Gitlab CI/CD 教學(二)

接續上次Gitlab CI/CD 教學(一),今天要跟大家說說要如透過 Gitlab 的 CI/CD 將程式部署到 AWS Server 上。

Quick Start

在正式開始之前,會需要大家先去申請AWS Server,並先建立一個 EC Server,有關 AWS 相關文章,後續有空再補上給大家。

ssh 登入 AWS Server 主機

  • 透過 ssh 登入 AWS Server 主機
1
ssh ec2-user@52.221.216.202 -i ./cpay.pem

安裝 Docker on Amazon EC2

  • 更新 yum
1
sudo yum update -y

  • 這邊是使用 Amazon Linux 2,指令如下
1
sudo amazon-linux-extras install docker

  • 啟動 Docker 服務
1
sudo service docker start

  • 將 ec2-user 加入可執行 Docker 的 group
1
sudo usermod -a -G docker ec2-user

  • 登出後重新登入,驗證功能
1
docker ps

設定 Gitlab

  • Gitlab 專案左側的導覽列進入 Setting -> CI/CD -> Environment variables。將 ssh 的 private key 填入。

  • 修改.gitlab-ci.yml

AWS_SSH_KEY 為上面設定的參數名稱。

1
2
3
4
5
6
7
8
9
deploy:
stage: deploy
before_script:
- mkdir -p ~/.ssh
- echo -e "$AWS_SSH_KEY" > ~/.ssh/id_rsa
- chmod 600 ~/.ssh/id_rsa
- '[[ -f /.dockerenv ]] && echo -e "Host *\n\tStrictHostKeyChecking no\n\n" > ~/.ssh/config'
script:
- ssh ec2-user@52.221.216.202 -- "docker login -u gitlab-ci-token -p $CI_JOB_TOKEN $CI_REGISTRY && docker pull registry.gitlab.com/cpay2019/cpay-core_service:$CI_COMMIT_SHORT_SHA && docker run --name cpayCoreService -d -h cpayCoreService -p 8080:8080 registry.gitlab.com/cpay2019/cpay-core_service:$CI_COMMIT_SHORT_SHA"

完整 script 請參考下方。

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35
cache:
  paths:
    - .m2/
    - target/*.jar

stages:
  - build_jar
  - build_n_push_image
  - deploy
  
build_jar:
  image: maven:latest
  stage: build_jar
  script:
    - mvn clean package install

build_n_push_image:
  image: gitlab/dind
  stage: build_n_push_image
  script:
    - docker build -t registry.gitlab.com/cpay2019/cpay-core_service:latest .
    - docker build -t registry.gitlab.com/cpay2019/cpay-core_service:$CI_COMMIT_SHORT_SHA .
    - docker login -u gitlab-ci-token -p $CI_JOB_TOKEN $CI_REGISTRY
    - docker push registry.gitlab.com/cpay2019/cpay-core_service:latest
    - docker push registry.gitlab.com/cpay2019/cpay-core_service:$CI_COMMIT_SHORT_SHA
    
deploy:
  stage: deploy
  before_script:
    - mkdir -p ~/.ssh
    - echo -e "$AWS_SSH_KEY" > ~/.ssh/id_rsa  
    - chmod 600 ~/.ssh/id_rsa
    - '[[ -f /.dockerenv ]] && echo -e "Host *\n\tStrictHostKeyChecking no\n\n" > ~/.ssh/config'
  script:
    - ssh ec2-user@52.221.216.202 -- "docker login -u gitlab-ci-token -p $CI_JOB_TOKEN $CI_REGISTRY && docker pull registry.gitlab.com/cpay2019/cpay-core_service:$CI_COMMIT_SHORT_SHA && docker run --name cpayCoreService -d -h cpayCoreService -p 8080:8080 registry.gitlab.com/cpay2019/cpay-core_service:$CI_COMMIT_SHORT_SHA"
  • 驗證

確認 pipeline 執行成功

登入 AWS Server 確認

問題:當重複布版的時候,會出現 container 已經存在

需加入清除 Docker container 與 images 的相關指令在腳本中

1
2
docker ps --filter "name=cpayCoreService" -a -q | xargs --no-run-if-empty docker rm -f
docker images -q -f dangling=true | xargs --no-run-if-empty docker rmi

完整範例請參考下方。

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35
cache:
  paths:
    - .m2/
    - target/*.jar

stages:
  - build_jar
  - build_n_push_image
  - deploy
  
build_jar:
  image: maven:latest
  stage: build_jar
  script:
    - mvn clean package install

build_n_push_image:
  image: gitlab/dind
  stage: build_n_push_image
  script:
    - docker build -t registry.gitlab.com/cpay2019/cpay-core_service:latest .
    - docker build -t registry.gitlab.com/cpay2019/cpay-core_service:$CI_COMMIT_SHORT_SHA .
    - docker login -u gitlab-ci-token -p $CI_JOB_TOKEN $CI_REGISTRY
    - docker push registry.gitlab.com/cpay2019/cpay-core_service:latest
    - docker push registry.gitlab.com/cpay2019/cpay-core_service:$CI_COMMIT_SHORT_SHA
    
deploy:
  stage: deploy
  before_script:
    - mkdir -p ~/.ssh
    - echo -e "$AWS_SSH_KEY" > ~/.ssh/id_rsa  
    - chmod 600 ~/.ssh/id_rsa
    - '[[ -f /.dockerenv ]] && echo -e "Host *\n\tStrictHostKeyChecking no\n\n" > ~/.ssh/config'
  script:
    - ssh ec2-user@52.221.216.202 -- "docker ps --filter "name=cpayCoreService" -a -q | xargs --no-run-if-empty docker rm -f && docker images -q -f dangling=true | xargs --no-run-if-empty docker rmi && docker login -u gitlab-ci-token -p $CI_JOB_TOKEN $CI_REGISTRY && docker pull registry.gitlab.com/cpay2019/cpay-core_service:$CI_COMMIT_SHORT_SHA && docker run --name cpayCoreService -d -h cpayCoreService -p 8080:8080 registry.gitlab.com/cpay2019/cpay-core_service:$CI_COMMIT_SHORT_SHA"

補充

大家可以參考之前的文章Telegram Bot設定教學,試著在部署前後都進行通知,讓整個 CI/CD 機制更加完善。

Reference

To install Docker on an Amazon EC2 instance

謝謝您的支持與鼓勵

Ads