Bruce Blog Bruce Blog
首页
  • CentOS
  • Ubuntu-Debian
  • 系统网络
  • 系统辅助工具
  • MySQL
  • Redis
  • Mongodb
  • Docker基础
  • Container基础
  • Kubernetes

    • Kubernetes基础
    • Kubernetes辅助
  • Container-Network
  • Jenkins
  • Gitlab
  • ArgoCD
  • Ansible
  • Terraform
  • AWS
  • MQ
  • NGINX
  • JumpServer
  • 基础
  • 函数模块
  • 框架
  • 基础

    • Golang环境
    • 语法
    • 数据类型与运算符
    • 分支语句
    • 循环语句
    • 数组
    • 切片
    • Map
    • String
    • 函数
    • 包的管理
    • 指针
    • 结构体
    • Go语言中的OOP
    • 方法和接口
    • 错误处理
  • Go进阶

    • Go进阶
  • Go框架

    • Go框架
  • Golang辅助

    • Golang辅助
  • CSS
  • HTML
  • JavaScript
  • 前端辅助
  • 常用命令
  • 性能监控工具
  • Windows下Docker使用
  • 日常学习
  • 其他导航

Bruce Tao

运维界的该溜子
首页
  • CentOS
  • Ubuntu-Debian
  • 系统网络
  • 系统辅助工具
  • MySQL
  • Redis
  • Mongodb
  • Docker基础
  • Container基础
  • Kubernetes

    • Kubernetes基础
    • Kubernetes辅助
  • Container-Network
  • Jenkins
  • Gitlab
  • ArgoCD
  • Ansible
  • Terraform
  • AWS
  • MQ
  • NGINX
  • JumpServer
  • 基础
  • 函数模块
  • 框架
  • 基础

    • Golang环境
    • 语法
    • 数据类型与运算符
    • 分支语句
    • 循环语句
    • 数组
    • 切片
    • Map
    • String
    • 函数
    • 包的管理
    • 指针
    • 结构体
    • Go语言中的OOP
    • 方法和接口
    • 错误处理
  • Go进阶

    • Go进阶
  • Go框架

    • Go框架
  • Golang辅助

    • Golang辅助
  • CSS
  • HTML
  • JavaScript
  • 前端辅助
  • 常用命令
  • 性能监控工具
  • Windows下Docker使用
  • 日常学习
  • 其他导航
  • Jnekins

  • Gitlab

  • ArgoCD

    • GitlabCI
    • Jenkins-Argocd CICD
    • Jenkins-Argocd CICD
    • Jenkins-Argocd CICD-下
      • Jenkins-Argocd CICD Rollouts金丝雀发布
      • Jenkins-Argocd CICD Rollouts金丝雀发布优化
    • CICD
    • ArgoCD
    Bruce
    2023-01-17
    目录

    Jenkins-Argocd CICD-下

    # 九、Argocd配置CD

    # 安装Argocd

    项目路径: kubernetes-software-yaml/argocd

    https://argo-cd.readthedocs.io/en/stable/

    https://github.com/argoproj/argo-helm/tree/main/charts/argo-cd

    # 直接使用编排文件进行安装(这里采用编排文件进行安装)
    kubectl create namespace argocd
    
    wget https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml
    kubectl apply -f install.yaml -n argocd --dry-run=server
    kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml
    
    # 使用helm进行安装
    helm repo add argo https://argoproj.github.io/argo-helm
    helm search repo argocd
    helm pull argo/argo-cd --untar --version 3.35.4
    
    $ helm upgrade --install argocd . -n argocd
    Release "argocd" does not exist. Installing it now.
    NAME: argocd
    LAST DEPLOYED: Thu Nov 17 17:03:23 2022
    NAMESPACE: argocd
    STATUS: deployed
    REVISION: 1
    TEST SUITE: None
    NOTES:
    In order to access the server UI you have the following options:
    1. kubectl port-forward service/argocd-server -n argocd 8080:443
        and then open the browser on http://localhost:8080 and accept the certificate
    2. enable ingress in the values file "server.ingress.enabled" and either
          - Add the annotation for ssl passthrough: https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/ingress.md#option-1-ssl-passthrough
          - Add the "--insecure" flag to "server.extraArgs" in the values file and terminate SSL at your ingress: https://github.com/argoproj/argo-cd/blob/master/docs/operator-manual/ingress.md#option-2-multiple-ingress-objects-and-hosts
    
    After reaching the UI the first time you can login with username: admin and the random password generated during the installation. You can find the password by running:
    
    kubectl -n argocd get secret argocd-initial-admin-secret -o jsonpath="{.data.password}" | base64 -d
    
    (You should delete the initial secret afterwards as suggested by the Getting Started Guide: https://github.com/argoproj/argo-cd/blob/master/docs/getting_started.md#4-login-using-the-cli)
    
    # Ingress 配置(这里采用的Nginx Ingress)
    $ kubectl apply -f argo-ingress.yaml  -n argocd --dry-run=server
    ingress.networking.k8s.io/argocd-server-ingress created (server dry run)
    
    $ kubectl apply -f argo-ingress.yaml  -n argocd
    ingress.networking.k8s.io/argocd-server-ingress created
    
    $ kubectl get ingress -n argocd
    NAME                    CLASS    HOSTS                   ADDRESS   PORTS     AGE
    argocd-server-ingress   <none>   argocddemo.chsaos.com             80, 443   3s
    
    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    25
    26
    27
    28
    29
    30
    31
    32
    33
    34
    35
    36
    37
    38
    39
    40
    41
    42
    43
    44
    • 官方文档: https://argo-cd.readthedocs.io/en/stable/operator-manual/ingress/#option-1-ssl-passthrough

      问题: rgocd 将您重定向的次数过多 If you encounter a redirect loop or are getting a 307 response code

      解决: then you need to force the nginx ingress to connect to the backend using HTTPS.

    # Argocd客户端安装
    $ VERSION=$(curl --silent "https://api.github.com/repos/argoproj/argo-cd/releases/latest" | grep '"tag_name"' | sed -E 's/.*"([^"]+)".*/\1/')
    
    $ curl -sSL -o /usr/local/bin/argocd https://github.com/argoproj/argo-cd/releases/download/$VERSION/argocd-linux-amd64
    $ chmod +x /usr/local/bin/argocd 
    $ ln -sfv /usr/local/bin/argocd /usr/bin/
     
    # 查看密码
    $ kubectl -n argocd get secret argocd-initial-admin-secret -o jsonpath="{.data.password}" | base64 -d
    FMgfgp1RLZ2HRLbz
     
     # argocd客户端连接
    $ CLUSTER_IP=`kubectl get svc argocd-server -n argocd -o jsonpath="{.spec.clusterIP}"`
    $ argocd --insecure login ${CLUSTER_IP}:443
    Username: admin
    Password: 
    'admin:login' logged in successfully
    Context '10.103.59.183:443' updated
     
     $ argocd version
    argocd: v2.5.2+148d8da
      BuildDate: 2022-11-07T17:06:04Z
      GitCommit: 148d8da7a996f6c9f4d102fdd8e688c2ff3fd8c7
      GitTreeState: clean
      GoVersion: go1.18.7
      Compiler: gc
      Platform: linux/amd64
    argocd-server: v2.5.2+148d8da
      BuildDate: 2022-11-07T16:42:47Z
      GitCommit: 148d8da7a996f6c9f4d102fdd8e688c2ff3fd8c7
      GitTreeState: clean
      GoVersion: go1.18.8
      Compiler: gc
      Platform: linux/amd64
      Kustomize Version: v4.5.7 2022-08-02T16:35:54Z
      Helm Version: v3.10.1+g9f88ccb
      Kubectl Version: v0.24.2
      Jsonnet Version: v0.18.0
    
    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    25
    26
    27
    28
    29
    30
    31
    32
    33
    34
    35
    36
    37
    # 域名访问Argocd
    • https://argocddemo.chsaos.com/
    • 默认用户名: admin
    # 查看密码
    $ kubectl -n argocd get secret argocd-initial-admin-secret -o jsonpath="{.data.password}" | base64 -d
    FMgfgp1RLZ2HRLbz
    
    1
    2
    3

    image-20221117181927135

    image-20221117182009060

    # argocd上添加代码仓库

    image-20221118094143002

    image-20221118094521750

    # 创建应用

    image-20221118094854243

    • 同步策略: https://argo-cd.readthedocs.io/en/stable/user-guide/sync-options/

    Application Name: myapp-dev

    Project Name: default

    SYNC POLICY: Automatic

    SYNC OPTIONS: PRUNT LAST

    image-20221118095851460

    Repository URL: https://gitlabdemo.chsaos.com/infra/devops-cd.git

    Revision: HEAD

    Path: devops-simple-java/

    image-20221118162227505

    Cluster URL: https://kuberntes.default.svc

    Namespace: dev

    image-20221118100242275

    • https://argo-cd.readthedocs.io/en/stable/user-guide/kustomize/

    image-20221118165738185

    # APP HEALH问题
    • ArgoCD Ingress资源一直处于Progressing状态

    Argocd一个bug,ingress的健康检查必须要loadBalance有值,不然就不通过,但是并不影响使用

    这个问题需要分版本做不同的处理;主要是通过ArgoCD健康检查的自定义的资源检查来排除对Ingress的检查

    • 参考官方文档

      https://argo-cd.readthedocs.io/en/stable/operator-manual/health/#ingress

      https://github.com/argoproj/argo-cd/issues/1704

    image-20221118215018226

    # Nginx Ingress处理
    • 查看Nginx的版本
    # 查看Nginx Ingress 中Nginx的版本
    $ kubectl exec -it ingress-nginx-controller-b7db2 -n ingress-nginx -- /bin/sh -c "nginx -V"
    nginx version: nginx/1.21.6
    built by gcc 11.2.1 20220219 (Alpine 11.2.1_git20220219) 
    built with OpenSSL 1.1.1q  5 Jul 2022 (running with OpenSSL 1.1.1s  1 Nov 2022)
    ....
    
    1
    2
    3
    4
    5
    6
    • v1.20.0及以上版本处理
    # 编辑Argocd的configmap
    $ kubectl get cm -n argocd
    NAME                        DATA   AGE
    argocd-cm                   0      28h
    ......
    
    $ kubectl edit cm -n argocd argocd-cm
    # Please edit the object below. Lines beginning with a '#' will be ignored,
    # and an empty file will abort the edit. If an error occurs while saving this file will be
    # reopened with the relevant failures.
    #
    apiVersion: v1
    kind: ConfigMap
    metadata:
      annotations:
        kubectl.kubernetes.io/last-applied-configuration: |
    	  ......
      labels:
        app.kubernetes.io/name: argocd-cm
        app.kubernetes.io/part-of: argocd
      name: argocd-cm
      namespace: argocd
      ......
    data:
      resource.customizations: |
        networking.k8s.io/Ingress:
            health.lua: |
              hs = {}
              hs.status = "Healthy"
              return hs
    
    
    # 获取Argocd登录密码
    $ kubectl -n argocd get secret argocd-initial-admin-secret -o jsonpath="{.data.password}" | base64 -d
    FMgfgp1RLZ2HRLbz
    
    # 获取Argocd Service IP地址
    $ CLUSTER_IP=`kubectl get svc argocd-server -n argocd -o jsonpath="{.spec.clusterIP}"`
    
    # 使用CLUSTER_IP登录Argocd
    $ argocd --insecure login ${CLUSTER_IP}:443
    Username: admin
    Password: 
    'admin:login' logged in successfully
    Context '10.103.59.183:443' updated
    
    # 查看Argocd的APP 列表
    $ argocd app list
    NAME              CLUSTER                         NAMESPACE  PROJECT  STATUS  HEALTH       SYNCPOLICY  CONDITIONS  REPO                                               PATH                 TARGET
    argocd/myapp-dev  https://kubernetes.default.svc  dev        default  Synced  Progressing  Auto        <none>      https://gitlabdemo.chsaos.com/infra/devops-cd.git  devops-simple-java/  HEAD
    
    # 应用同步
    $ argocd app sync argocd/myapp-dev --force
    TIMESTAMP                  GROUP                    KIND   NAMESPACE                  NAME    STATUS   HEALTH            HOOK  MESSAGE
    2022-11-18T22:05:32+08:00                        Service         dev           the-service    Synced  Healthy                  
    2022-11-18T22:05:32+08:00   apps              Deployment         dev        the-deployment    Synced  Healthy                  
    2022-11-18T22:05:32+08:00  networking.k8s.io     Ingress         dev           the-ingress    Synced  Progressing              
    2022-11-18T22:05:32+08:00                        Service         dev           the-service    Synced  Healthy                  service/the-service unchanged
    2022-11-18T22:05:32+08:00   apps              Deployment         dev        the-deployment    Synced  Healthy                  deployment.apps/the-deployment unchanged
    2022-11-18T22:05:32+08:00  networking.k8s.io     Ingress         dev           the-ingress    Synced  Progressing              ingress.networking.k8s.io/the-ingress unchanged
    
    Name:               argocd/myapp-dev
    Project:            default
    Server:             https://kubernetes.default.svc
    Namespace:          dev
    URL:                https://10.103.59.183/applications/argocd/myapp-dev
    Repo:               https://gitlabdemo.chsaos.com/infra/devops-cd.git
    Target:             HEAD
    Path:               devops-simple-java/
    SyncWindow:         Sync Allowed
    Sync Policy:        Automated
    Sync Status:        Synced to HEAD (fbc4a6c)
    Health Status:      Healthy
    
    Operation:          Sync
    Sync Revision:      fbc4a6c57f7cbbf1baa63b878bac2cefcad17c60
    Phase:              Succeeded
    Start:              2022-11-18 22:05:32 +0800 CST
    Finished:           2022-11-18 22:05:32 +0800 CST
    Duration:           0s
    Message:            successfully synced (all tasks run)
    
    GROUP              KIND        NAMESPACE  NAME            STATUS  HEALTH   HOOK  MESSAGE
                       Service     dev        the-service     Synced  Healthy        service/the-service unchanged
    apps               Deployment  dev        the-deployment  Synced  Healthy        deployment.apps/the-deployment unchanged
    networking.k8s.io  Ingress     dev        the-ingress     Synced  Healthy        ingress.networking.k8s.io/the-ingress unchanged
    
    # 查看应用的HEALTHY状态
    $ argocd app list
    NAME              CLUSTER                         NAMESPACE  PROJECT  STATUS  HEALTH   SYNCPOLICY  CONDITIONS  REPO                                               PATH                 TARGET
    argocd/myapp-dev  https://kubernetes.default.svc  dev        default  Synced  Healthy  Auto        <none>      https://gitlabdemo.chsaos.com/infra/devops-cd.git  devops-simple-java/  HEAD
    
    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    25
    26
    27
    28
    29
    30
    31
    32
    33
    34
    35
    36
    37
    38
    39
    40
    41
    42
    43
    44
    45
    46
    47
    48
    49
    50
    51
    52
    53
    54
    55
    56
    57
    58
    59
    60
    61
    62
    63
    64
    65
    66
    67
    68
    69
    70
    71
    72
    73
    74
    75
    76
    77
    78
    79
    80
    81
    82
    83
    84
    85
    86
    87
    88
    89
    90
    91
    • v1.20.0版本以下版本处理
    # 编辑Argocd的configmap
    $ kubectl get cm -n argocd
    NAME                        DATA   AGE
    argocd-cm                   0      28h
    ......
    
    $ kubectl edit cm -n argocd argocd-cm
    # Please edit the object below. Lines beginning with a '#' will be ignored,
    # and an empty file will abort the edit. If an error occurs while saving this file will be
    # reopened with the relevant failures.
    #
    apiVersion: v1
    kind: ConfigMap
    metadata:
      annotations:
        kubectl.kubernetes.io/last-applied-configuration: |
    	  ......
      labels:
        app.kubernetes.io/name: argocd-cm
        app.kubernetes.io/part-of: argocd
      name: argocd-cm
      namespace: argocd
      ......
    data:
      resource.customizations.health.extensions_Ingress: |
        hs = {}
        hs.status = "Healthy"
        hs.message = "SoulChild"
        return hs
      resource.customizations.useOpenLibs.extensions_Ingress: "true"
    
    
    # 获取Argocd登录密码
    $ kubectl -n argocd get secret argocd-initial-admin-secret -o jsonpath="{.data.password}" | base64 -d
    
    # 获取Argocd Service IP地址
    $ CLUSTER_IP=`kubectl get svc argocd-server -n argocd -o jsonpath="{.spec.clusterIP}"`
    
    # 使用CLUSTER_IP登录Argocd
    $ argocd --insecure login ${CLUSTER_IP}:443
    
    # 查看Argocd的APP 列表
    $ argocd app list
    
    # 应用同步
    $ argocd app sync argocd/myapp-dev --force
    ......
    
    # 查看应用的HEALTHY状态
    $ argocd app list
    ......
    
    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    25
    26
    27
    28
    29
    30
    31
    32
    33
    34
    35
    36
    37
    38
    39
    40
    41
    42
    43
    44
    45
    46
    47
    48
    49
    50
    51

    WEB页面恢复正常

    image-20221118221013276

    # 通过域名访问服务
    • testcoolops.chsaos.com
    # 查看Java服务的Igress域名
    $ kubectl get ns
    NAME                   STATUS   AGE
    argocd                 Active   29h
    default                Active   2d11h
    dev                    Active   30h
    ......
    
    $ kubectl get ingress -n dev
    NAME          CLASS    HOSTS                    ADDRESS   PORTS     AGE
    the-ingress   <none>   testcoolops.chsaos.com             80, 443   174m
    
    
    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12

    image-20221118221910498

    # 十、集成Gitlab

    # 通过Webhook触发Jenkins

    在Jenkins中选择项目,在项目中配置gitlab触发

    GitLab. GitLab webhook UR: http://jenkinsdemo.chsaos.com/project/devops-simple-java_TEST

    image-20221118224545426

    Secret token: eb5c5c10d5a421ed8fab115a31651f3d

    image-20221118224941459

    # Gitlab上配置集成

    进入项目-->项目设置-->集成

    image-20221118225417415

    • 配置Jenkins上生成的回调URL和TOKEN

    image-20221118225716505

    image-20221118225743528

    • Gitlab手动发送test观察是否触发流水线

    image-20221118225939794

    image-20221118230030878

    • 到ArgocdWEB界面手动SYNC

    image-20221118230822912

    image-20221118230857207

    image-20221118230259475

    image-20221118230556679

    • 访问Java ServiceIngress 域名

      https://testcoolops.chsaos.com/hello

    image-20221118230653481

    上次更新: 2024/04/09, 16:48:42
    Jenkins-Argocd CICD
    Jenkins-Argocd CICD Rollouts金丝雀发布

    ← Jenkins-Argocd CICD Jenkins-Argocd CICD Rollouts金丝雀发布→

    最近更新
    01
    AWS NAT-NetWork-Firwalld配置(一)
    04-09
    02
    AWS NAT-NetWork-Firwalld配置(二)
    04-09
    03
    kubernetes部署minio对象存储
    01-18
    更多文章>
    Theme by Vdoing | Copyright © 2019-2024 Bruce Tao Blog Space | MIT License
    • 跟随系统
    • 浅色模式
    • 深色模式
    • 阅读模式