一年多以前,我面临着一个事实,那就是整个Web开发部门都是在一个完全非IT公司的内部项目中成长的,我有机会领导了这个项目。工作流程似乎已经稳定下来,并且对每个人都还不错,但是问题仍然存在:
- 每个分支都在本地检查。我不得不从上次检查的更改中回滚基础,构建前端。当几个开发人员即将完成工作时,它被留在检查每一个小事情上,结果变成了地狱。
- 生产线上和开发人员之间的环境各不相同,这导致了错误:“一切都对我有用”。
内心的完美主义者渴望组织一切正确的事情。我正在分享我对以下问题的答案的搜索结果:“实际上,“正确”是什么?”?
我们已经实现
- 在生产中轻松快速地部署(为了进行实验,它们连续两周每天显示一次);
- 保证防止因应用程序环境不同而导致的错误;
- 我们可以组织与客户的有效互动:
- 演示每个功能分支;
- 授予访客访问权限以创建任务并监视工作进度。
如果您:
- 一家新成立的IT公司,或首次遇到大型项目的团队合作;
- 想要更新您的旧工作流程;
- 寻找最佳做法并希望看起来像其他人;
- 您经常遇到有关DevOps,CI / CD,云的文章,并希望通过单击一个按钮来创建测试环境,而下一次更新不是推销。
在切割下,您会发现
- 从任务设置到发布的典型工作流程;
- 用于使用最少工具构建任何现代开发流程的基础架构解决方案;
- 一个常见案例:Web应用程序开发;
- 报告的视频记录,其中将实时显示结果。
本文包括三个部分:
- 我对典型开发过程的看法;
- ;
- -.
,
, , . -, , , (- DevOps).
, , : “, , ?”.
“” , . , . , . .
, , , . , , “best practices”. -.
, , , , -.
, .
:
- - . , ;
- , , ;
- , git, Linux, Docker, GitLab, Traefik.
1. git
A successful Git branching model by Vincent Driessen
— : master, dev feature.
Feature
feature- / , dev-. , dev.
Dev
dev , master.
Master
production-. , , hotfix-, .
Master dev , .
2. . .
. feature , . “, xxx” , , . Merge Request- . wiki , .
, - — .
GitLab, , .
3.
— , . , //.
, IT- , DevOps. . . , . - (LXC), Docker, ...
, . , , . , . , - , . , , , .
, , , , , — . , .
, , . ( ) , , , , , . . , , “ ”. .
/
, - , . , , . . , .
UI/UX
, . ( Microsoft, ).
. . .
, , , , . .
. - .
: , , .., .
(QA / QC)
Quality Control (QC) . , . Quality Assurance (QA) , ( Toyota — ). , docker-, , .
(DevOps)
, . , .
workflow
- - (feature) , . .
- . . . , .
- , ( ), , , . — .
- feature- dev , , . , feature-, . , .
: , , , . , , , merge-request.
- merge-request dev-, , feature-.
- , . — -, , .
- feature- dev.
- , dev- merge-request master 5, 6 .
- 7, .
- , ( changelog-), . .
- , production.
- . .
:
- production-ready
- ( )
- 3 [Production], [Staging] [Services]. , , . /. , [Production] . [Services] GitLab (, docker registry: Portainer, ELK, Harbor, etc), Services. . Docker-. GitLab , .
- Traefik DNS-
*.dev.company.ru
, [Staging] TCP . SSL [Production]. Wildcard (WC)*dev.company.ru
letsencrypt-dns, DNS- Traefik. Traefik , SSL http . [Production] App. - GitLab [Services] GitLab-runner-, , Merge Request- () dev master, - [Staging] [Production] .gitlab-ci.yml .
- , [Staging].
- GitLab Docker Registry, .
- GitLab, Traefik Gitlab-runner- docker-, .
github-, . , :
https://github.com/Akkarine/demo_cicd
- , . . , Enterprise Traefik GitLab .
- , . , , , ..
- , Traefik GitLab . , Traefik DNS Yandex ( ) . GitLab . , rules.
- “ ”.
-
https://github.com/Akkarine/demo_cicd_project
-, , :
- . downtime ( API , ), load-balancer- , — — kubernetes. “ ”
- ( )
- production- ( , )
- root ( )
— .gitlab-ci.yml. pipeline- :
- base-img-rebuild
- rebuild-base-backend
. — , , . ( build), .
- rebuild-base-backend
- rebuild-dev-db
- rebuild-dev-db
, .
- rebuild-dev-db
- build
- rebuild-proxy-img
- nginx , latest - build-backend
, ( GitLab)
- rebuild-proxy-img
- test
- testing
- testing
- deploy-review
- deploy_review
, production, , .
- deploy_review
- skip_review
, , . - review
- approve-dev
. Merge-request dev (.. — feature), . . - approve-staging
. Merge-request master (.. — hotfix dev ), build latest . , latest , — . - reject
. . Merge Request- , - . - stop_review
, . .
- approve-dev
- rebuild-approved-db-img
- rebuild-approved-db-img
review , latest .
- rebuild-approved-db-img
- deploy-prod
- deploy-production
latest. , . - deploy-production-wo-containers
, , .
- deploy-production
- clear
staging production
- clean-staging
- clean-prod
- restore-db
- restore-db
— .
- restore-db
, . — , . , .
Traefik
reverse proxy + SSL nginx
- https://habr.com/ru/post/328048/
- https://habr.com/ru/post/445448/
- https://github.com/jwilder/nginx-proxy
- https://github.com/JrCs/docker-letsencrypt-nginx-proxy-companion
GitLab
GitLab SSL config
- https://docs.gitlab.com/omnibus/settings/ssl.html
- reverse-proxy https://docs.gitlab.com/omnibus/settings/nginx.html#supporting-proxied-ssl
GitLab Registry
- https://docs.gitlab.com/ce/administration/container_registry.html#configure-container-registry-under-its-own-domain
- : https://docs.gitlab.com/omnibus/maintenance/#container-registry-garbage-collection
Gitlab-runner
- https://docs.gitlab.com/runner/install/docker.html
- Docker Executor https://docs.gitlab.com/runner/executors/docker.html
- SSH Executor https://docs.gitlab.com/runner/executors/ssh.html
- https://docs.gitlab.com/runner/register/index.html#docker
- Docker GitLab CI/CD https://docs.gitlab.com/ce/ci/docker/using_docker_build.html
- Docker Docker priveleged mode registry
( ) https://docs.gitlab.com/ce/ci/docker/using_kaniko.html - https://docs.gitlab.com/runner/configuration/advanced-configuration.html
- CLI https://docs.gitlab.com/runner/commands/README.html
Docker
- https://docs.docker.com/install/linux/linux-postinstall/
- docker-compose https://docs.docker.com/compose/reference/overview/
- https://docs.docker.com/compose/reference/config/
- Docker (TCP + TLS): https://docs.docker.com/engine/security/https/
-: https://github.com/wagoodman/dive
# docker ( ) sudo docker run --rm -it -v /var/run/docker.sock:/var/run/docker.sock wagoodman/dive:latest gitlab/gitlab-runner:latest
SSL: https://ssl-config.mozilla.org/#server=traefik&server-version=2.1&config=intermediate
GitLab Shell Runner. docker-compose https://habr.com/ru/post/449910
:
""