/
.gitlab-ci.yml
173 lines (156 loc) · 4.67 KB
/
.gitlab-ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
image: williamyeh/ansible:ubuntu16.04
variables:
TF_VAR_yc_token: ${YC_OAUTH_TOKEN}
TF_VAR_yc_cloud_id: ${YC_CLOUD_ID}
TF_VAR_yc_folder_id: ${YC_FOLDER_ID}
stages:
- validate
- infra
- platform
- apps
- destroy
before_script:
- apt-get update > /dev/null
- apt-get install -y curl jq ssh git unzip > /dev/null
- pip install netaddr jmespath > /dev/null
- wget https://releases.hashicorp.com/terraform/0.11.11/terraform_0.11.11_linux_amd64.zip > /dev/null
- unzip terra*
- mv terraform /usr/local/bin
- rm -rf terra*
- curl -s https://terraform-provider-yandex.website.yandexcloud.net/terraform-provider-yandex/install.sh | bash
- chmod +x infra/*.sh
- eval $(ssh-agent -s)
- echo "$SSH_PRIVATE_KEY" | tr -d '\r' | ssh-add - > /dev/null
- mkdir -p ~/.ssh
- chmod 700 ~/.ssh
- echo 'Ansible refuses to read from a world-writeable folder, hence' && chmod -v 700 $(pwd)/ansible
tf_validate:
stage: validate
only:
- master
script:
- cd infra
- terraform init -reconfigure -get=true -get-plugins=true
- terraform validate -check-variables=true
Deploy Infra:
stage: infra
script:
- cd infra
- terraform init -reconfigure -get=true -get-plugins=true
- terraform apply -input=false -auto-approve
- terraform output -json > tf_output.json
only:
- master
artifacts:
name: tf_config
paths:
- ./infra/terraform.tfstate
- ./infra/tf_output.json
Kubernetes:
stage: platform
script:
- echo "Looks like YC VMs need some time to become ready after deployment..."
- echo "So, will sleep for 200 seconds..."
- sleep 200
- echo "Start kubernetes deployment"
- cd infra
- ./make_ansible_inventory.sh
- cd ./../kube
- cat ./kubespray_inventory/kube_hosts.ini
- git clone https://github.com/kubernetes-sigs/kubespray.git
- cd kubespray
- git fetch && git fetch --tags
- git checkout v2.8.2
- cp -r ../kubespray_inventory inventory/
- export ANSIBLE_FORCE_COLOR=1
- ansible-playbook -i inventory/kubespray_inventory/kube_hosts.ini --user centos --become --become-user=root --timeout 30 cluster.yml
- echo "Kubernetes deployed."
only:
- master
artifacts:
name: kube_config
paths:
- ./kube/kubespray/inventory/kubespray_inventory/artifacts/admin.conf
Load Balancer:
stage: platform
script:
- echo "Deploy Load Balancer."
- cd infra
- ./make_ansible_inventory.sh
- cd ..
- cp -r kube/kubespray_inventory ansible/inventory/
- cd ansible
- export ANSIBLE_FORCE_COLOR=1
- ansible-playbook -i inventory/kubespray_inventory/kube_hosts.ini -e ansible_user=centos playbooks/lb.yml
- echo "Load balancer deployment finished."
only:
- master
DNS:
stage: platform
only:
- master
script:
- echo "Update DNS for Load Balancer."
- cd infra
- ./update_dns_record.sh
- echo "DNS updated."
Kube GlusterFS:
stage: apps
script:
- echo "Start GlusterFS & Heketi deployment"
- cd infra
- ./make_ansible_inventory.sh
- cd ./../kube
- cat ./kubespray_inventory/kube_hosts.ini
- rm -rf kubespray
- git clone https://github.com/kubernetes-sigs/kubespray.git
- cd kubespray
# - git fetch && git fetch --tags
# - git checkout v2.8.2
- cp -r ../kubespray_inventory inventory/
- export ANSIBLE_FORCE_COLOR=1
- ansible-playbook -i inventory/kubespray_inventory/kube_hosts.ini --user centos --become --become-user=root --timeout 30 contrib/network-storage/heketi/heketi.yml
- echo "Kubernetes deployed."
only:
- master
Kube Ingress:
stage: apps
script:
- echo "Start kubernetes post-deployment steps."
- cd infra
- ./make_ansible_inventory.sh
- cd ..
- cp -r kube/kubespray_inventory ansible/inventory/
- cd ansible
- export ANSIBLE_FORCE_COLOR=1
- ansible-playbook -i inventory/kubespray_inventory/kube_hosts.ini -e ansible_user=centos playbooks/ingress.yml
- echo "Kubernetes post-deployment finished."
only:
- master
Kube RBAC:
stage: apps
script:
- echo "Start kubernetes post-deployment steps."
- cd infra
- ./make_ansible_inventory.sh
- cd ..
- cp -r kube/kubespray_inventory ansible/inventory/
- cd ansible
- export ANSIBLE_FORCE_COLOR=1
- ansible-playbook -i inventory/kubespray_inventory/kube_hosts.ini -e ansible_user=centos playbooks/rbac.yml
- echo "Kubernetes post-deployment finished."
only:
- master
Destroy:
stage: destroy
script:
- cd infra
- terraform init -reconfigure -get=true -get-plugins=true
- terraform destroy -input=false -auto-approve
only:
- master
when: manual
artifacts:
name: tf_config
paths:
- ./infra/terraform.tfstate