Author | Cuncheng Alibaba Cloud Elastic Computing Team
Source | Serverless Official Account, compiled from "Serverless Technology Open Course"
Introduction : This section of the course introduces you how to quickly build a GitLab continuous integration environment based on Alibaba Cloud Serverless Kubernetes (ASK) services.
ASK introduction
First of all, what is ASK? ASK is a serverless Kubernetes container service launched by Alibaba Cloud. Compared with the traditional Kubernetes service, the biggest feature of ASK is that it connects to the Kubernetes cluster through virtual nodes, and the Kubernetes Master node is also completely hosted by Alibaba Cloud Container Service. Therefore, in the entire ASK cluster, users do not need to manage and operate real nodes, but only need to care about Pod resources. The Pod in ASK is hosted by the Alibaba Cloud Elastic Container Instance ECI.
The main advantages of ASK are as follows:
- Lower the threshold for users to use Kubernetes without managing Node nodes;
- No need to consider node capacity planning;
- On-demand billing based on Pod;
- Downtime failure has a small impact and is of Pod level.
At the same time, the main applicable scenarios of ASK are:
- Online business flexibility (video live broadcast, online education);
- Big data computing (Spark);
- Timed task
- CI/CD continuous integration.
Advantages of GitLab CI on ASK
Speaking of CI/CD, the two most familiar tools are Jenkins and GitLab CI. With the popularity of the Devops role, more and more companies adopt GitLab CI as a continuous integration tool. Let me introduce you to Download GitLab CI on ASK. gitlab-runner is registered in the ASK cluster as a Pod, and each CI/CD stage corresponds to a Pod.
The advantages of this are the following:
- High service availability (Deployment+PVC);
- There is no need to maintain K8s Master and Node nodes. Without any construction tasks, only one Pod (gitlab-runner) needs to be run;
- Trigger a build task, start a Pod, and charge on demand;
- Downtime failure will only affect the Pod as a unit.
Practical demonstration
Next, I will show you how to deploy gitlab-runner on the ASK cluster of Alibaba Cloud, and deploy Java applications to the ASK cluster through the gitlab CICD Pipeline.
The main knowledge points involved are:
- Save the configuration of gitlab runner and executor through configMap;
- Save the access credentials of the ASK cluster and the key of the mirror warehouse through the secret;
- Cache runner cache and maven warehouse through PVC;
- Cache container images through imageCache.
All the configuration files (yaml) involved in this lesson have been uploaded to github for everyone to download [ download link ].
Let’s start the demonstration. For the video demonstration, please click [ Watch Link ].
1. Prepare ASK cluster
- Create a standard Serverless K8s cluster in [ Container Service Console ]
- After the cluster is created, there is the API server public network link address in the basic information
- There are ASK cluster access credentials in the connection information
2. Prepare PV/PVC
Prepare two nas disks, one for gitlab runner cache and one for maven warehouse, please replace the nas server address and path by yourself
kubectl apply -f mvn-pv.yaml
kubectl apply -f mvn-pvc.yaml
kubectl apply -f nas-pv.yaml
kubectl apply -f nas-pvc.yaml3. Prepare Secret
- Copy the public and private keys of the certificate in kubeconfig to secret, secret.yaml
kubectl apply -f secret.yaml- The authentication information of docker-registry, ECI supports password-free pull, but push docker image still needs to be used
kubectl create secret docker-registry registry-auth-secret --docker-server=registry.cn-hangzhou.aliyuncs.com --docker-username=${xxx} --docker-password=${xxx}- To view the generated secret, you can use the following command
kubectl get secret registry-auth-secret --output=yaml4. Prepare ConfigMap
Copy the url and token of the gitlab runner and the api server address of the ASK cluster to config.yaml
kubectl apply -f config-map.yaml5. Prepare imageCache (optional, save image pull time)
Currently AS K installs imagecache-crd by default, you can use the following command to query, if not, you can install it yourself
# 查看image cache crd 是否安转
kubectl get crd
# 安装image cache crd
kubectl apply -f imagecache-crd.yaml
# 制作imagecache
kubectl apply -f imagecache.yaml6. Deploy gitlab runner
kubectl apply -f gitlab-runner-deployment.yaml
7. Perform a simple CI task
The .gitlab-ci.yml in git repo is similar to Jenkinsfile and defines the workflow of the build task. We modify the src/main/webapp/index.jsp file in the demo project, and then git commit -m "change index info" to submit. The pipeline task in gitlab is triggered, and the entire process involves compilation, packaging, and deployment.
Cost comparison
The cost comparison between using ASK and a prepaid ECS:
From the above cost calculation, it can be seen that when you have fewer than 126 CI/CD tasks per day, using ASK+ECI will be more cost-effective than buying an ECS with a monthly subscription. While enjoying paying on demand, it also reduces operation and maintenance costs. More importantly, when the business scale expands and the number of CI/CD tasks increases sharply, there is no need to worry about the expansion of Node nodes. The ASK+ECI solution can be considered as a tailor-made standard for CI/CD continuous integration scenarios.
The Serverless official account releases the latest information on Serverless technology, gathers the most complete content of Serverless technology, pays attention to the trend of Serverless, and pays more attention to the confusion and problems you encounter in your practice.