Argo 工作流程停滞不前
Argo Workflow Stuck in Progressing
我创建了一个测试 Argo Workflow 来帮助我了解如何 CI/CD 部署 Ansible Playbook。当我在 Argo CD 中创建应用程序时,它可以很好地同步,但它只是卡在 Progressing
并且永远不会退出该状态。
我试着四处寻找日志中是否有任何指示,但我对 Argo 还很陌生。它甚至没有达到创建任何 pods 来执行任何步骤的地步。
想法?
这是我的工作流程:
apiVersion: argoproj.io/v1alpha1
kind: Workflow
metadata:
name: ansible-test
spec:
entrypoint: ansible-test-ci
arguments:
parameters:
- name: repo
value: ****
- name: revision
value: '1.6'
templates:
- name: ansible-test-ci
steps:
- - name: checkout
template: checkout
#- - name: test-playbook
# template: test-playbook
# arguments:
# artifacts:
# - name: source
# from: "{{steps.checkout.outputs.artifacts.source}}"
- - name: deploy
template: deploy
arguments:
artifacts:
- name: source
from: "{{steps.checkout.outputs.artifacts.source}}"
- name: checkout
inputs:
artifacts:
- name: source
path: /src
git:
repo: "{{workflow.parameters.repo}}"
#revision: "{{workflow.parameters.revision}}"
#sshPrivateKeySecret:
# name: my-secret
# key: ssh-private-key # kubectl create secret generic my-secret --from-file=ssh-private-key=~/.ssh/id_rsa2
outputs:
artifacts:
- name: source
path: /src
container:
image: alpine/git:latest
command: ["/bin/sh", "-c"]
args: ["cd /src && git status && ls -l"]
#- name: test-playbook
# inputs:
# artifacts:
# - name: source
# path: /ansible/
# container:
# image: ansible/ansible-runner:latest
# command: ["/bin/sh", "-c"]
# args: ["
# cd /ansible &&
# ansible-playbook playbook.yaml -i inventory
# "]
- name: deploy
inputs:
artifacts:
- name: source
path: /ansible/
container:
image: ansible/ansible-runner:latest
command: ["/bin/sh", "-c"]
args: ["
cd /ansible &&
ansible-playbook playbook.yaml -i inventory
"]
Argo CD 中发生的事情的图像:
我最终通过将 ServiceAccount 和 Role 资源添加到 Argo Workflow 试图 运行 的命名空间来解决这个问题。
这是我添加的角色:
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: workflow-role
rules:
# pod get/watch is used to identify the container IDs of the current pod
# pod patch is used to annotate the step's outputs back to controller (e.g. artifact location)
- apiGroups:
- ""
resources:
- pods
verbs:
- get
- watch
- patch
# logs get/watch are used to get the pods logs for script outputs, and for log archival
- apiGroups:
- ""
resources:
- pods/log
verbs:
- get
- watch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: workflow-role-binding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: workflow-role
subjects:
- kind: ServiceAccount
name: default
我创建了一个测试 Argo Workflow 来帮助我了解如何 CI/CD 部署 Ansible Playbook。当我在 Argo CD 中创建应用程序时,它可以很好地同步,但它只是卡在 Progressing
并且永远不会退出该状态。
我试着四处寻找日志中是否有任何指示,但我对 Argo 还很陌生。它甚至没有达到创建任何 pods 来执行任何步骤的地步。
想法?
这是我的工作流程:
apiVersion: argoproj.io/v1alpha1
kind: Workflow
metadata:
name: ansible-test
spec:
entrypoint: ansible-test-ci
arguments:
parameters:
- name: repo
value: ****
- name: revision
value: '1.6'
templates:
- name: ansible-test-ci
steps:
- - name: checkout
template: checkout
#- - name: test-playbook
# template: test-playbook
# arguments:
# artifacts:
# - name: source
# from: "{{steps.checkout.outputs.artifacts.source}}"
- - name: deploy
template: deploy
arguments:
artifacts:
- name: source
from: "{{steps.checkout.outputs.artifacts.source}}"
- name: checkout
inputs:
artifacts:
- name: source
path: /src
git:
repo: "{{workflow.parameters.repo}}"
#revision: "{{workflow.parameters.revision}}"
#sshPrivateKeySecret:
# name: my-secret
# key: ssh-private-key # kubectl create secret generic my-secret --from-file=ssh-private-key=~/.ssh/id_rsa2
outputs:
artifacts:
- name: source
path: /src
container:
image: alpine/git:latest
command: ["/bin/sh", "-c"]
args: ["cd /src && git status && ls -l"]
#- name: test-playbook
# inputs:
# artifacts:
# - name: source
# path: /ansible/
# container:
# image: ansible/ansible-runner:latest
# command: ["/bin/sh", "-c"]
# args: ["
# cd /ansible &&
# ansible-playbook playbook.yaml -i inventory
# "]
- name: deploy
inputs:
artifacts:
- name: source
path: /ansible/
container:
image: ansible/ansible-runner:latest
command: ["/bin/sh", "-c"]
args: ["
cd /ansible &&
ansible-playbook playbook.yaml -i inventory
"]
Argo CD 中发生的事情的图像:
我最终通过将 ServiceAccount 和 Role 资源添加到 Argo Workflow 试图 运行 的命名空间来解决这个问题。
这是我添加的角色:
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: workflow-role
rules:
# pod get/watch is used to identify the container IDs of the current pod
# pod patch is used to annotate the step's outputs back to controller (e.g. artifact location)
- apiGroups:
- ""
resources:
- pods
verbs:
- get
- watch
- patch
# logs get/watch are used to get the pods logs for script outputs, and for log archival
- apiGroups:
- ""
resources:
- pods/log
verbs:
- get
- watch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: workflow-role-binding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: workflow-role
subjects:
- kind: ServiceAccount
name: default