CCP2 DevOps
Page content
DevOps
continous Delivery
- faster time to market
- immediate feedback
- shorter innovation cycle
- minimize risks
- only small changes
- prove that sw is building
- find broken build fast and early
- awareness of current sw status
- no dependencies on key personell
- Improve Product Quality
- automated testing & code auditing
- documentetd history of builds to verify issues
Phases of Software Automation Pipeline
- Build automation
- Developer runs build and unit tests on his machine
- Continuous Integration
- auto. build, test and integrate components and run integration tests
(Code auditing, security tests, Database tests, UI Tests) - runs on a continuos integration server
- auto. build, test and integrate components and run integration tests
- Continuous Delivery
- create releases, deploy to staging environment and run automatic acceptance tests
(stress tests, load tests, compliance tests) - ready for production, but deployment still has manual steps
- create releases, deploy to staging environment and run automatic acceptance tests
- Continous Deployment
- automatically deploy to prod after passing acceptance tests
- DevOps
- automatically run the operation of the production system
(config mgmt, infrastr. provisioning, monitoring, aut. health mgmt, scaling, …)
- automatically run the operation of the production system
Multi Stage Delivery
Environments
- Development Run the App per Developer/Team
- Test Run Integration, Functional and Performance Test in a dedicated test environment,
close to the productino env. - Staging Exact copy of production env.
- Production Environment accessible to the end user containing real production data
Best Practice
- changes always go to version control
- binary artefacts are only built once. same artifacts are used in all env.
- different configs to support env. specific requirements by env. variables
- some tooling used in all env.
Tekton Concept
- Step operation on a workflow (compile, run test, package, create image) each step runs in a specific container image
- Taks sequence of steps executed in order.
- Pipeline Collection of Tasks run in a directed acyclic graph (DAG)
- Inputs/Outputs Source and Targets to Read / Store artefacts
- PipelineRun / Task Run execution of a pipeline or task e.g. scheduled at specific intervals, triggered by events
LAB
Files
pipeline.yaml
kind: Pipeline
metadata:
name: build-deploy
spec:
params:
- name: buildRevision
description: The revision of the build, i.e. the tag or commit revision of the application repository
- name: appGitUrl
description: The application repository
- name: appSubDir
description: The subdirectory for the application in the app repository
default: ""
- name: configGitUrl
description: The application config (GitOps) repository
- name: configSubDir
description: The subdirectory for the application in the config repository
default: ""
- name: imageName
description: The application repository image name
- name: registryLocal
description: The public registry host
default: "registry.local:5000"
- name: registryPublic
description: The public registry host
default: "registry.160.85.253.63.nip.io:5000"
- name: gatewayHost
description: Host address of the application gateway
workspaces:
- name: app-source
- name: config-source
# check out the app source code
tasks:
- name: checkout-source
taskRef:
name: git-checkout
params:
- name: url
value: $(params.appGitUrl)
- name: revision
value: $(params.buildRevision)
workspaces:
- name: output
workspace: app-source
# display commit digest of the checked out repo
- name: display-results
runAfter:
- checkout-source
params:
- name: digest
value: $(tasks.checkout-source.results.commit)
taskSpec:
params:
- name: digest
description: Digest value to print.
steps:
- name: print
image: docker.io/library/bash:5.1.4@sha256:b208215a4655538be652b2769d82e576bc4d0a2bb132144c060efc5be8c3f5d6
script: |
#!/usr/bin/env bash
set -e
echo "Digest of checked out commit: $(params.digest)"
# build and push the image using Dockerfile
- name: build-push-image
taskRef:
name: docker-build
runAfter:
- checkout-source
params:
- name: image
value: "$(params.registryPublic)/$(params.imageName):$(params.buildRevision)"
- name: insecure_registry
value: $(params.registryPublic)
workspaces:
- name: source
workspace: app-source
subPath: $(params.appSubDir)
# deploy to staging
- name: deploy-staging
taskRef:
name: deploy
runAfter:
- build-push-image
params:
- name: environment
value: staging
- name: argo-app-name
value: sample-staging
- name: configGitUrl
value: $(params.configGitUrl)
- name: configSubDir
value: $(params.configSubDir)
- name: appImage
value: "$(params.registryLocal)/$(params.imageName)"
- name: buildRevision
value: $(params.buildRevision)
- name: gatewayHost
value: "staging.$(params.gatewayHost)"
workspaces:
- name: config-source
workspace: config-source
# run a pseudo test: here you would run extensive acceptance test
- name: run-systemtest
runAfter:
- deploy-staging
params:
- name: gateway
value: "staging.$(params.gatewayHost)"
taskSpec:
params:
- name: gateway
steps:
- name: ping
image: curlimages/curl:7.83.1
command: [curl]
args: ["-fIsS","--connect-timeout", "3", "http://$(params.gateway)"]
# deploy to production
- name: deploy-prod
taskRef:
name: deploy
runAfter:
- run-systemtest
params:
- name: environment
value: prod
- name: argo-app-name
value: sample-prod
- name: configGitUrl
value: $(params.configGitUrl)
- name: configSubDir
value: $(params.configSubDir)
- name: appImage
value: "$(params.registryLocal)/$(params.imageName)"
- name: buildRevision
value: $(params.buildRevision)
- name: gatewayHost
value: "$(params.gatewayHost)"
workspaces:
- name: config-source
workspace: config-source
# run a pseudo test: here you would run extensive smoke test
- name: run-smoke-test
runAfter:
- deploy-prod
params:
- name: gateway
value: "$(params.gatewayHost)"
taskSpec:
params:
- name: gateway
steps:
- name: ping
image: curlimages/curl:7.83.1
command: [curl]
args: ["-fIsS","--connect-timeout", "3", "http://$(params.gateway)"]
---