Goolge Cloud Skills Boost

[GSP330]Implement DevOps in Google Cloud: Challenge Lab

컨텐츠 정보

본문

![E9VdW6ATD9cdUB7yQcQsqbaFXZKjw4djfO_6rzNCZGI=.png](https://goorm.it/data/editor/2211/2890388086_1667572770.5828.png "E9VdW6ATD9cdUB7yQcQsqbaFXZKjw4djfO_6rzNCZGI=.png") > 팁과 트릭을 미리 읽고 퀘스트를 진행하면 많은 도움이 됩니다. # Tips and Tricks * Tip 1 The VPC networks and Kubernetes cluster have been created for you but the Kubernetes namespaces required by your Jenkins configuration have not been created for you. You must create the production namespace that the Jenkins configuration file requires before pushing changes that will trigger a Jenkins production or canary build. * Tip 2 The name of the Jenkins secret that contains the admin username and password keys (cd-jenkins) is not the same as the name of the cluster (jenkins-cd). * Tip 3 The git repository URL for your sample application is in the form https://source.developers.google.com/p/[PROJECT_ID]/r/sample-app where [PROJECT_ID] must be replaced by your lab project ID. * Tip 4 The Jenkins UI is not connected to the internet directly. You must configure a Kubernetes proxy using kubectl to connect to the Jenkins Master Pod on port 8080. Tip 5 The Development deployments are not exposed to external traffic for security reasons. In order to test the Development version of the application you will need to connect to the Kubernetes cluster using kubectl proxy and then query the front-end service via localhost. # Implement DevOps in Google Cloud: Challenge Lab In this article, we will go through the lab to Implement DevOps in Google Cloud. You will practice the skills in implementing a continuous deployment pipeline using the Jenkins build and deployment automation tool. The challenge contains 4 required tasks - Check Jenkins pipeline has been configured. - Check that Jenkins has deployed a development pipeline. - Check that Jenkins has deployed a canary pipeline. - Check that Jenkins has merged a canary pipeline with production. Some Jooli Inc. standards you should follow: - Create all resources in the us-east1 region and us-east1-b zone, unless otherwise directed. - Use the project VPCs. - Naming is normally team-resource, e.g. an instance could be named kraken-webserver1. - Allocate cost effective resource sizes. Projects are monitored and excessive resource use will result in the containing project’s termination (and possibly yours), so beware. This is the guidance the monitoring team is willing to share; unless directed, use n1-standard-1. ### 1.Configure a Jenkins pipeline for continuous deployment to Kubernetes Engine. In this step you have to Clone the repository, Checking a Kubernetes cluster, Install and Setup Helm, Configure and Install Jenkins, Connect to Jenkins, Deploying the Application, Creating the Jenkins Pipeline, Adding your service account credentials, and Creating the Jenkins job. #### cluster is running Check 클러스터가 실행 중인지 확인 ``` gcloud container clusters list kubectl cluster-info ``` ``` gcloud container clusters get-credentials jenkins-cd kubectl create clusterrolebinding cluster-admin-binding --clusterrole=cluster-admin --user=$(gcloud config get-value account) helm repo add stable https://charts.helm.sh/stable helm repo update helm install cd stable/jenkins ``` #### Clone the repository - To get set up, open a new session in Cloud Shell and run the following command to set your zone `us-east1-x`. Change ! ``` ssh gcloud config set compute/zone us-east1-x ``` - Then clone the lab’s sample code. ``` ssh git clone https://source.developers.google.com/p/$DEVSHELL_PROJECT_ID/r/sample-app ``` #### Checking a Kubernetes cluster. - In the GCP Console go to `Navigation Menu >Kubernetes Engine > Clusters` - Then Check cluster named `jenkins-cd`. Now, get the credentials for your cluster. ``` ssh gcloud container clusters get-credentials jenkins-cd --zone us-east1-b --project $DEVSHELL_PROJECT_ID ``` Kubernetes Engine uses these credentials to access your newly provisioned cluster confirm that you can connect to it by running the following command. ``` ssh kubectl cluster-info ``` - Navigate to Source Repositories, click on `sample-app` and review the Jenkins file in the root of that repository. #### Install and Setup Helm. You will use Helm to install Jenkins from the Charts repository. Helm is a package manager that makes it easy to configure and deploy Kubernetes applications. Once you have Jenkins installed, you’ll be able to set up your CI/CD pipeline. ``` ssh helm repo add jenkins https://charts.jenkins.io ``` - Ensure the repo is up to date. ``` ssh helm repo update ``` #### Configure and Install Jenkins. - Use git to clone the lab’s sample code. ``` ssh git clone https://github.com/GoogleCloudPlatform/continuous-deployment-on-kubernetes.git ``` - Change to the following directory. ``` ssh cd continuous-deployment-on-kubernetes ``` - To configure and install Jenkins, run the following command to deploy with the Helm CLI. ``` ssh helm install cd stable/jenkins -f jenkins/values.yaml --version 1.2.2 --wait ``` - Once that command completes ensure the Jenkins pod goes to the Running state and the container is in the READY state. ``` ssh kubectl get pods ``` - Run the following command to setup port forwarding to the Jenkins UI from the Cloud Shell. ``` ssh export POD_NAME=$(kubectl get pods --namespace default -l "app.kubernetes.io/component=jenkins-master" -l "app.kubernetes.io/instance=cd" -o jsonpath="{.items[0].metadata.name}") kubectl port-forward $POD_NAME 8080:8080 >> /dev/null & ``` - Now, check that the Jenkins Service was created properly. ``` ssh kubectl get svc ``` #### Connect to Jenkins - The Jenkins chart will automatically create an `admin password` for you. To retrieve it, run. ``` ssh printf $(kubectl get secret cd-jenkins -o jsonpath="{.data.jenkins-admin-password}" | base64 --decode);echo ``` - To get to the Jenkins user interface, click on the `Web Preview` button in cloud shell, then click `Preview on port 8080` - You should now be able to log in with username `admin` and your auto-generated password. #### Deploying the Application. - In Google Cloud Shell, navigate to the sample application directory. ``` ssh cd ~/sample-app ``` - Create the Kubernetes namespace to logically isolate the deployment. ``` ssh kubectl create ns production ``` Create the production and canary deployments, and the services using the kubectl apply commands. ``` ssh kubectl apply -f k8s/production -n production kubectl apply -f k8s/canary -n production kubectl apply -f k8s/services -n production ``` - Retrieve the external IP for the production services. ``` ssh kubectl get service gceme-frontend -n production ``` #### Creating the Jenkins Pipeline Initialize the sample-app directory as its own Git repository. ``` ssh git init git config credential.helper gcloud.sh ``` - Run the following command. ``` ssh git remote add origin https://source.developers.google.com/p/$DEVSHELL_PROJECT_ID/r/default ``` Set the username and email address for your Git commits. Replace `[EMAIL_ADDRESS]` with your Git email address and `[USERNAME]` with your Git username. ``` ssh git config --global user.email "[EMAIL_ADDRESS]" git config --global user.name "[YOUR_USERNAME]" ``` - Add, commit, and push the files. ``` ssh git add . git commit -m "Initial commit" git push origin master ``` #### Adding your service account credentials Configure your credentials to allow Jenkins to access the code repository. Jenkins will use your cluster’s service account credentials in order to download code from the Cloud Source Repositories. - In the Jenkins user interface, click `Manage Jenkins` in the left navigation then click `Manage Credentials`. - Click `Jenkins`. - Click `Global credentials (unrestricted)`. - Click `Add Credentials` in the left navigation. - Select `Google Service Account from metadata` from the Kind drop-down and click OK. The global credentials has been added. The name of the credential is the Project ID found in the CONNECTION DETAILS section of the lab. #### Creating the Jenkins job. Navigate to your Jenkins user interface and follow these steps to configure a Pipeline job. - Click `New Item` in the left navigation. - Name the project `sample-app`, then choose the `Multibranch Pipeline` option and click OK. - On the next page, in the Branch Sources section, click `Add Source` and select `git`. - Paste the HTTPS clone URL of your `sample-app` repo in Cloud Source Repositories into the Project Repository field. > Replace `[PROJECT_ID]` with your Project ID. ``` ssh https://source.developers.google.com/p/[PROJECT_ID]/r/sample-app ``` - Select the service account for your `GCP project` from the Credentials dropdown list. - Under `Scan Multibranch Pipeline Triggers` section, check the `Periodically if not otherwise` run box and set the Interval value to `1 minute`. - Click `Save` leaving all other options with their defaults. ### 2.Push an update to the application to a development branch. In this task, you need to Modify the site. - Create a development branch and push it to the Git server. ``` ssh git checkout -b new-feature ``` - Now Open `html.go` ``` ssh vi html.go ``` - Then Start the editor. `i` - Change the two instances of `
` with `Your Colour` ``` bash
``` - Save the `html.go` file: press `Esc` then. `:wq` - Now Open `main.go` ``` bash vi main.go ``` - Then Start the editor. `i` - The version is defined in this line. ``` bash const version string = "1.0.0" ``` - Update it to the `Your Version` ``` bash const version string = "Version" ``` - Save the main.go file one more time: Esc then. `:wq` - Commit and push your changes. ``` bash git config --global user.email "[EMAIL_ADDRESS]" git config --global user.name "[USERNAME]" git add Jenkinsfile html.go main.go git commit -m "Version 2.0.0" git push origin new-feature ``` ### 3.Push a Canary deployment to the production namespace. In this task, you need to create a new branch called canary, merge the development branch with it, and push that to the repository. - Now Go to the SSH window, run the following command to create a canary branch in the sample-app directory. ``` bash git checkout -b canary ``` - Merge the change from the development branch. ``` bash git merge new-feature ``` - Now Push the canary to the Git server. ``` bash git push origin canary ``` ### 4.Promote the Canary Deployment to production. In this task, you need to MERGE and PUSH it to the Git Server. - Now Go to the SSH window, run the following commands to merge the canary branch and push it to the Git server. ``` bash git checkout master git merge canary git push origin master ``` - In Jenkins, you should see the master pipeline has kicked off. - You can check the service URL to ensure that all of the traffic is being served by your new version, 2.0.0. ``` ssh export FRONTEND_SERVICE_IP=$(kubectl get -o \ jsonpath="{.status.loadBalancer.ingress[0].ip}" --namespace=production services gceme-frontend) ``` # Task 1: Configure a Jenkins pipeline for continuous deployment to Kubernetes Engine (작업 1: Kubernetes Engine에 지속적 배포를 위한 Jenkins 파이프라인 구성 ) ``` gcloud config set compute/zone us-east1-b git clone https://source.developers.google.com/p/$DEVSHELL_PROJECT_ID/r/sample-app gcloud container clusters get-credentials jenkins-cd kubectl create clusterrolebinding cluster-admin-binding --clusterrole=cluster-admin --user=$(gcloud config get-value account) helm repo add stable https://charts.helm.sh/stable helm repo update helm install cd stable/jenkins kubectl get pods export POD_NAME=$(kubectl get pods --namespace default -l "app.kubernetes.io/component=jenkins-master" -l "app.kubernetes.io/instance=cd" -o jsonpath="{.items[0].metadata.name}") kubectl port-forward $POD_NAME 8080:8080 >> /dev/null & printf $(kubectl get secret cd-jenkins -o jsonpath="{.data.jenkins-admin-password}" | base64 --decode);echo cd sample-app kubectl create ns production kubectl apply -f k8s/production -n production kubectl apply -f k8s/canary -n production kubectl apply -f k8s/services -n production ``` ## Web으로 이동 [Dashboard] >> [Jenkins 관리 Manger] >> [Credentials] manage/credentials/ ![capture 2022-11-05 AM 12.19.25.png](https://goorm.it/data/editor/2211/2728309375_1667575178.8365.png "capture 2022-11-05 AM 12.19.25.png") ![capture 2022-11-05 AM 12.21.03.png](https://goorm.it/data/editor/2211/2890202821_1667575288.7846.png "capture 2022-11-05 AM 12.21.03.png") ## Multibranch Pipeline ![capture 2022-11-05 AM 12.27.27.png](https://goorm.it/data/editor/2211/2890389128_1667575663.311.png "capture 2022-11-05 AM 12.27.27.png") ``` kubectl get svc kubectl get service gceme-frontend -n production ``` ``` git init git config credential.helper gcloud.sh git remote add origin https://source.developers.google.com/p/$DEVSHELL_PROJECT_ID/r/sample-app git config --global user.email "" git config --global user.name "" git add . git commit -m "initial commit" git push origin master ``` open editor SAVE ![capture 2022-11-05 AM 12.43.51.png](https://goorm.it/data/editor/2211/2890389049_1667576644.623.png "capture 2022-11-05 AM 12.43.51.png") ## TEST Version 배포 (Depoly) ``` git checkout -b new-feature git add Jenkinsfile html.go main.go git commit -m "Version 1.2.0" git push origin new-feature ``` ``` curl http://localhost:8001/api/v1/namespaces/new-feature/services/gceme-frontend:80/proxy/version kubectl get service gceme-frontend -n production ``` ## canary 버전 배포(Depoly) ``` git checkout -b canary git push origin canary export FRONTEND_SERVICE_IP=$(kubectl get -o \ jsonpath="{.status.loadBalancer.ingress[0].ip}" --namespace=production services gceme-frontend) git checkout master git push origin master export FRONTEND_SERVICE_IP=$(kubectl get -o \ jsonpath="{.status.loadBalancer.ingress[0].ip}" --namespace=production services gceme-frontend) while true; do curl http://$FRONTEND_SERVICE_IP/version; sleep 1; done ``` ``` kubectl get service gceme-frontend -n production ``` ``` git merge canary git push origin master export FRONTEND_SERVICE_IP=$(kubectl get -o \ jsonpath="{.status.loadBalancer.ingress[0].ip}" --namespace=production services gceme-frontend) ```

관련자료

댓글 3 / 1 페이지

goorumi님의 댓글

goorumi님의 댓글

https://docs.google.com/document/d/1uEUf395McqHvMauXi_S5i1h466Rti76M1YBH89ejjRY/edit



계속 실패가 나서, 다른 분 유튜브 참고 했습니다.
Jenkin에서 Cloud 설정 Kubernets 에서 
아래의 부분을 넣어 주어야 한다고 합니다.

In the Jenkins URL field, enter the following value: http://cd-jenkins:8080
In the Jenkins tunnel field, enter the following value: cd-jenkins-agent:50000

이 Lab은 한번에 되지 않고, 새로고침을 누르고 기다리면 됩니다.
전체 21 / 1 페이지
RSS