GitHub Action + ACK: Cloud-native DevOps landing tool

Others 2021-03-19 01:50:38 views: null

Introduction:  According to the "China's DevOps Status Quo Survey Report (2020)" by the Institute of Information and Communications Technology, 63% of enterprises have implemented DevOps and used continuous delivery pipelines to open up multiple links in development, testing, deployment, and operation and maintenance. However, 20% of enterprises still report that the practice of DevOps is complicated. Self-built Jenkins requires self-deployment and plug-in operation and maintenance, and SaaS-based CI/CD tools are cumbersome to configure. I hope that there will be lighter and more convenient tools to accelerate their transformation.

Head picture.png

Author | Yao Jing
Source |  Alibaba Cloud Native Official Account

According to the "China's DevOps Status Quo Survey Report (2020)" by the Institute of Information and Communications Technology, 63% of enterprises have implemented DevOps and used continuous delivery pipelines to open up multiple links in development, testing, deployment, and operation and maintenance. However, 20% of enterprises still report that the practice of DevOps is complicated. Self-built Jenkins requires self-deployment and plug-in operation and maintenance, and SaaS-based CI/CD tools are cumbersome to configure. I hope that there will be lighter and more convenient tools to accelerate their transformation.

Currently, Alibaba Cloud and GitHub have jointly released GitHub Action Workflow for rapid deployment to Alibaba Cloud ACK. No need to build, deploy and maintain CI/CD tools by yourself. Based on the out-of-the-box GitHub Action and Alibaba Cloud deployment templates, you can automatically apply packaging, build, upload, and quickly deploy to Alibaba Cloud after GitHub code changes. The process of container service ACK. This article will introduce you in detail from GitHub Action, Alibaba Cloud Container Service and Practice Demo.

1.jpg

Figure 1-GitHub Action supports Alibaba Cloud deployment templates

GitHub and Alibaba Cloud jointly release GitHub Action Workflow

1. About GitHub Acticon

2.jpg
Figure 2-GitHub Action home page

GitHub Action  is a built-in continuous integration tool launched by GitHub in October 2018 to simplify the process of automated construction, testing, and deployment. GitHub Action encapsulates the continuous integration of atomic operations into Actions, and then assembles multiple actions into reusable templates based on Workflow process definitions to automatically trigger the execution of the Action process after the GitHub event is updated.

GitHub Action has the following characteristics:

  • Out of the box : GitHub Action is a SaaS-based hosting service that can be specified to execute tasks inside the GitHub VM or container through a statement to ensure flexible expansion during peak business periods. At the same time, it also supports adding your own machines hosted on the cloud or IDC to perform tasks and customize the environment for task execution.
  • Flexible and convenient : support Linux, macOS, Windows multi-platform, virtual machine and container operating environment. Support Node.js, Python, Java, Ruby, PHP, Go, Rust, .NET and other languages ​​and frameworks. Support matrix construction, realize multi-platform and multi-environment parallel compatible test, and improve the efficiency of software test integration.
  • Free quota : GitHub Action is free for public warehouses and self-hosted runners. For other GitHub specifications, there are free storage and task runtimes. If the quota is exceeded, it will be charged according to the amount. For specific charging information, please refer to: http://t.tb.cn /69r7pJmDOlTsLN724CgrlO .
  • Open ecology : GitHub Actions are written in YAML scripts, which can be edited and reused like code snippets. GitHub Action Marketplace  also provides cloud vendor certification and GitHub Action templates provided by three parties, which you can use directly or customize it twice.

The core concept of GitHub Action is divided into the following four parts:
 

  • Workflow : A continuous integration running process based on the code warehouse, which can be set timing or triggered by GitHub events. Workflow files are defined in YAML format and stored in the .github/workflows directory of the code repository. A code repository can have multiple Workflow files, and GitHub recognizes the .yaml files in the directory and executes these Workflows in parallel.
  • Job : A Workflow is composed of multiple Jobs. By default, Jobs will be executed concurrently. You can also set Jobs to execute sequentially to implement Workflow with logical dependencies before and after.
  • Step : A Job is composed of multiple Steps. Steps under the same Job will be executed on a Runner to ensure the sharing of environment and data.
  • Action : A Step is composed of multiple Actions. Action is an independent command set, which is also defined based on YAML code. Developers can edit, reuse, and share just like code.

The following is a simple GitHub Action Workflow example, which defines a Job composed of two Steps. Among them, the first Step reuses the community's actions/checkout@v2 template to execute the checkout of the current code base, and the second Step directly executes the Bash command.

name: Greeting
on: push

jobs:
  my-job:
    name: My Job
    runs-on: ubuntu-latest
    steps:
    - name: Checkout
      uses: actions/checkout@v2
      
    - name: Greeting
      run: |
        echo 'Welcome to Alibaba Cloud!'

The GitHub Action Worflow jointly released by GitHub and Alibaba Cloud defines multiple Steps to support rapid construction and deployment to Alibaba Cloud Container Service ACK. For the specific definition of Workflow, please refer to the link: http://t.tb.cn/60eKsjLUTOKijV4NjGizeq .

2. About Alibaba Cloud Container Service

If GitHub Action is the Swiss Army Knife for practicing DevOps, then Alibaba Cloud Container Service is the best interface for landing cloud-native DevOps, which is rich in features and convenient to use. Alibaba Cloud Container Service for Kubernetes (ACK) is the world's first service platform that has passed Kubernetes conformance certification. It provides high-performance container application management services and supports the lifecycle management of enterprise-level Kubernetes containerized applications. ACK is the core containerized infrastructure in Alibaba Group, with rich application scenarios and experience accumulation, including e-commerce, real-time audio and video, database, messaging middleware, artificial intelligence and other scenarios, supporting a wide range of internal and external customers during the Double 11 activity. At the same time, the container service integrates Ali's internal experience and capabilities in various large-scale scenarios into the product, opening it to public cloud customers, enhancing more abundant functions and more prominent stability. The container service has maintained the domestic container market share for many years. 

3.jpg

Figure 3-Alibaba Cloud Container Service Product Family

In the field of application management , Alibaba Cloud has further enhanced reliability and security in response to Alibaba's large-scale practices and the rich production practices of enterprises, and provides a Kubernetes cluster with a payable SLA-ACK Pro version. The ACK Pro version cluster is a cluster type developed on the basis of the original ACK managed version cluster, inheriting all the advantages of the original managed version cluster, such as Master node hosting, Master node high availability, etc. At the same time, compared with the original hosted version, it further improves the reliability, security and scheduling performance of the cluster, and supports the SLA of the compensation standard, which is suitable for enterprise customers with large-scale business in the production environment and high requirements for stability and security.

In the field of application product management , for enterprise customers with high security and performance requirements, Alibaba Cloud launched ACR EE, the enterprise version of the container mirroring service, providing the first enterprise-level service with exclusive instances in the public cloud. In addition to supporting multi-architecture container mirroring, ACR EE also supports the hosting of multi-version Helm Chart, Operator and other products that comply with OCI specifications. In the part of security management, ACR EE provides multi-dimensional security guarantees such as network access control, security scanning, mirroring endorsement, and security auditing, helping enterprises to upgrade from DevOps to DevSecOps. In the global distribution acceleration scenario, ACR EE optimizes network links and scheduling strategies to ensure a stable cross-sea synchronization success rate. In large-scale image distribution scenarios, ACR EE supports on-demand loading, enabling full download and online decompression of image data, reducing the average container startup time by 60%. At present, many enterprise production environment models use ACR EE to ensure the secure hosting and multi-scenario efficient distribution of enterprise customers' cloud-native application products.

If you have any questions about the use of container mirroring, please click to fill out the questionnaire . We will randomly select 10 participants and give away ACR EE coupons for Alibaba Cloud Container Mirroring Service (Enterprise Edition) .

Build cloud-native DevOps practice based on GitHub Action + ACK

The following will be based on GitHub Action to demonstrate how to package a simple Nginx application into a container image, host it in ACR Container Image Service ACR, and then automatically deploy it to Alibaba Cloud Container Service ACK to quickly and conveniently implement the CI/CD process. GitHub Action Demo address reference: http://yli16.cn/LAZxC , you can update the corresponding Yaml file to implement custom business scenarios.

4.jpg

Figure 4-DevOps process based on GitHub Action

1. Preparation

  • Open the ACR container mirroring service of Alibaba Cloud, create a namespace and mirror warehouse, and refer to the documentation . If you have strong security and high-performance distribution requirements, it is recommended to use the ACR EE Enterprise Edition instance and refer to the document .
  • Open Alibaba Cloud Container Service ACK, create a cluster on ACK, refer to the document . If you have strong security and high performance requirements, it is recommended to use ACK PRO, refer to the document .
  • Open GitHub and create a warehouse. The code warehouse contains business code and application deployment template Yaml. You can refer to the code examples .

2. Practice process

1) Create Workflow

In the GitHub code repository, click on the Tab page of Actions, there will be a Workflow recommended based on the current GitHub project content, and select the Workflow template deployed to Alibaba Cloud ACK.

5.jpg

Figure 5-Built-in Actions in GitHub repository

6.jpg

Figure 6-Select Workflow deployed to Alibaba Cloud ACK 

By default, GitHub Action will create the alibabacloud.yml file in the code repository.github/workflows directory. Define the monitoring code in the YAML file to release the Release event. Once the event occurs, it will automatically trigger the subsequent integration deployment process. You can also search for related Actions in the market on the right, and customize the Action steps in the Job.

2) Update variable information in Workflow

The env environment variable is defined in Workflow, and the corresponding region, container mirroring service, container service cluster and other information need to be updated according to the actual situation. ACCESS_KEY_ID and ACCESS_KEY_SECRET define Alibaba Cloud account AK information, which needs to be set in cipher text in the corresponding Secrets of the warehouse.

7.jpg

Figure 7-Update the corresponding environment variables in Worflow

8.jpg

Figure 8-Update Secrets information

3) Automatic deployment

After the configuration is complete, by default, when a Release is released, the GitHub Action will be automatically triggered to perform the task. Click the Actions button, you can see the corresponding task execution history and details. The entire workflow is executed sequentially. Once one of the tasks fails, the entire workflow will terminate execution. It can be realized that after the container image is pushed to the ACR, a high-risk security vulnerability is found, and the subsequent container deployment to the ACK process is immediately cancelled. When the build, security scan, and deployment process is successfully completed, an nginx service will be generated on the ACK based on the new container image. The security risk identification and decision-making are built into the whole link, and the safe and efficient DevSecOps process is practiced.

9.jpg

Figure 9-Workflow execution history

4) Expansion

You can find the required Action task template on the GitHub Action Marketplace to implement a custom Workflow process. Currently, GitHub Action already has a wealth of Action templates, covering multiple scenarios such as code dependency, code integration, and code quality in multiple languages. You can quickly build a Workflow matrix that supports multiple operating systems and multiple languages ​​based on the template, and test multiple versions of the project in parallel.

10.jpg

图 10 - GitHub Action Marketplace

Guide a new path for DevOps in the cloud-native era

Compared with traditional Jenkins tools, GitHub Action is a SaaS-based hosting service that does not require deployment and plug-in operation and maintenance. You only need to simply define or reuse the official Workflow to realize convenient CI/CD scenarios. Compared with Travis CI/Circle CI, GitHub Action is a native tool launched by GitHub, with better integration experience and flexibility, and richer Action Marketplace ecological support, allowing users to reuse and customize Workflow more conveniently.

Now GitHub Action also has built-in support for the automatic construction and push of ACR container image service ACR, and the automatic deployment of Workflow of Alibaba Cloud Container Service ACK, which guides a new path for DevOps in the cloud-native era. It is hoped that it can help more enterprises enjoy the dividends of cloud native technology while accelerating the completion of enterprise-level digital transformation and architecture upgrades.

Click to participate in the questionnaire survey , and it is possible to get ACR EE coupons for Alibaba Cloud Container Mirroring Service (Enterprise Edition)!

Guess you like

Origin blog.csdn.net/weixin_43970890/article/details/114987149
Recommended
Ranking
Empire cms smart tag calls four first-level recommended articles, starting from the fourth article
Linux environment installation and configuration Elasticsearch7.17
Big Data processing architecture and Lambda Kappa architecture
Explore the top of the AI large model platform - Wenxin Qianfan
Beijing car PK10 lucky airship Guanya size and value of the odd and even tips
W3B x Sui Hacker House|In-depth understanding of Sui and Move language
Know almost Ko Chan: Chinese what any decent open source software products? (Finishing from my original answer)
Comprehensively improve AD domain security authentication | Zhuyun IDaaS
Android Update Engine Analysis (24) What happened when making the downgrade package?
Spark Architecture and Operating Mechanism (1) - System Architecture
Daily
More
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)
2024-05-03(8)
2024-05-02(0)
2024-05-01(4)
2024-04-30(36)
2024-04-29(5)
2024-04-28(12)

Code World

© 2018 codetd.com