CircleCI & Argo CD による GitOps / GitOps with CircleCI and Argo CD

Transcript

1. $JSDMF$*
   
   "SHP
   $%
   ʹΑΔ
   (JU0QT !QN
   
   σϓϩΠ͠/JHIU
   JO
   ෱Ԭ
   

2. ͸͡Ίʹ w ࠓ೔͸
   (JU0QT
   Λ
   $JSDMF$*
   ͱ
   "SHP
   $%
   Λ༻͍࣮ͯݱ͠ ͯΈ͍ͨͱࢥ͍·͢
   w LVCFSOFUFT
   ͷ֓೦͕ଟʑग़ͯ·͍Γ·͕͢ɺ͋·Γਂ͍ ࿩Ͱ͸͍͟͝·ͤΜ !2

3. ࣗݾ঺հ w !QNʢ4IJOJDIJSP
   5PEBLBʣ
   w גࣜձࣾ"QSFOEFS
   w ϑϩϯτΤϯυ
   
   ΠϯϑϥΤϯδχΞ
   w ࡢ೥ɺؔ౦
   
   ෱Ԭ΁Ҡॅ
   ✈
   w

   ಘҙδϟϯϧ͸ϑϩϯτΤϯυʢ3FBDUʣٴͼɺ"84
   ߏ ੒؅ཧपΓͰ͢
   w ࠷ۙ͸
   LT
   पΓΛ௥͔͚͍ͬͯ·͢
   w ͱ♨͕޷͖ !3

4. (JU0QT

5. (JU0QT
   ͱ͸ w 8FBWFXPSLT
   ͕ఏএͨ͠
   $MPVE
   /BUJWF
   ࣌୅ʹ͓͚Δ
   $%
   ͷ͋Γํ
   w IUUQTXXXXFBWFXPSLTUFDIOPMPHJFTHJUPQT
   w (JU
   3FQP
   ͕ݱঢ়ΠϯϑϥΛ൓ө͍ͯ͠Δʢ4JOHMF
   4PVSDF
   PG
   5SVUIʣ
   w 1VMM
   3FRVFTU
   ϕʔεͰ൓өΛߦ͏

   !5

6. (JU0QT
   ͱ͸ !6 https://www.slideshare.net/weaveworks/gitops-modern-best-practices-for-high-velocity-app-dev-using-cloud-native-tools

7. "SHP
   $%

8. "SHP
   $%
   ͱ͸ w (JU0QT
   Λ࣮ݱ͢ΔͨΊͷπʔϧ
   w ,VCFSOFUFT
   ͷͨΊͷએݴతͳ
   (JU0QT
   ͷͨΊͷσϦόϦʔπʔϧ
   w ϦϙδτϦΛϙʔϦϯάͯ͠มԽΛݕग़͠·͢
   w ଟػೳͰ͢ɻ·ͩ࢖͍͜ͳ͍ͤͯ·ͤΜ !8

9. https://github.com/cncf/landscape

10. None

11. σϞߏங

12. ࡞Δ΋ͷ w ߏ੒
    w ,VCFSOFUFT
    Ϋϥελ
    w &,4
    Ͱ࡞੒
    w /HJOY
    ͷ
    JOEFYIUNM
    Λදࣔ͢ΔΞϓϦέʔγϣϯ
    w

    "SHP
    $%
    ͷίϯϙʔωϯτ
    w (JU)VC
    w $JSDMF$*
    w ࢦఆͷλάͰΠϝʔδͷϏϧυ
    w ͦͷΠϝʔδλάͰ
    NBOJGFTU
    Λஔ͖׵͑ɺ13
    Λ࡞੒
    w 13
    ࡞੒ʹ͸
    IVC
    Λ࢖༻
    w ͪͳΈʹ
    (JU0QT
    ͷຊ࣭Ͱ͸͋Γ·ͤΜ !12

13. ߏ੒Πϝʔδ !13 https://www.slideshare.net/weaveworks/gitops-modern-best-practices-for-high-velocity-app-dev-using-cloud-native-tools

14. ΫϥελΛཱͯΔ $ brew install weaveworks/tap/eksctl $ eksctl version [ℹ] version.Info{BuiltAt:"",

    GitCommit:"", GitTag:"0.2.1"} $ eksctl create cluster \ --name sample-cluster \ --region us-west-2 \ --nodes 2 \ --nodes-min 1 \ --nodes-max 2 \ --node-type t2.medium \ --version=1.13 \ --tags environment=test !14

15. ΞϓϦέʔγϣϯʢ/HJOYʣͷ࡞੒ $ cat Dockerfile FROM nginx:1.17.2 ADD index.html /usr/share/nginx/html/ EXPOSE

    80 CMD nginx -g "daemon off;" $ cat index.html <!DOCTYPE html> <html> <head> <title>Welcome to nginx!</title> </head> <body> Hello GitOps!! </body> </html> !15

16. ίϯςφϨδετϦͷ४උ $ aws ecr create-repository \ --repository-name gitops-sample \ --region

    us-west-2 !16

17. $JSDMF$*
    ͷηοτΞοϓ
     $ cat .circleci/config.yml orbs: aws-ecr: circleci/[email protected] version: 2.1

    workflows: build_and_push_image: jobs: - aws-ecr/build-and-push-image: repo: gitops-sample tag: 1.0.0 filters: branches: only: - master !17

18. $JSDMF$*
    ͷηοτΞοϓ
     create_pull_request: docker: - image: circleci/golang:1.11-stretch steps: - checkout

    - run: name: Install hub command command: | curl -sSLf https://github.com/github/hub/releases/download/v2.12.3/hub-linux-amd64-2.12.3.tgz | \ tar zxf - --strip-components=1 -C /tmp/ && \ sudo mv /tmp/bin/hub /usr/local/bin/hub - run: name: Replace definition & create a pull request command: | cd /home/circleci/project sed -i -e 's/\(gitops-sample:\)[0-9\.]\+.*$/\11.0.0/g' infra/default/application.yaml export BRANCH=`date "+%Y%m%d-%H%M%S"` git config --global user.email "[email protected]" git config --global user.name "CIBot" git checkout --no-track -b ${BRANCH} git commit -am '[ci skip] bump version' hub push origin ${BRANCH} hub pull-request \ --message="Update Image" \ --base=${CIRCLE_PROJECT_USERNAME}:master \ --head=${CIRCLE_PROJECT_USERNAME}:${BRANCH} !18

19. $JSDMF$*
    ͷηοτΞοϓ
     $ cat .circleci/config.yml ... jobs: create_pull_request: ... workflows:

    build_and_push_image: jobs: - aws-ecr/build-and-push-image: ... - create_pull_request: requires: - aws-ecr/build-and-push-image filters: branches: only: - master !19

20. $JSDMF$*
    ͷηοτΞοϓ
     AWS_ECR_ACCOUNT_URL=<<YOUR AWS_ACCOUNT_ID>>.dkr.ecr.us- west-2.amazonaws.com AWS_ACCESS_KEY_ID=<<YOUR ACCESS_KEY_ID>> AWS_SECRET_ACCESS_KEY=<<YOUR SECRET_ACCESS_KEY>> AWS_REGION=us-west-2

    GITHUB_TOKEN=<<YOUR PERSONAL_ACCESS_KEY>> w ҎԼΛ
    $JSDMF$*
    ͷ
    &OWJSPONFOU
    ΁ఆ͓͖ٛͯ͠·͢
    w ·ͨ
    8SJUF
    Մೳͳ伴ͷηοτΛ࡞੒͠ɺެ։伴Λ
    (JU)VC
    ΁ൿີ伴Λ
    $JSDMF$*
    ΁ొ࿥͓͖ͯ͠ɺ1FSTPOBM
    "DDFTT
    5PLFO
    ΋ొ࿥͠·͢ !20

21. ΞϓϦέʔγϣϯͷ
    NBOJGFTU
    ࡞੒ $ cat infra/default/application.yaml apiVersion: apps/v1 kind: Deployment metadata: name:

    nginx-deployment namespace: default labels: app: nginx spec: replicas: 2 selector: matchLabels: app: nginx template: metadata: labels: app: nginx spec: containers: - name: nginx image: XXXXXXXXXXX.dkr.ecr.us-west-2.amazonaws.com/gitops-sample: 1.0.0 ports: - containerPort: 80 ... snip ... !21

22. ΞϓϦέʔγϣϯʢ/HJOYʣͷల։ # ద༻ʢk = kubectlʣ $ k apply -f infra/default/application.yaml

    $ k get pods -n default NAME READY STATUS RESTARTS AGE nginx-deployment-76cfc87d8c-4jwsh 1/1 Running 0 4h23m nginx-deployment-76cfc87d8c-6fxp2 1/1 Running 0 4h23m $ curl <<Service Endpoint>> <!DOCTYPE html> <html> <head> <title>Welcome to nginx!</title> </head> <body> Hello GitOps!! </body> </html> !22

23. "SHP
    $%
    ͷల։ʢʣ # Ϋϥελ΁ల։ʢk = kubectlʣ $ k create namespace argocd

    $ k apply -n argocd -f https://raw.githubusercontent.com/ argoproj/argo-cd/stable/manifests/install.yaml # LB Λ͚ͭͯΞΫηεͰ͖ΔΑ͏ʹ $ k patch svc argocd-server -n argocd -p '{"spec": {"type": "LoadBalancer"}}' # CLI ͷΠϯετʔϧ $ brew tap argoproj/tap $ brew install argoproj/tap/argocd # ϩάΠϯʢadmin:{argocd-serverͷPod໊} ͰϩάΠϯՄೳʣ $ argocd login <<Service Endpoint>> !23

24. "SHP
    $%
    ͷల։ʢʣ # ΞϓϦέʔγϣϯΛ࡞੒ $ argocd app create gitops-sample \ --repo

    https://github.com/pm11/argo-cd-example.git \ --path infra/default \ --dest-server https://kubernetes.default.svc \ --dest-namespace default # ϦϙδτϦΛඥ͚ͮΔ $ argocd repo add https://github.com/pm11/argo-cd- example.git !24

25. "SHP
    $%
    ϩάΠϯ w 4FSWJDF
    ʹ
    $-#
    ͷ
    %/4
    ͰΞΫηε͢ΔͱҎԼͷը໘ʹ
    w $-*
    ͱಉ͡Ϣʔβ໊ύεϫʔυΛ࢖͏ !25

26. "SHP
    $%
    μογϡϘʔυ !26

27. 5SZ
    (JU0QT

28. ΞϓϦέʔγϣϯʢ/HJOYʣΛมߋ $ git diff index.html ... @@ -4,6 +4,6 @@

    <title>Welcome to nginx!</title> </head> <body> -Hello GitOps!! +Hello GitOps with CircleCI!! </body> </html> !28

29. ΞϓϦέʔγϣϯʢ/HJOYʣΛมߋ $ git diff .circleci/config.yml ... @@ -17,7 +17,7 @@

    jobs: cd /home/circleci/project - sed -i -e 's/\(gitops-sample:\)[0-9\.]\+.*$/\11.0.0/g' infra/ default/application.yaml + sed -i -e 's/\(gitops-sample:\)[0-9\.]\+.*$/\11.0.1/g' infra/ default/application.yaml export BRANCH=`date "+%Y%m%d-%H%M%S"` ... @@ -34,7 +34,7 @@ workflows: jobs: - aws-ecr/build-and-push-image: repo: gitops-sample - tag: 1.0.0 + tag: 1.0.1 filters: !29

30. $JSDMF$* !30

31. (JU)VC
    Ͱ
    13
    Λ֬ೝ w $JSDMF$*
    ͔Β
    13
    ͕ग़͞ΕΔͷͰ಺༰Λ֬ೝ͠ɺϚʔδ͠·͢
    w ʢࠓ͸ݸਓͷ
    1FSTPOBM"DDFTT5PLFO
    Λར༻͍ͯ͠·͕͢ઐ༻ͷ΋ ͷ͕ྑ͍Ͱ͢ʣ !31

32. "SHP
    $%
    Ͱ
    4ZOD
    Λߦ͏ w "SHP
    $%
    ଆ͕
    0VU0G4ZOD
    ͱͳΔͷͰɺ4ZOD
    Λߦ͍·͢ !32

33. "SHP
    $%
    ͰσϓϩΠத w ผͰ
    3FQMJDB4FU
    ͕࡞੒͞Εͯ
    
    ͷ
    1PE
    ͕ىಈ͠·͢ !33

34. ΞϓϦέʔγϣϯʢ/HJOYʣΛมߋ $ curl <<Service Endpoint>> <!DOCTYPE html> <html> <head> <title>Welcome

    to nginx!</title> </head> <body> Hello GitOps with CircleCI!! </body> </html> !34
35. None

36. ·ͱΊ w ؆୯Ͱ͸͋Γ·͕͢
    $JSDMF$*
    ͱ
    "SHP
    $%
    Λ૊Έ߹Θͤͨ
    (JU0QT
    Λ࣮ݱͯ͠Έ·ͨ͠
    w (JU)VC
    ͷ
    13
    ૢ࡞ͰΠϯϑϥΛ؅ཧͰ͖ΔࣄʹΑΓɺݖݶ؅ཧ ΍ϫʔΫϑϩʔΛ៉ྷʹग़དྷͦ͏Ͱ͢
    w σϓϩΠΛτϦΨʔ͍ͯͨ͠
    $*0QT
    ͱൺ΂Δͱ
    (JU0QT
    Ͱ͸ɺ $*
    ͱ
    $%
    ͕໌֬ʹ෼͔ΕΔ࣮૷ͱͳΓͦ͏Ͱ͢
    

    w ࠓճͰ͖ͳ͔ͬͨࣗಈద༻΍ΑΓྑ͍
    UBH
    ؅ཧͳͲ͸Ҿ͖ଓ͖ ௥ͬͯ·͍Γ·͢ !36

37. ͋Γ͕ͱ͏͍͟͝·ͨ͠