Kubernetes中的CI/CD

{"type":"doc","content":[{"type":"heading","attrs":{"align":null,"level":2},"content":[{"type":"text","text":"CI/CD 概念"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"CI/CD 其實早在很多年前就已經誕生了，主要是爲了將頻繁的變更測試、構建、交付和部署等進行自動化，減少手工操作。 "}]},{"type":"bulletedlist","content":[{"type":"listitem","content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"CI 持續集成主要是在代碼更改時自動分支合併、構建並執行一系列的測試（包括單元測試、集成測試、端到端測試等），確保這些變更不會破壞原來的應用。"}]}]},{"type":"listitem","content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"CD 持續交付和部署則是 CI 測試通過之後把構建結果存檔、發佈到預布環境和生產環境、最後再進行驗收測試的過程。 "}]}]}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"CI/CD 是 DevOps 的基礎，CI/CD 側重於軟件開發過程中的自動化，而 Devops 則是側重於文化構建，旨在減少開發、運維、QA之間的溝通鴻溝，促進快速可靠發佈的同時還保證產品質量。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"CI/CD 一系列流程通常會組成一個流水線，docker和Kubernetes則可以簡化這些流水線中的很多流程，比如Docker容器可以很容易把有衝突的環境隔離開來，而Kubernetes則更進一步簡化整個流水線的構建、執行和維護工作。"}]},{"type":"heading","attrs":{"align":null,"level":2},"content":[{"type":"text","text":"CI/CD 工具的選擇"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"根據 CNCF 2019 年的調查報告，Jenkins 和 Gitlab 是當之無愧的 CI/CD 工具之首。當然，除此之外，還有很多其他的工具，比如 Spinnaker、Argo、Jenkins X、CircleCI、Github Actions 等等。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"這些工具可以分爲兩類："}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"bulletedlist","content":[{"type":"listitem","content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"傳統的 CI/CD 工具，典型的是 Jenkins 和 Gitlab，功能強大，配置靈活，使用場景沒有限制。"}]}]},{"type":"listitem","content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"Kubernetes native 工具，典型的是 Jenkins X 和 Argo，專爲 Kubernetes 場景構建，跟 Kubernetes 生態緊密集成，但缺少靈活性。"}]}]}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"其實，現在很多所謂的雲原生實際上會以 Kubernetes 原生的方式落地，把 Kubernetes 變成整個基礎設施的基礎。從這個角度來說，我覺得使用 Kubernetes native 的工具實際上是更好的選擇，不僅省去了跟 Kubernetes 集成的配置，還可以很容易跟社區內其他的工具打通。"}]},{"type":"heading","attrs":{"align":null,"level":2},"content":[{"type":"text","text":"私有fork"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"大家在實踐雲原生技術的時候可能或多或少都需要做一些改動，這些改動可能暫時無法提交到社區。這時候可能就需要把代碼從社區克隆到公司內部，選擇性的和社區保持同步了。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"這種差異實際上促進了很多公司把一些比較通用的特性推到社區裏面，方便自己後續同步的同時，也讓整個社區在這些新特性中受益。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"當然，這些差異也帶來了很多的問題，比如公司內部的研發工具包括流水線工具和社區很可能不一致了。這時候如果把社區的流水線全部搬進來會遇到水土不服的問題；而按照內部工具適配，又需要很大的工作量，並且還需要把握好跟社區的差異。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"從 CI/CD 的角度來看，實際上並不需要把社區的所有東西都搬進來，只要根據自己的需要把必要的部分引入就可以了（比如端到端的測試和性能測試等）。這些東西一般可以通過很簡單的命令集成到現有的流水線中。"}]},{"type":"heading","attrs":{"align":null,"level":2},"content":[{"type":"text","text":"本地開發"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"CI/CD通常需要執行一系列的任務，時間會比較長。並且發生問題時，一般也很難在線排查。所以，對於本地應用的開發階段，通常並不會直接去用 CI/CD 流水線，而只需要能在開發環境中構建、部署和調試就可以了。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"Kubernetes 開源社區有三個工具可以簡化這個過程：Skaffold、Tilt 和 Draft。這些工具都支持自動化本地鏡像構建、推送鏡像並部署新的應用到Kubernetes集羣中，如下圖所示，就是 Skaffold 的工作原理（圖片來自 skaffold.dev）："}]},{"type":"image","attrs":{"src":"https://static001.geekbang.org/infoq/c4/c46d558929facd70b2e8118ccfe9f986.png","alt":null,"title":null,"style":null,"href":null,"fromPaste":true,"pastePass":true}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"這三者之間，Tilt的功能最爲豐富，既有 UI 支持，還可以管理多個微服務，使用起來也稍微有些麻煩，需要編寫 Tiltfile 文件描述應用程序。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"Skaffold和Draft的功能特性基本相同，但Draft已經很長時間都不維護了，所以這二者 Skaffold 是個不錯的選擇。"}]},{"type":"horizontalrule"},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"以上整理自同名知識星球“漫談雲原生”的上週話題討論，本週話題爲基於Kubernetes的多雲/混合雲策略，歡迎有興趣的同學加入參與。"}]},{"type":"image","attrs":{"src":"https://static001.geekbang.org/infoq/3e/3efa842ef1f488c6e82d568850b56dbb.png","alt":null,"title":null,"style":null,"href":null,"fromPaste":true,"pastePass":true}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}}]}