.remote.gogs.private.mode: "true"
######################
# Drone Agent Config #
######################
agent.debug: "false"
agent.debug.pretty: "false"
agent.max.procs: "1"
agent.healthcheck: "true"
Secret文件�����,主要是存放一些秘鑰之類的����。不過這里也是有坑的,這個(gè)secret用于server和angent通信��,設(shè)置不對(duì)就會(huì)構(gòu)建項(xiàng)目一直處于pending狀態(tài)���。切記k8s中,secret需要base64���。
echo -n "yourpassword" | base64
eW91cnBhc3N3b3Jk
apiVersion: v1
kind: Secret
metadata:
name: drone-secrets
namespace: devops
data:
server.secret: eW91cnBhc3N3b3Jk
接下來就是drone-server的Deployment和Service和Ingress���。此處為了簡(jiǎn)單���,用了sqlite數(shù)據(jù)庫(kù),真正生產(chǎn)環(huán)境建議用mysql或是pgsql��。即使用sqlite���,也應(yīng)該掛載到ceph中�,保證數(shù)據(jù)的安全�。這里直接hostpath。k8s中��,應(yīng)該做到存儲(chǔ)和計(jì)算的分離��。
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: drone-server
namespace: devops
spec:
replicas: 1
template:
metadata:
labels:
app: drone-server
spec:
nodeSelector:
net-type: external
containers:
- image: drone/drone:latest
imagePullPolicy: Always
name: drone-server
ports:
- containerPort: 8000
protocol: TCP
- containerPort: 9000
protocol: TCP
volumeMounts:
# Persist our configs in an SQLite DB in here
- name: drone-server-sqlite-db
mountPath: /var/lib/drone
resources:
requests:
cpu: 40m
memory: 32Mi
env:
- name: DRONE_HOST
valueFrom:
configMapKeyRef:
name: drone-config
key: server.host
- name: DRONE_OPEN
valueFrom:
configMapKeyRef:
name: drone-config
key: server.open
- name: DRONE_DATABASE_DRIVER
valueFrom:
configMapKeyRef:
name: drone-config
key: server.database.driver
- name: DRONE_DATABASE_DATASOURCE
valueFrom:
configMapKeyRef:
name: drone-config
key: server.database.datasource
- name: DRONE_SECRET
valueFrom:
secretKeyRef:
name: drone-secrets
key: server.secret
- name: DRONE_GOGS
valueFrom:
configMapKeyRef:
name: drone-config
key: server.remote.gogs
- name: DRONE_GOGS_URL
valueFrom:
configMapKeyRef:
name: drone-config
key: server.remote.gogs.url
- name: DRONE_GOGS_PRIVATE_MODE
valueFrom:
configMapKeyRef:
name: drone-config
key: server.remote.gogs.private.mode
- name: DRONE_DEBUG
valueFrom:
configMapKeyRef:
name: drone-config
key: server.debug
volumes:
- name: drone-server-sqlite-db
hostPath:
path: /var/lib/drone
apiVersion: v1
kind: Service
metadata:
name: drone-service
namespace: devops
spec:
ports:
- name: http
protocol: TCP
port: 80
targetPort: 8000
- name: grpc
protocol: TCP
port: 9000
targetPort: 9000
selector:
app: drone-server
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: drone-ingress
namespace: devops
spec:
rules:
- host: drone.xxx.com
http:
paths:
- backend:
serviceName: drone-service
servicePort: 80
path: /
下面就是agent的部署文件了�����,replicas: 1 該項(xiàng)可以設(shè)置agent的數(shù)量�,擴(kuò)容起來特別方便。server和agent通過grpc的方式進(jìn)行通信�,主要端口是9000�����。
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: drone-agent
namespace: devops
spec:
replicas: 1
template:
metadata:
labels:
app: drone-agent
spec:
nodeSelector:
net-type: external
containers:
- image: drone/agent:latest
imagePullPolicy: Always
name: drone-agent
volumeMounts:
# Enables Docker in Docker
- name: docker-socket
mountPath: /var/run/docker.sock
resources:
requests:
cpu: 100m
memory: 64Mi
livenessProbe:
httpGet:
path: /healthz
port: 3000
initialDelaySeconds: 3
periodSeconds: 3
env:
- name: DRONE_SERVER
value: drone-service:9000
# issue: https://github.com/drone/drone/issues/2048
- name: DOCKER_API_VERSION
value: "1.24"
- name: DRONE_SECRET
valueFrom:
secretKeyRef:
name: drone-secrets
key: server.secret
volumes:
- name: docker-socket
hostPath:
path: /var/run/docker.sock
所有都部署到devops命名空間下���,這個(gè)namespace已經(jīng)建好了。當(dāng)然如果沒有的話��,需要提前創(chuàng)建����。
效果圖
總結(jié)
項(xiàng)目github地址,這里有該系列的所有文件��。
文章版權(quán)歸作者所有����,未經(jīng)允許請(qǐng)勿轉(zhuǎn)載,若此文章存在違規(guī)行為,您可以聯(lián)系管理員刪除��。
轉(zhuǎn)載請(qǐng)注明本文地址:http://systransis.cn/yun/27157.html
