使用 gitlab 管道的两个任务定义中的 AWS ECS 图像
AWS ECS images in two task definitions using gitlab pipelines
在设置构建、部署和 运行 docker 映像到 AWS ECS 所需的一切方面,我已经取得了相当大的进步。
到目前为止我已经取得了:
- docker 镜像已构建并推送到我的私有 gitlab 容器注册表
- AWS ECS 集群、服务和任务定义已设置、启动并 运行。我在一个集群服务中有两个任务定义。两个容器都是 运行 - 在初始启动时,ECS 成功地从 gitlab 注册表中提取图像(React webapp,图像仅在某些前端配置中有所不同,这就是为什么我有两个 containers/task 定义)。
现在的问题:
我正在尝试按照 official gitlab documentation 将映像部署到 ECS。需要说明的是,我使用的是 Fargate,而不是 EC2。我有问题,尤其是 gitlab-ci.yml,因为在文档中,它们指的是应该用于部署的模板。
Template 本身由另外 2 个模板组成:
因为我不能按原样依赖这些模板,不仅仅是因为当我按照文档中的描述配置所有内容时它们不起作用,而且主要是因为我有两个任务定义必须在一个 CD 作业中部署.
我已经成功地将部署脚本复制到我自己的 gitlab-ci.yml 文件中。这是当前版本,只有一个任务定义:
stages:
- test
- review
- deploy
- production
- cleanup
# deployment to AWS ECS
variables:
AUTO_DEVOPS_PLATFORM_TARGET: ECS
CI_AWS_ECS_CLUSTER: app-development
CI_AWS_ECS_SERVICE: app-frontend-dev-service
CI_AWS_ECS_TASK_DEFINITION: app-frontend-dev-a
#CI_AWS_ECS_TASK_DEFINITION_B: app-frontend-dev-b
.ecs_image:
image: 'registry.gitlab.com/gitlab-org/cloud-deploy/aws-ecs:latest'
.deploy_to_ecs:
extends: .ecs_image
dependencies: []
script:
- ecs update-task-definition
.review_ecs_base:
stage: review
extends: .deploy_to_ecs
.production_ecs_base:
stage: production
extends: .deploy_to_ecs
environment:
name: production
.stop_review_ecs_base:
extends: .ecs_image
stage: cleanup
allow_failure: true
script:
- ecs stop-task
review_ecs:
extends: .review_ecs_base
environment:
name: review/$CI_COMMIT_REF_NAME
on_stop: stop_review_ecs
rules:
- if: '$AUTO_DEVOPS_PLATFORM_TARGET != "ECS"'
when: never
- if: '$CI_KUBERNETES_ACTIVE || $KUBECONFIG'
when: never
- if: '$REVIEW_DISABLED'
when: never
- if: '$CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH'
when: never
- if: '$CI_COMMIT_TAG || $CI_COMMIT_BRANCH'
stop_review_ecs:
extends: .stop_review_ecs_base
environment:
name: review/$CI_COMMIT_REF_NAME
action: stop
rules:
- if: '$AUTO_DEVOPS_PLATFORM_TARGET != "ECS"'
when: never
- if: '$CI_KUBERNETES_ACTIVE || $KUBECONFIG'
when: never
- if: '$REVIEW_DISABLED'
when: never
- if: '$CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH'
when: never
- if: '$CI_COMMIT_TAG || $CI_COMMIT_BRANCH'
when: manual
review_fargate:
extends: .review_ecs_base
environment:
name: review/$CI_COMMIT_REF_NAME
on_stop: stop_review_fargate
script:
- ecs update-task-definition
rules:
- if: '$AUTO_DEVOPS_PLATFORM_TARGET != "FARGATE"'
when: never
- if: '$CI_KUBERNETES_ACTIVE || $KUBECONFIG'
when: never
- if: '$REVIEW_DISABLED'
when: never
- if: '$CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH'
when: never
- if: '$CI_COMMIT_TAG || $CI_COMMIT_BRANCH'
stop_review_fargate:
extends: .stop_review_ecs_base
environment:
name: review/$CI_COMMIT_REF_NAME
action: stop
rules:
- if: '$AUTO_DEVOPS_PLATFORM_TARGET != "FARGATE"'
when: never
- if: '$CI_KUBERNETES_ACTIVE || $KUBECONFIG'
when: never
- if: '$REVIEW_DISABLED'
when: never
- if: '$CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH'
when: never
- if: '$CI_COMMIT_TAG || $CI_COMMIT_BRANCH'
when: manual
production_ecs:
extends: .production_ecs_base
rules:
- if: '$AUTO_DEVOPS_PLATFORM_TARGET != "ECS"'
when: never
- if: '$CI_KUBERNETES_ACTIVE || $KUBECONFIG'
when: never
- if: '$CI_COMMIT_BRANCH != $CI_DEFAULT_BRANCH'
when: never
- if: '$CI_COMMIT_TAG || $CI_COMMIT_BRANCH'
production_fargate:
extends: .production_ecs_base
rules:
- if: '$AUTO_DEVOPS_PLATFORM_TARGET != "FARGATE"'
when: never
- if: '$CI_KUBERNETES_ACTIVE || $KUBECONFIG'
when: never
- if: '$CI_COMMIT_BRANCH != $CI_DEFAULT_BRANCH'
when: never
- if: '$CI_COMMIT_TAG || $CI_COMMIT_BRANCH'
老实说,我不知道所有这些脚本块(审核、制作...)在做什么。我很高兴收到任何建议,通过 运行 两个任务定义使这个尽可能简单,但也遵循一些最佳实践。
所以我在与 AWS Support 交谈后找到了解决方案,这使这个问题有了更多的了解,但我设法提出了与他们建议的解决方案略有不同的解决方案。
他们的解决方案是注册一个新的任务定义,然后更新服务,这很好,但前提是您确实需要为每个部署作业修改新的任务,而我没有这样做。我使用相同的图片名称和相同的图片标签。
注册新任务定义的版本如下所示:
- aws ecs register-task-definition --cli-input-json $CI_AWS_ECS_TASK_DEFINITION_FILE --family $FAMILY
- aws ecs update-service --cluster $CI_AWS_ECS_CLUSTER --service $CI_AWS_ECS_SERVICE --task-definition $CI_AWS_ECS_TASK_DEFINITION --desired-count 1
此解决方案创建了许多修订并在部署后需要一些清理作业,因此您最终不会有数百个修订。
阅读 AWS 文档,使用 --force-new-deployment.
拉取新映像有一种更简单的方法
deploy:
image: 'registry.gitlab.com/gitlab-org/cloud-deploy/aws-ecs:latest'
stage:
deploy
environment:
name: dev
script:
- aws ecs update-service --cluster $CI_AWS_ECS_CLUSTER --service $CI_AWS_ECS_SERVICE --force-new-deployment
在设置构建、部署和 运行 docker 映像到 AWS ECS 所需的一切方面,我已经取得了相当大的进步。
到目前为止我已经取得了:
- docker 镜像已构建并推送到我的私有 gitlab 容器注册表
- AWS ECS 集群、服务和任务定义已设置、启动并 运行。我在一个集群服务中有两个任务定义。两个容器都是 运行 - 在初始启动时,ECS 成功地从 gitlab 注册表中提取图像(React webapp,图像仅在某些前端配置中有所不同,这就是为什么我有两个 containers/task 定义)。
现在的问题:
我正在尝试按照 official gitlab documentation 将映像部署到 ECS。需要说明的是,我使用的是 Fargate,而不是 EC2。我有问题,尤其是 gitlab-ci.yml,因为在文档中,它们指的是应该用于部署的模板。
Template 本身由另外 2 个模板组成:
因为我不能按原样依赖这些模板,不仅仅是因为当我按照文档中的描述配置所有内容时它们不起作用,而且主要是因为我有两个任务定义必须在一个 CD 作业中部署.
我已经成功地将部署脚本复制到我自己的 gitlab-ci.yml 文件中。这是当前版本,只有一个任务定义:
stages:
- test
- review
- deploy
- production
- cleanup
# deployment to AWS ECS
variables:
AUTO_DEVOPS_PLATFORM_TARGET: ECS
CI_AWS_ECS_CLUSTER: app-development
CI_AWS_ECS_SERVICE: app-frontend-dev-service
CI_AWS_ECS_TASK_DEFINITION: app-frontend-dev-a
#CI_AWS_ECS_TASK_DEFINITION_B: app-frontend-dev-b
.ecs_image:
image: 'registry.gitlab.com/gitlab-org/cloud-deploy/aws-ecs:latest'
.deploy_to_ecs:
extends: .ecs_image
dependencies: []
script:
- ecs update-task-definition
.review_ecs_base:
stage: review
extends: .deploy_to_ecs
.production_ecs_base:
stage: production
extends: .deploy_to_ecs
environment:
name: production
.stop_review_ecs_base:
extends: .ecs_image
stage: cleanup
allow_failure: true
script:
- ecs stop-task
review_ecs:
extends: .review_ecs_base
environment:
name: review/$CI_COMMIT_REF_NAME
on_stop: stop_review_ecs
rules:
- if: '$AUTO_DEVOPS_PLATFORM_TARGET != "ECS"'
when: never
- if: '$CI_KUBERNETES_ACTIVE || $KUBECONFIG'
when: never
- if: '$REVIEW_DISABLED'
when: never
- if: '$CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH'
when: never
- if: '$CI_COMMIT_TAG || $CI_COMMIT_BRANCH'
stop_review_ecs:
extends: .stop_review_ecs_base
environment:
name: review/$CI_COMMIT_REF_NAME
action: stop
rules:
- if: '$AUTO_DEVOPS_PLATFORM_TARGET != "ECS"'
when: never
- if: '$CI_KUBERNETES_ACTIVE || $KUBECONFIG'
when: never
- if: '$REVIEW_DISABLED'
when: never
- if: '$CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH'
when: never
- if: '$CI_COMMIT_TAG || $CI_COMMIT_BRANCH'
when: manual
review_fargate:
extends: .review_ecs_base
environment:
name: review/$CI_COMMIT_REF_NAME
on_stop: stop_review_fargate
script:
- ecs update-task-definition
rules:
- if: '$AUTO_DEVOPS_PLATFORM_TARGET != "FARGATE"'
when: never
- if: '$CI_KUBERNETES_ACTIVE || $KUBECONFIG'
when: never
- if: '$REVIEW_DISABLED'
when: never
- if: '$CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH'
when: never
- if: '$CI_COMMIT_TAG || $CI_COMMIT_BRANCH'
stop_review_fargate:
extends: .stop_review_ecs_base
environment:
name: review/$CI_COMMIT_REF_NAME
action: stop
rules:
- if: '$AUTO_DEVOPS_PLATFORM_TARGET != "FARGATE"'
when: never
- if: '$CI_KUBERNETES_ACTIVE || $KUBECONFIG'
when: never
- if: '$REVIEW_DISABLED'
when: never
- if: '$CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH'
when: never
- if: '$CI_COMMIT_TAG || $CI_COMMIT_BRANCH'
when: manual
production_ecs:
extends: .production_ecs_base
rules:
- if: '$AUTO_DEVOPS_PLATFORM_TARGET != "ECS"'
when: never
- if: '$CI_KUBERNETES_ACTIVE || $KUBECONFIG'
when: never
- if: '$CI_COMMIT_BRANCH != $CI_DEFAULT_BRANCH'
when: never
- if: '$CI_COMMIT_TAG || $CI_COMMIT_BRANCH'
production_fargate:
extends: .production_ecs_base
rules:
- if: '$AUTO_DEVOPS_PLATFORM_TARGET != "FARGATE"'
when: never
- if: '$CI_KUBERNETES_ACTIVE || $KUBECONFIG'
when: never
- if: '$CI_COMMIT_BRANCH != $CI_DEFAULT_BRANCH'
when: never
- if: '$CI_COMMIT_TAG || $CI_COMMIT_BRANCH'
老实说,我不知道所有这些脚本块(审核、制作...)在做什么。我很高兴收到任何建议,通过 运行 两个任务定义使这个尽可能简单,但也遵循一些最佳实践。
所以我在与 AWS Support 交谈后找到了解决方案,这使这个问题有了更多的了解,但我设法提出了与他们建议的解决方案略有不同的解决方案。
他们的解决方案是注册一个新的任务定义,然后更新服务,这很好,但前提是您确实需要为每个部署作业修改新的任务,而我没有这样做。我使用相同的图片名称和相同的图片标签。
注册新任务定义的版本如下所示:
- aws ecs register-task-definition --cli-input-json $CI_AWS_ECS_TASK_DEFINITION_FILE --family $FAMILY
- aws ecs update-service --cluster $CI_AWS_ECS_CLUSTER --service $CI_AWS_ECS_SERVICE --task-definition $CI_AWS_ECS_TASK_DEFINITION --desired-count 1
此解决方案创建了许多修订并在部署后需要一些清理作业,因此您最终不会有数百个修订。
阅读 AWS 文档,使用 --force-new-deployment.
deploy:
image: 'registry.gitlab.com/gitlab-org/cloud-deploy/aws-ecs:latest'
stage:
deploy
environment:
name: dev
script:
- aws ecs update-service --cluster $CI_AWS_ECS_CLUSTER --service $CI_AWS_ECS_SERVICE --force-new-deployment