Detailed tutorial on the installation of Drone, an ultra lightweight automatic deployment artifact (Graphic tutorial)

preface

Now, in our daily development or production environment, we often get a set of automatic deployment scheme to save time and cost. A popular implementation scheme is Gitlab+Jenkins, but this scheme still occupies a large memory and needs about 8G of server memory. Otherwise, it is difficult to run smoothly and deploy quickly. Recently, Xiaoxiang found an artifact Drone , the lightweight CI/CD tool, which I use in combination with Gogs, consumes less than 1G of memory. Let's talk about this tool here.

Introduction to Drone

Drone is a container technology continuous integration tool based on go, which can directly use YAML configuration file to complete automatic construction, testing and deployment tasks.

Advantages:

drone introduces the concept of pipline. The whole build process consists of multiple stage s, each of which is a docker.

  • Each stage can share the disk directory of the host computer to realize the data sharing in the build stage and cache the basic data, so as to achieve the goal of accelerating the next build
  • Each stage can also share the docker environment of the host computer to share the docker image of the host computer without pulling the base image again every build to reduce the build time
  • Can run concurrently. Multiple build s can run concurrently, and the number of single machines is determined by the number of server CPUs. The developer is responsible for image packaging and process control. Docker in docker, this is very important. Everything is under control. The advantage over jenkins is that all images are provided by developers, and there is no need for O & M to participate in the deployment of various language compilation environments on the CI server.
    Is DevOps best practice!

Using tutorials

Because this article uses the git version of Gogs to manage the stored code, you can refer to my previous article for installation, Gogs installation and deployment

Drone download and install

The installation is completed in a few seconds using Docker

  • Download images of Drone and Runner
# Drone's Server
docker pull drone/drone:1
# Drone's Runner
docker pull drone-runner-docker:1
  • Here are the concepts of Server and Runner. Let's understand them first;

    • Server: provides a Web page for the management of Drone, which is used to manage the pipeline tasks in the warehouse obtained from Git.
    • Runner: a separate daemon that polls the Server to obtain the pipeline tasks to be executed, and then executes them.

1. Install the Drone server

docker run \
  -v /www/wwwroot/data/docker/drone:/data \
  -e DRONE_AGENTS_ENABLED=true \
  -e DRONE_GOGS_SERVER=https://gogs.weiye.link \
  -e DRONE_RPC_SECRET=dronerpc666 \
  -e DRONE_SERVER_HOST=192.168.31.114:3080 \
  -e DRONE_SERVER_PROTO=http \
  -e DRONE_USER_CREATE=username:weiye,admin:true \
  -e TZ="Asia/Shanghai" \
  -p 3080:80 \
  --restart=always \
  --detach=true \
  --name=drone \
  drone/drone:1
  • There are many configuration parameters here, which are explained in a unified way below;

    • DRONE_GOGS_SERVER: used to configure the Gogs service address. It can be IP directly http://192.168.31.114:10080
    • DRONE_RPC_SECRET: Drone's shared secret key is used to verify the rpc connection to the server. The server and runner need to provide the same secret key.
    • DRONE_SERVER_HOST: used to configure the externally accessible address of the Drone server.
    • DRONE_SERVER_PROTO: used to configure the externally accessible protocol of the Drone server. It must be http or https.
    • DRONE_USER_CREATE: create an administrator account, which needs to be registered in Gogs.

2. Install the drone runner docker

  • When there are tasks to be executed, a temporary container will be started to execute pipeline tasks
docker run -d \
  -v /var/run/docker.sock:/var/run/docker.sock \
  -e DRONE_RPC_PROTO=http \
  -e DRONE_RPC_HOST=192.168.31.114:3080 \
  -e DRONE_RPC_SECRET=dronerpc666 \
  -e DRONE_RUNNER_CAPACITY=2 \
  -e DRONE_RUNNER_NAME=runner-docker \
  -e TZ="Asia/Shanghai" \
  -p 3000:3000 \
  --restart always \
  --name runner-docker \
  drone/drone-runner-docker:1
  • There are many configuration parameters here, which are explained below.

    • DRONE_RPC_PROTO: used to configure the protocol for connecting to the Drone server. It must be http or https.
    • DRONE_RPC_HOST: used to configure the access address of the Drone server. The runner will connect to the server to obtain and execute pipeline tasks.
    • DRONE_RPC_SECRET: used to configure the shared secret key connected to the Drone server.
    • DRONE_ RUNNER_ Capability: limit the number of pipeline tasks that the runner can execute concurrently.
    • DRONE_RUNNER_NAME: the name of the custom runner.

Drone use

Open Drone, log in to the administrator account of Gogs with IP + 3080, and you can enter the console. Access address: http://192.168.31.114:3080/

  • After logging in, we can see that there are items in gogs. If not, you can click the SYNC button in the upper right corner.

  • Configure the warehouse so that the container created by Drone can be mounted on the host
  • Select a warehouse and click ACTIVATE to set the warehouse - > check trusted - > save.

  • After saving successfully, we enter the Gogs management panel, open the item just operated, and check whether the WEB hook is configured successfully

(optional) add Secret

Drone ensures secure access. We don't need to output password and other sensitive values in clear text in the configuration file. We can add Secret. If we don't think it's necessary, we don't need to add it directly in the following drone Just configure the plaintext password in the YML file.

Drone.yml detailed explanation

  • When we Push the code to the Git warehouse, the Web hook will be triggered automatically, and then Drone will Clone the code from the Git warehouse, and then pass the code in the project directory Drone. Configure YML and execute the corresponding pipeline. Next, let's see how this script is written.

Create in the root directory of the warehouse drone.yml profile
The configuration file refers to the following configuration:

kind: pipeline # Define object types, as well as secret and signature
type: docker # Define pipeline types, as well as kubernetes, exec, ssh and other types
name: drone-study # Define pipeline name

steps: # Define pipeline execution steps, which will be executed in sequence
  - name: package # 1. Pipeline name (maven package)
    pull: if-not-exists
    image: maven:ibmjava-alpine # Defines the Docker image that creates the container
    volumes: # To mount the directory in the container to the host computer, the warehouse needs to enable the Trusted setting
      - name: maven-cache
        path: /root/.m2 # Mount the directory that maven download depends on to prevent repeated downloads
        # The directory where the host is mounted
      - name: maven-build
        path: /app/build/drone-study # Mount the packaged Jar and execution script of the application
    commands: # Define the shell commands executed in the Docker container, which are copied to the maven image container. Just distinguish the items
      - mvn clean package -Dmaven.test.skip=true
      - cp target/drone.jar /app/build/drone-study/drone.jar
      - cp Dockerfile /app/build/drone-study/Dockerfile
      - cp run.sh /app/build/drone-study/run.sh

  - name: build-start # 2. Pipeline name (ssh default manual operation packaged jar package)
    image: appleboy/drone-ssh # ssh tool image
    settings:
      host: weiye.link # The remote connection address can be IP or domain name
      username: root # Remote connection account
#      password: 123456 #enable password 
#      password:
#        from_secret: ssh_password # Read SSH password from Secret
      key:
        from_secret: ssh_key # Read SSH key from Secret
      port: 22 # Remote connection port
      command_timeout: 10m # Remote command execution timeout
      script_stop: false # Set to false. If the first error is encountered, the following commands will continue to run
      script:
        - cd /www/wwwroot/data/maven/build/drone-study # Enter the host organization to create a directory, and you can select the directory according to yourself
        - chmod +x run.sh # Change to executable script
        - ./run.sh # Run the script to package the application image and run it
  - name: notify # 3. Notification (nailing notification is used here. Wechat notification, email notification, etc. can be used)
    pull: if-not-exists
    image: guoxudongdocker/drone-dingtalk:latest
    settings:
      token:
        from_secret: dingtalk_token
      type: markdown
      message_color: true
      message_pic: true
      sha_link: true
    when:
      status: [failure, success]

volumes: # Defines the pipeline mount directory for sharing data
  - name: maven-build
    host:
      path: /www/wwwroot/data/maven/build/drone-study # Directory mounted from host
  - name: maven-cache
    host:
      path: /www/wwwroot/data/maven/cache

be careful:

Determine the directory of your host computer

You can learn the judgment syntax of drone: https://docs.drone.io/pipeline/docker/syntax/conditions/#by-branch

  • run. The SH execution script can package applications and run container images. The configuration is as follows:
#!/usr/bin/env bash
# Define application group name
group_name='xiang'
# Define application name
app_name='drone-study'
# Define application version
app_version='v1'
docker stop ${app_name}
echo '----stop container----'
docker rm ${app_name}
echo '----rm container----'
docker rmi ${group_name}/${app_name}:${app_version}
echo '----rm image----'
# Package and compile docker image
docker build -t ${group_name}/${app_name}:${app_version} .
echo '----build image----'
docker run -it -p 6003:6003 --name ${app_name} \
-d ${group_name}/${app_name}:${app_version}
echo '----start container----'

  • After the file is written, GIT pushes it to the warehouse, gogs will notify drone to deploy, and drone will find it drone. The YML configuration file will be built according to the steps in the configuration file. During deployment, you can view the deployment of each step in the drone

  • Nailing notification succeeded

answering question

  1. Must the yml file be stored in the git repository root directory

    Yes, it must be in the root directory

  2. Whether the YML file name must be drone.yml

    The default file name is drone.yml, or you can modify the file name of yml through the drone web management interface

  3. How does git submit code make drone skip this submission and not execute pipeline

    When submitting code, add [CI SKIP] to skip through comments, such as: git commit – m "first commit [CI SKIP]"

  4. There is no Trusted in the repository setting item Project settings of the drone web interface

    When the Drone Server starts, specify the drone_ USER_ The create parameter is used to set the administrator account. Trusted can be seen and set only by opening the drone web interface with the administrator account

  5. How to get the pin notification Token

    Yes, Baidu. It's very simple. Get the token and add it to the Secrets of the drone console. It's called dingtalk_token

summary

Overall, it is still very good to use. The construction speed can be further optimized. Using scripts to define pipeline tasks is undoubtedly simpler and more intuitive. Drone is more lightweight, takes less memory and has fast response speed. If the team members are not very big, it is recommended to use it!

reference material:

  • Official documents: https://docs.drone.io/

Project source code address:

https://github.com/wilbur147/xiangStudy/tree/main/lab-drone

Keywords: Linux Operation & Maintenance Docker

Added by kristoff on Wed, 29 Dec 2021 19:40:45 +0200