Kubernetes-Rancher CI/CD Pipeline
We have our own Gitlab so and we run our own registry on the -dev Cluster, I thought it will be easy to do so but it wasn’t that easy and I lost about 8 Hours until I found out that had to open the required Ports on the Firewall :).
See this works.
Tools in use
- Rancher 2.x for Kubernetes with RBAC, Metrics, Logging and much more.
- Gitlab on-premises alternative to github.com
- Harbor not yet in use but will be soon our container registry
- Let’s Encrypt Let’s Encrypt
The Docker Container
I use a multi-stage build to generate the page in a container and serve a copy of the page after in a nginx container.
See this Dockerfile
# Build public with hugo FROM jguyomard/hugo-builder:latest COPY . /build WORKDIR /build RUN hugo -b https://rene.jochums.at -v -t persona # Copy to a nginx container FROM nginx:1.17-alpine COPY docker/nginx/nginx.conf /etc/nginx/ COPY docker/nginx/default.conf /etc/nginx/conf.d/ # This is important "COPY --from=0" line where --from=0 means copy from the first container. COPY --from=0 /build/public /var/www/rene.jochums.at
With lots of try-and-error testing I got this deployment.yaml together.
Its important that you have to add the registry to your Project first, in this case registry.dev.wmk8s.com.
And the pipeline itself
The last step after the container and the deployment was to create a .rancher-pipeline.yml in my repo, I used Rancher -> Cluster dev -> Project -> Workloads -> Pipelines to generate it.
stages: - name: Build steps: - publishImageConfig: dockerfilePath: ./Dockerfile buildContext: . tag: pcdummy/renejochumsat:latest pushRemote: true registry: registry.dev.wmk8s.com - name: Deploy steps: - applyYamlConfig: path: ./deployment.yaml timeout: 60 notification: recipients: - recipient: firstname.lastname@example.org notifier: local:n-mtzwd condition: - Success - Changed - Failed
If it doesn’t trigger
Look at this if it doesn’t trigger your build.