ArgoCd
Argo是一组k8s原生工具集,用于运行和管理k8s上的作业和应用程序.Argo提供了一种在k8s上创建工作和应用的三种计算模式:服务模式,工作流模式和基于事件模式.所有的Argo工具都实现为了创建控制器和自定义资源.
为什么选ArgoCD
应用程序的定义,配置和环境都应该是声明性的,并授权版本控制.应用程序部署和生命周期管理应该是自动化的,可审计的,易于理解的.
1. 安装ArgoCd
1.1 创建命名空间
kubectl create ns argocd
1.2 修改安装文件
wget https://raw.githubusercontent.com/argoproj/argo-cd/v2.4.11/manifests/install.yaml
vi install.yaml
## 略
containers:
- command:
- argocd-server
## 追加这行
- --insecure
env:
- name: ARGOCD_SERVER_INSECURE
创建资源
kubectl apply -f install.yaml -n argocd
确认服务正常
root@master-01:/opt/argocd# kubectl get pods,svc -n argocd
NAME READY STATUS RESTARTS AGE
pod/argocd-application-controller-0 1/1 Running 0 2m3s
pod/argocd-applicationset-controller-78b8b554f9-7d6xn 1/1 Running 0 2m3s
pod/argocd-dex-server-86947f7b-t8447 1/1 Running 1 2m3s
pod/argocd-notifications-controller-775d9954cb-922wb 1/1 Running 0 2m3s
pod/argocd-redis-599b855497-tmqn8 1/1 Running 0 2m3s
pod/argocd-repo-server-54785f99fd-k956p 1/1 Running 0 2m3s
pod/argocd-server-d7b97c76d-cwgrb 1/1 Running 0 2m3s
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/argocd-applicationset-controller ClusterIP 10.200.31.42 <none> 7000/TCP,8080/TCP 2m3s
service/argocd-dex-server ClusterIP 10.200.102.68 <none> 5556/TCP,5557/TCP,5558/TCP 2m3s
service/argocd-metrics ClusterIP 10.200.191.92 <none> 8082/TCP 2m3s
service/argocd-notifications-controller-metrics ClusterIP 10.200.149.16 <none> 9001/TCP 2m3s
service/argocd-redis ClusterIP 10.200.150.231 <none> 6379/TCP 2m3s
service/argocd-repo-server ClusterIP 10.200.122.178 <none> 8081/TCP,8084/TCP 2m3s
service/argocd-server ClusterIP 10.200.164.173 <none> 80/TCP,443/TCP 2m3s
service/argocd-server-metrics ClusterIP 10.200.133.227 <none> 8083/TCP 2m3s
1.3 创建ingress
ingress-argocd.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: argocd-ingress
namespace: argocd
annotations:
kubernetes.io/ingress.class: nginx
spec:
rules:
- host: argocd.intra.com
http:
paths:
- path: "/"
pathType: Prefix
backend:
service:
name: argocd-server
port:
number: 80
创建ingress
kubectl apply -f ingress-argocd.yaml -n argocd
当ingress正常后,添加hosts进行解析或者配置dns
# kubectl get ingress -n argocd
NAME CLASS HOSTS ADDRESS PORTS AGE
argocd-ingress <none> argocd.intra.com 192.168.31.52 80 103s
# kubectl get svc -n ingress-nginx
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
ingress-nginx-controller LoadBalancer 10.200.77.80 192.168.31.230 80:30363/TCP,443:30914/TCP 5h14m
ingress-nginx-controller-admission ClusterIP 10.200.42.99 <none> 443/TCP 105d
hosts中追加
192.168.31.230 argocd.intra.com
1.4 获取登录密码
kubectl get secret -n argocd argocd-initial-admin-secret -o yaml
获取到password为:
MG5vdnVtY05MR1V4d2xxVw==
解密
echo MG5vdnVtY05MR1V4d2xxVw==|base64 -d
结果为
0novumcNLGUxwlqW
默认用户名为admin,密码就是刚才解密出来的
2. 下载argocd客户端
wget https://github.com/argoproj/argo-cd/releases/download/v2.4.11/argocd-linux-amd64
chmod +x argocd-linux-amd64
mv argocd-linux-amd64 /usr/local/bin/argocd
查看版本
argocd version
argocd: v2.4.11+3d9e9f2
BuildDate: 2022-08-22T09:35:38Z
GitCommit: 3d9e9f2f95b7801b90377ecfc4073e5f0f07205b
GitTreeState: clean
GoVersion: go1.18.5
Compiler: gc
Platform: linux/amd64
FATA[0000] Argo CD server address unspecified
3. 登录Argocd
3.1 域名解析
192.168.31.230 argocd.intra.com
argocd login argocd.intra.com
3.2 更新密码
argocd account update-password
4. Kustomize安装
当开发者push代码以后,gitlab-runner会在gitlab-ce服务器执行流水线里定义具体的操作,流水线步骤里定义了gitlab-runner通过kustomize客户端工具修改应用部署资源清单文件里的容器镜像版本,并重新push代码到代码仓库,所以需要在gitlab-ce服务器中安装Kustomize
wget https://github.com/kubernetes-sigs/kustomize/releases/download/kustomize%2Fv4.5.7/kustomize_v4.5.7_linux_amd64.tar.gz
tar xf kustomize_v4.5.7_linux_amd64.tar.gz
mv kustomize /usr/bin/
确认版本
# kustomize version
{Version:kustomize/v4.5.7 GitCommit:56d82a8378dfc8dc3b3b1085e5a6e67b82966bd7 BuildDate:2022-08-02T16:35:54Z GoOs:linux GoArch:amd64}
5. Gitlab runner安装
Gitlab Runner是一个开源项目,用于运行作业并将结果发送给Gitlab,他与Gitlab CI一起使用,Gitlab CI是Gitlab的持续集成服务,用于协调作业.相当于流水线工人.
5.1 创建组
选择创建组
5.2 创建项目
5.3 安装runnner
在gitlab服务器上操作
wget https://gitlab-runner-downloads.s3.amazonaws.com/latest/binaries/gitlab-runner-linux-amd64 -O /usr/bin/gitlab-runner
chmod +x /usr/bin/gitlan-runner
5.4 配置gitlab-runner
创建gitlab-runner用户
useradd --comment 'GitLab Runner' --create-home gitlab-runner --shell /bin/bash
配置工作目录
gitlab-runner install --user=gitlab-runner --working-directory=/home/gitlab-runner
启动gitlab-runner
gitlab-runner start
查看gitlab-runner状态
root@gitlab-ce:~# ps -aux |grep gitlab-runner
root 102988 0.0 1.0 765700 42680 ? Ssl 04:32 0:00 /usr/bin/gitlab-runner run --working-directory /home/gitlab-runner --config /etc/gitlab-runner/config.toml --service gitlab-runner --user gitlab-runner
root 103030 0.0 0.0 13140 1060 pts/2 S+ 04:33 0:00 grep --color=auto gitlab-runner
5.4 添加gitlab-runner实例
gitlab-runner register
依次填入
- url(来自上图)
- token(上图)
- 项目名称
- 执行方式
调整配置文件
cat /etc/gitlab-runner/config.toml
concurrent = 1
check_interval = 0
shutdown_timeout = 0
[session_server]
session_timeout = 1800
[[runners]]
name = "apidemo"
url = "http://192.168.31.14/"
id = 1
token = "EZwQzJkSVhCcBEXUU4Ds"
token_obtained_at = 2023-03-29T04:37:36Z
token_expires_at = 0001-01-01T00:00:00Z
executor = "shell"
[runners.custom_build_dir]
## 添加这行来固定日志文件位置
enabled=true
[runners.cache]
MaxUploadedArchiveSize = 0
5.5 启动gitlab-runner
gitlab-runner run &
输出
arch=amd64 os=linux pid=103251 revision=456e3482 version=15.10.0
Starting multi-runner from /etc/gitlab-runner/config.toml... builds=0
Running in system-mode.
Configuration loaded builds=0
listen_address not defined, metrics & debug endpoints disabled builds=0
[session_server].listen_address not defined, session endpoints disabled builds=0
Initializing executor providers builds=0
5.6 gitlab-runner Docker配置
授权gitlab-runner用户使用docker
usermod -G docker gitlab-runner
# id gitlab-runner
uid=1001(gitlab-runner) gid=1001(gitlab-runner) groups=1001(gitlab-runner),994(docker)
5.7 项目配置gitlab-runner
去掉 □ Lock to current projects的选中
至此argocd和gitlab-runner安装配置完毕
