免费架构:Heroku 不免费了,何去何从之 eggjs 的容器化部署之路
前情提要
FROM node:15.4.0-alpine
ENV TIME_ZONE=Asia/Shanghai
RUN \
mkdir -p /usr/src/app \
&& apk add --no-cache tzdata \
&& echo "${TIME_ZONE}" > /etc/timezone \
&& ln -sf /usr/share/zoneinfo/${TIME_ZONE} /etc/localtime
WORKDIR /usr/src/app
# RUN npm i --registry=https://registry.npm.taobao.org
COPY . /usr/src/app
RUN yarn && yarn build
EXPOSE 7001
CMD yarn eggstart
"eggstart": "NODE_ENV=k8s EGG_SERVER_ENV=k8s eggctl start --workers=1 --no-daemon",
docker build -t jefftian/alpha:"$1" .
docker images
docker run --network host -e CI=true -d -p 127.0.0.1:7001:7001 --name alpha:"$1"
jefftian/alpha
docker ps | grep -q alpha
docker ps -aqf "name=alpha$"
docker push jefftian/alpha:"$1"
docker logs $(docker ps -aqf name=alpha$)
curl localhost:7001 || docker logs $(docker ps -aqf name=alpha$)
docker kill alpha || echo "alpha killed"
docker rm alpha || echo "alpha removed"
sh ./dockerize.sh test-tag
- run: wget https://github.com/mozilla/sops/releases/download/v3.7.3/sops-v3.7.3.linux.amd64
- run: sudo cp sops-v3.7.3.linux.amd64 /usr/local/bin/sops
- run: sudo chmod +x /usr/local/bin/sops
creation_rules:
# If assuming roles for another account use "arn+role_arn".
# See Advanced usage
path_regex: k8s\/secrets\.yaml$
kms: "arn:aws:kms:us-east-1:443862765029:key/b1739688-ec15-407d-895d-d05ca1217a2f"
aws_profile: lambda-doc-rotary
[lambda-doc-rotary]
aws_access_key_id = xxx
aws_secret_access_key = yyy
- run: mkdir ${HOME}/.aws
- run: echo -e "[lambda-doc-rotary]\naws_access_key_id = ${{secrets.AWS_ACCESS_KEY}}\naws_secret_access_key = ${{secrets.AWS_SECRET_KEY}}\n" > ~/.aws/config
sops -e -i k8s/secrets.yaml --aws-profile lambda-doc-rotary
sops -d -i k8s/secrets.yaml --aws-profile lambda-doc-rotary
apiVersion: v1
kind: Secret
metadata:
name: alpha-secrets
labels:
branch: main
type: Opaque
stringData:
MYSQL_HOST: alpha.xxxx.rds.cn-northwest-1.amazonaws.com.cn
MYSQL_PORT: "3306"
MYSQL_USERNAME: admin
MYSQL_PASSWORD: yyyy
MYSQL_DATABASE: alpha
REDIS_URI: redis://username:password@host:port
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
bases: []
resources:
- deployment.yaml
- service.yaml
apiVersion: v1
kind: Service
metadata:
name: alpha
annotations:
'true' :
spec:
type: ClusterIP
ports:
name: tcp
port: 7001
protocol: TCP
targetPort: 7001
selector:
app: alpha
tier: backend
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: alpha
tier: backend
deployedBy: deploy-node-app
name: alpha
spec:
minReadySeconds: 5
progressDeadlineSeconds: 600
replicas: 2
revisionHistoryLimit: 10
selector:
matchLabels:
app: alpha
tier: backend
strategy:
rollingUpdate:
maxSurge: 1
maxUnavailable: 0
type: RollingUpdate
template:
metadata:
labels:
app: alpha
tier: backend
deployedBy: deploy-node-app
spec:
containers:
image: jefftian/alpha
imagePullPolicy: Always
name: alpha
ports:
containerPort: 7001
name: http
protocol: TCP
resources:
limits:
cpu: 500m
memory: 512Mi
requests:
cpu: 250m
memory: 256Mi
envFrom:
secretRef:
name: alpha-secrets
restartPolicy: Always
terminationGracePeriodSeconds: 30
build-docker-image:
runs-on: ubuntu-latest
needs: build
steps:
- uses: actions/checkout@v3
- run: echo "${{secrets.DOCKER_PASSWORD}}" | docker login -u "${{secrets.DOCKER_USERNAME}}" --password-stdin
- run: git_hash=$(git rev-parse ${{ github.sha }})
- run: sh .github/dockerize.sh ${{ github.sha }}
deploy-okteto:
runs-on: ubuntu-latest
needs: build-docker-image
steps:
- uses: actions/checkout@v3
- run: mkdir ${HOME}/.aws
- run: echo -e "[lambda-doc-rotary]\naws_access_key_id = ${{secrets.AWS_ACCESS_KEY}}\naws_secret_access_key = ${{secrets.AWS_SECRET_KEY}}\n" > ~/.aws/config
- run: wget https://github.com/mozilla/sops/releases/download/v3.7.3/sops-v3.7.3.linux.amd64
- run: sudo cp sops-v3.7.3.linux.amd64 /usr/local/bin/sops
- run: sudo chmod +x /usr/local/bin/sops
- run: curl -LO https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl
- run: chmod +x ./kubectl
- run: sudo mv ./kubectl /usr/local/bin/kubectl
- run: mkdir ${HOME}/.kube
- run: npm i -g k8ss
- run: echo -e "machine github.com\n login ${{secrets.GH_TOKEN}}" > ~/.netrc
- run: git clone https://github.com/Jeff-Tian/k8s-config.git ${HOME}/k8s-config
- run: k8ss switch --cluster=okteto --namespace=jeff-tian
- run: sops -d k8s/secrets.yaml --aws-profile lambda-doc-rotary | kubectl apply -f -
- run: kubectl apply -k k8s
- run: kubectl set image deployment alpha alpha=jefftian/alpha:${{ github.sha }}
评论