本READEME指导是基于action: Huawei Cloud CCI Deoloy使用华为云容器实例CCI的workflows样例
CCI部署有如下场景:
1.通过简单参数直接创建或者更新负载
2.根据提供的yaml文件创建或者更新负载
推荐使用最新版本的huaweicloud/auth-action进行华为云部署容器实例的鉴权认证。
- name: Authenticate to Huawei Cloud
uses: huaweicloud/auth-action@v1.1.0
with:
access_key_id: ${{ secrets.ACCESSKEY }}
secret_access_key: ${{ secrets.SECRETACCESSKEY }}
region: '<region>'
project_id: '<project_id>'2.华为云容器实例 Cloud Container Instance, CCI
- 服务权限管理设置
- namespace 创建命名空间(如果不存在action自动创建 )
- deployment 创建负载(如果不存在action自动创建 )
- manifest:容器实例的工作负载yaml描述文件
3.容器镜像服务(SoftWare Repository for Container,SWR)
- env参数
| Name | Require | Default | Description |
|---|---|---|---|
| REGION_ID | true | region:华北-北京四 cn-north-4;华东-上海二 cn-east-2;华东-上海一 cn-east-3;华南-广州 cn-south-1。获取方式参考huaweicloud/auth-action。 | |
| PROJECT_ID | true | 项目ID。获取方式参考huaweicloud/auth-action | |
| ACCESS_KEY_ID | true | 华为访问密钥即AK,需要在项目的setting--Secret--Actions下添加 ACCESSKEY 参数。获取方式参考huaweicloud/auth-action | |
| ACCESS_KEY_SECRET | true | 访问密钥即SK,需要在项目的setting--Secret--Actions下添加SECRETACCESSKEY 参数。获取方式参考huaweicloud/auth-action | |
| SWR_ORGANIZATION | true | SWR 组织名 | |
| IMAGE_NAME | true | 镜像名称,用户根据自己镜像命名 |
- huaweicloud/deploy-cci-action参数
| Name | Require | Default | Description |
|---|---|---|---|
| namespace | true | CCI命名空间 | |
| deployment | true | CCI负载名称 | |
| image | true | 镜像地址,如1) swr镜像中心:nginx:latest; 2) swr我的镜像:swr.cn-north-4.myhuaweicloud.com/demo/demo:v1.1 | |
| manifest | false | 负载deployment描述yaml文件Deployment |
一、代码容器构建build
- 代码检出
- 打包maven项目
- SWR容器镜像服务鉴权
- 制作并推送镜像到SWR
二、部署容器实例deploy
- 华为云统一鉴权
- 安装Kubectl工具
- 部署镜像到CCI
- uses: actions/checkout@v2 - name: Build with Maven
id: build-project
run: mvn package -Dmaven.test.skip=true -U -e -X -B - name: Log in to Huawei Cloud SWR
uses: huaweicloud/swr-login@v2.1.0
with:
region: ${{ env.REGION_ID }}
access-key-id: ${{ secrets.ACCESSKEY }}
access-key-secret: ${{ secrets.SECRETACCESSKEY }} - name: Build, Tag, and Push Image to Huawei Cloud SWR
id: build-image
env:
SWR_REGISTRY: swr.${{ env.REGION_ID }}.myhuaweicloud.com
SWR_ORGANIZATION: ${{ env.SWR_ORGANIZATION }}
IMAGE_TAG: ${{ github.sha }}
IMAGE_NAME: ${{ env.IMAGE_NAME }}
run: |
docker build -t $SWR_REGISTRY/$SWR_ORGANIZATION/$IMAGE_NAME:$IMAGE_TAG .
docker push $SWR_REGISTRY/$SWR_ORGANIZATION/$IMAGE_NAME:$IMAGE_TAG
echo "::set-output name=image::$SWR_REGISTRY/$SWR_ORGANIZATION/$IMAGE_NAME:$IMAGE_TAG" - name: Authenticate to Huawei Cloud
uses: huaweicloud/auth-action@v1.1.0
with:
access_key_id: ${{ secrets.ACCESSKEY }}
secret_access_key: ${{ secrets.SECRETACCESSKEY }}
region: ${{ env.REGION_ID }}
project_id: ${{env.PROJECT_ID}} - name: Kubectl Tool Installer
id: install-kubectl
uses: Azure/setup-kubectl@v2.1 - name: Deploy to CCI
uses: huaweicloud/deploy-cci-action@v1.2.0
id: deploy-to-cci
with:
namespace: action-namespace-name
deployment: action-deployment-name
image: ${{ needs.build.outputs.image }}- action 内容
- name: Deploy to CCI
uses: huaweicloud/deploy-cci-action@v1.2.0
id: deploy-to-cci
with:
namespace: action-namespace-name
deployment: action-deployment-name
image: ${{ needs.build.outputs.image }}
manifest: ./deployment.yml- yaml文件manifest内容
以下示例为一个名为cci-deployment的Deployment负载,负载在命名空间是cci-namespace-70395701,使用swr.cn-north-4.myhuaweicloud.com/namespace/demo:v1.1t镜像创建两个Pod,每个Pod占用500m core CPU、1G内存。
apiVersion: apps/v1 # 注意这里与Pod的区别,Deployment是apps/v1而不是v1
kind: Deployment # 资源类型为Deployment
metadata:
name: cci-deployment # 必填,Deployment的名称即是负载的名称
spec:
replicas: 2 # Pod的数量,Deployment会确保一直有2个Pod运行
selector: # Label Selector
matchLabels:
app: cci-deployment # Deployment的名称即是负载的名称
template: # Pod的定义,用于创建Pod,也称为Pod template
metadata:
labels:
app: cci-deployment # Deployment的名称即是负载的名称
spec:
containers:
- image: swr.cn-north-4.myhuaweicloud.com/namespace/demo:v1.1 # 镜像地址,传入参数image会将次镜像地址替换
name: container-0
ports:
- containerPort: 80
resources:
limits:
cpu: 500m
memory: 1024Mi
requests:
cpu: 500m
memory: 1024Mi
imagePullSecrets: # 拉取镜像使用的证书,必须为imagepull-secret
- name: imagepull-secret备注:
- github workflow yml地址:.github/workflows/deploy-cci-demo.yml
- manifest yml地址: deployment.yaml
1.代码demo工程中华为云活动页面