week3 #8
Comments
Issue 추천
|
Week3 진행 순서
|
Safe Harbor deployment동작 흐름
MR pipeline
MR Merge 후 main branch pipeline
파이프라인 커스텀 (1차)review_production:
extends: .auto-deploy
stage: review-production
script:
- auto-deploy check_kube_domain
- auto-deploy download_chart
- auto-deploy use_kube_context || true
- auto-deploy ensure_namespace
- |
if kubectl get namespace ${KUBE_NAMESPACE} -o jsonpath='{.metadata.labels.istio-injection}' | grep -q "enabled"; then
echo "istio-injection label already exists and is set to enabled. Skipping..."
else
echo "Setting istio-injection label..."
kubectl label namespace "${KUBE_NAMESPACE}" istio-injection=enabled
fi
- auto-deploy initialize_tiller
- auto-deploy create_secret
- auto-deploy deploy
- auto-deploy persist_environment_url
environment:
name: review-production/$CI_COMMIT_REF_NAME
url: http://$CI_PROJECT_PATH_SLUG-review-prod.$KUBE_INGRESS_BASE_DOMAIN
on_stop: stop_review_production
artifacts:
paths: [environment_url.txt, tiller.log]
when: always
rules:
- if: '$CI_PIPELINE_SOURCE == "merge_request_event" && $CI_MERGE_REQUEST_TARGET_BRANCH_NAME == "main" && $REVIEW_PRODUCTION_ENABLED == "true" && $PRODUCTION_ADDITIONAL_HOSTS != null'
when: manual
stop_review_production:
extends: .auto-deploy
stage: cleanup
variables:
GIT_STRATEGY: none
script:
- auto-deploy use_kube_context || true
- auto-deploy initialize_tiller
- auto-deploy delete
environment:
name: review-production/$CI_COMMIT_REF_NAME
action: stop
rules:
- if: '$CI_PIPELINE_SOURCE == "merge_request_event" && $CI_MERGE_REQUEST_TARGET_BRANCH_NAME == "main" && $REVIEW_PRODUCTION_ENABLED == "true" && $PRODUCTION_ADDITIONAL_HOSTS != null'
when: manual
route_to_production_only:
extends: .auto-deploy
stage: cleanup
variables:
GIT_STRATEGY: none
script:
- auto-deploy use_kube_context || true
- |
cat <<EOF > virtualService.yaml
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: review-prod-virtual-service
namespace: "${KUBE_NAMESPACE}"
spec:
gateways:
- review-prod-gateway
hosts:
- "${PRODUCTION_ADDITIONAL_HOSTS}"
http:
- route:
- destination:
host: production-auto-deploy
subset: production
EOF
- kubectl apply -f virtualService.yaml
environment:
name: review-production/$CI_COMMIT_REF_NAME
action: stop
rules:
- if: '$CI_PIPELINE_SOURCE == "merge_request_event" && $CI_MERGE_REQUEST_TARGET_BRANCH_NAME == "main" && $REVIEW_PRODUCTION_ENABLED == "true" && $PRODUCTION_ADDITIONAL_HOSTS != null'
when: manual
apply_istio_custom_resources:
extends: .auto-deploy
stage: review-production
image: "registry.gitlab.com/gitlab-org/cluster-integration/auto-deploy-image:v2.17.0"
script:
- auto-deploy use_kube_context || true
- |
echo "Creating Istio Custom Resources"
echo "${KUBE_CONTEXT}"
- |
cat <<EOF > gateway.yaml
apiVersion: networking.istio.io/v1alpha3
kind: Gateway
metadata:
name: review-prod-gateway
namespace: "${KUBE_NAMESPACE}"
spec:
selector:
istio: ingressgateway
servers:
- port:
number: 80
name: http
protocol: HTTP
hosts:
- "${PRODUCTION_ADDITIONAL_HOSTS}"
EOF
- |
cat <<EOF > virtualService.yaml
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: review-prod-virtual-service
namespace: "${KUBE_NAMESPACE}"
spec:
gateways:
- review-prod-gateway
hosts:
- "${PRODUCTION_ADDITIONAL_HOSTS}"
http:
- match:
- headers:
x-forwarded-for:
prefix: "${REVIEW_PRODUCTION_ALLOWED_IP}"
route:
- destination:
host: review-production-orddqb-auto-deploy
subset: review
- route:
- destination:
host: production-auto-deploy
subset: production
EOF
- |
cat <<EOF > destinationRule.yaml
apiVersion: networking.istio.io/v1alpha3
kind: DestinationRule
metadata:
name: review-prod-destination-rule
namespace: "${KUBE_NAMESPACE}"
spec:
host: review-production-orddqb-auto-deploy
subsets:
- name: review
labels:
app.kubernetes.io/name: review-production-orddqb
---
apiVersion: networking.istio.io/v1alpha3
kind: DestinationRule
metadata:
name: production-destination-rule
namespace: "${KUBE_NAMESPACE}"
spec:
host: production-auto-deploy
subsets:
- name: production
labels:
app.kubernetes.io/name: production
EOF
- kubectl apply -f gateway.yaml
- kubectl apply -f virtualService.yaml
- kubectl apply -f destinationRule.yaml
rules:
- if: '$CI_PIPELINE_SOURCE == "merge_request_event" && $CI_MERGE_REQUEST_TARGET_BRANCH_NAME == "main" && $REVIEW_PRODUCTION_ENABLED == "true" && $PRODUCTION_ADDITIONAL_HOSTS != null'
when: manual |
|
kubectl -n istio-system get configmap istio -o=jsonpath='{.data.mesh}' > mesh-config.yaml |
@opp-13 저는 이 명령어를 실행했을 때 아래와 같이 나오네요 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Introducing Envoy
Telemetry
The text was updated successfully, but these errors were encountered: