-
Notifications
You must be signed in to change notification settings - Fork 266
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #7 from malacourse/blue-green
This is a new CICD pipeline based on a blue green deployment using a spring boot web app
- Loading branch information
Showing
10 changed files
with
815 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,172 @@ | ||
| # A Sample OpenShift Pipeline for Blue Green deployments | ||
|
|
||
| This example demonstrates how to implement a full end-to-end Jenkins Pipeline for a Java application in a Blue/Green deployment in the OpenShift Container Platform. The pipleine will create two instances of the applicaiton in the Production namespace. There will be three routes in the namespace; a blue, green and blue-green route. The blue-green route will switch to the latest deployment when the pipeline completes. This allows for tesing of the new deployment prior to switching live traffic. Also, the previous deployment can be used to compmare the previous deployment. | ||
|
|
||
| This sample demonstrates the following capabilities: | ||
|
|
||
| * Deploying an integrated Jenkins server inside of OpenShift | ||
| * Running both custom and oob Jenkins slaves as pods in OpenShift | ||
| * "One Click" instantiation of a Jenkins Pipeline using OpenShift's Jenkins Pipeline Strategy feature | ||
| * Promotion of an application's container image within an OpenShift Cluster (using `oc tag`) | ||
| * Tagging images with the current version of the artifact defined in the pom.xml file | ||
| * Promotion of an application's container image to a blue/green production configuration | ||
| * Switching production routes between blue and green deployments after confirmation | ||
|
|
||
| ## Quickstart | ||
|
|
||
| Run the following commands to instantiate this example. | ||
|
|
||
| ``` | ||
| cd ./blue-green-spring | ||
| oc create -f projects/projects.yml | ||
| oc process openshift//jenkins-ephemeral | oc apply -f- -n simple-spring-boot-dev | ||
| oc process -f deploy/simple-spring-boot-template.yml --param-file=deploy/dev/params | oc apply -f- | ||
| oc process -f deploy/simple-spring-boot-template.yml --param-file=deploy/stage/params | oc apply -f- | ||
| oc process -f deploy/simple-spring-boot-template-prod.yml --param-file=deploy/prod/params | oc apply -f- | ||
| oc process -f build/basic-java-template.yml --param-file build/dev/params | oc apply -f- | ||
| ``` | ||
|
|
||
| ## Architecture | ||
|
|
||
| ### OpenShift Templates | ||
|
|
||
| The components of this pipeline are divided into three templates. | ||
|
|
||
| The first template, `build/simple-spring-boot-template.yml` is what we are calling the "Build" template. It contains: | ||
|
|
||
| * A `jenkinsPipelineStrategy` BuildConfig | ||
| * An `s2i` BuildConfig | ||
| * An ImageStream for the s2i build config to push to | ||
|
|
||
| The build template contains a default source code repo for a java application compatible with this pipelines architecture (https://github.com/malacourse/simple-spring-boot-web). | ||
|
|
||
| The second template, `deploy/simple-spring-boot-template.yml` is the "Deploy" template. It contains: | ||
|
|
||
| * A openjdk8 DeploymentConfig | ||
| * A Service definition | ||
| * A Route | ||
|
|
||
| The third template, `deploy/simple-spring-boot-template-prod.yml` is the "Deploy" template for a blue/green project. It contains: | ||
|
|
||
| * Two openjdk8 DeploymentConfig's | ||
| * Two Service definition's | ||
| * A Route | ||
|
|
||
| The idea behind the split between the templates is that I can deploy the build template only once (to my dev project) and that the pipeline will promote my image through all of the various stages of my application's lifecycle. The deployment template gets deployed once to each of the stages of the application lifecycle (once per OpenShift project). | ||
|
|
||
| ### Pipeline Script | ||
|
|
||
| This project includes a sample `pipeline.groovy` Jenkins Pipeline script that could be included with a Java project in order to implement a basic CI/CD pipeline for that project, under the following assumptions: | ||
|
|
||
| * The project is built with Maven | ||
| * The `pipeline.groovy` script is placed in the same directory as the `pom.xml` file in the git source. | ||
| * The OpenShift projects that represent the Application's lifecycle stages are of the naming format: `<app-name>-dev`, `<app-name>-stage`, `<app-name>-prod`. | ||
|
|
||
| For convenience, this pipeline script is already included in the following git repository, based on a [Simple Spring Boot Web app](https://github.com/malacourse/simple-spring-boot-web) app. The app displays a message that will change color based on which deployment is live in the production project. | ||
|
|
||
| https://github.com/malacourse/simple-spring-boot-web | ||
|
|
||
| ## Bill of Materials | ||
|
|
||
| * One OpenShift Container Platform Clusters | ||
| * OpenShift 3.5+ is required. | ||
| * Access to GitHub | ||
|
|
||
| ## Implementation Instructions | ||
|
|
||
| ### 1. Create Lifecycle Stages | ||
|
|
||
| For the purposes of this demo, we are going to create three stages for our application to be promoted through. | ||
|
|
||
| - `simple-spring-boot-dev` | ||
| - `simple-spring-boot-stage` | ||
| - `simple-spring-boot-prod` | ||
|
|
||
| In the spirit of _Infrastructure as Code_ we have a YAML file that defines the `ProjectRequests` for us. This is as an alternative to running `oc new-project`, but will yeild the same result. | ||
|
|
||
| ``` | ||
| $ oc create -f projects/projects.yml | ||
| projectrequest "simple-spring-boot-dev" created | ||
| projectrequest "simple-spring-boot-stage" created | ||
| projectrequest "simple-spring-boot-prod" created | ||
| ``` | ||
|
|
||
| ### 2. Stand up Jenkins master in dev | ||
|
|
||
| For this step, the OpenShift default template set provides exactly what we need to get jenkins up and running. | ||
|
|
||
| ``` | ||
| $ oc process openshift//jenkins-ephemeral | oc apply -f- -n simple-spring-boot-dev | ||
| route "jenkins" created | ||
| deploymentconfig "jenkins" created | ||
| serviceaccount "jenkins" created | ||
| rolebinding "jenkins_edit" created | ||
| service "jenkins-jnlp" created | ||
| service "jenkins" created | ||
| ``` | ||
|
|
||
| ### 4. Instantiate Pipeline | ||
|
|
||
| A _deploy template_ is provided at `deploy/simple-spring-boot-template.yml` that defines all of the resources required to run the openjdk8 application. It includes: | ||
|
|
||
| * A `Service` | ||
| * A `Route` | ||
| * An `ImageStream` | ||
| * A `DeploymentConfig` | ||
| * A `RoleBinding` to allow Jenkins to deploy in each namespace. | ||
|
|
||
| This template should be instantiated once in each of the lower level namespaces (dev, stage,qa) that our app will be deployed to. For this purpose, we have created a param file to be fed to `oc process` to customize the template for each environment. | ||
|
|
||
| A production blue/green_deploy template_ is provided at `deploy/simple-spring-boot-template-prod.yml` that defines all of the resources required to run the openjdk8 application. It includes: | ||
|
|
||
| * Two `Service's` | ||
| * Three `Route's` a blue route, green route and main route that switches between the two deployments/services. | ||
| * Two `ImageStream's` | ||
| * Two `DeploymentConfig's` | ||
| * A `RoleBinding` to allow Jenkins to deploy in each namespace. | ||
|
|
||
| This template should be instantiated in the production blue/green namespace that our app will be deployed to. For this purpose, we have created a param file to be fed to `oc process` to customize the template for each environment. | ||
|
|
||
| Deploy the deployment template to all three projects. | ||
| ``` | ||
| $ oc process -f deploy/simple-spring-boot-template.yml --param-file=deploy/dev/params | oc apply -f- | ||
| service "simple-spring-boot" created | ||
| route "simple-spring-boot" created | ||
| imagestream "simple-spring-boot" created | ||
| deploymentconfig "simple-spring-boot" created | ||
| rolebinding "jenkins_edit" configured | ||
| $ oc process -f deploy/simple-spring-boot-template.yml --param-file=deploy/stage/params | oc apply -f- | ||
| service "simple-spring-boot" created | ||
| route "simple-spring-boot" created | ||
| imagestream "simple-spring-boot" created | ||
| deploymentconfig "simple-spring-boot" created | ||
| rolebinding "jenkins_edit" created | ||
| $ oc process -f deploy/simple-spring-boot-template-prod.yml --param-file=deploy/prod/params | oc apply -f- | ||
| service "simple-spring-boot" created | ||
| route "simple-spring-boot" created | ||
| imagestream "simple-spring-boot" created | ||
| deploymentconfig "simple-spring-boot" created | ||
| rolebinding "jenkins_edit" created | ||
| ``` | ||
|
|
||
| A _build template_ is provided at `build/basic-java-template.yml` that defines all the resources required to build our java app. It includes: | ||
|
|
||
| * A `BuildConfig` that defines a `JenkinsPipelineStrategy` build, which will be used to define out pipeline. | ||
| * A `BuildConfig` that defines a `Source` build with `Binary` input. This will build our image. | ||
|
|
||
| Deploy the pipeline template in dev only. | ||
| ``` | ||
| $ oc process -f build/basic-java-template.yml --param-file build/dev/params | oc apply -f- | ||
| buildconfig "simple-spring-boot-pipeline" created | ||
| buildconfig "simple-spring-boot" created | ||
| ``` | ||
|
|
||
| At this point you should be able to go to the Web Console and follow the pipeline by clicking in your `myapp-dev` project, and going to *Builds* -> *Pipelines*. There is a prompt for input on the pipeline before the production route is switched to the new deployment. You can interact with it by clicking on the _input required_ link, which takes you to Jenkins, where you can click the *Proceed* button. By the time you get through the end of the pipeline you should be able to visit the Route for your app deployed to the `myapp-prod` project to confirm that your image has been promoted through all stages. | ||
|
|
||
| ## Cleanup | ||
|
|
||
| Cleaning up this example is as simple as deleting the projects we created at the beginning. | ||
|
|
||
| ``` | ||
| oc delete project simple-spring-boot-dev simple-spring-boot-prod simple-spring-boot-stage | ||
| ``` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,102 @@ | ||
| apiVersion: v1 | ||
| kind: Template | ||
| labels: | ||
| template: generic-java-jenkins-pipeline | ||
| metadata: | ||
| annotations: | ||
| description: Application template for JWS applications built using a Jenkins Pipeline | ||
| iconClass: icon-tomcat | ||
| tags: tomcat,tomcat8,java,jboss,xpaas,jenkins-ci | ||
| version: 1.2.0 | ||
| name: generic-java-jenkins-pipeline | ||
| objects: | ||
| - kind: "BuildConfig" | ||
| apiVersion: "v1" | ||
| metadata: | ||
| labels: | ||
| application: ${APPLICATION_NAME} | ||
| name: "${APPLICATION_NAME}-pipeline" | ||
| namespace: "${NAMESPACE}" | ||
| spec: | ||
| source: | ||
| type: Git | ||
| git: | ||
| uri: ${SOURCE_REPOSITORY_URL} | ||
| ref: ${SOURCE_REPOSITORY_REF} | ||
| contextDir: ${CONTEXT_DIR} | ||
| triggers: | ||
| - type: "GitHub" | ||
| github: | ||
| secret: ${GITHUB_WEBHOOK_SECRET} | ||
| - type: "ConfigChange" | ||
| strategy: | ||
| type: "JenkinsPipeline" | ||
| jenkinsPipelineStrategy: | ||
| jenkinsfilePath: ${PIPELINE_SCRIPT} | ||
| env: | ||
| - name: "BUILD_CONTEXT_DIR" | ||
| value: "demo" | ||
| - apiVersion: v1 | ||
| kind: BuildConfig | ||
| metadata: | ||
| labels: | ||
| application: ${APPLICATION_NAME} | ||
| name: ${APPLICATION_NAME} | ||
| namespace: "${NAMESPACE}" | ||
| spec: | ||
| output: | ||
| to: | ||
| kind: ImageStreamTag | ||
| name: ${APPLICATION_NAME}:latest | ||
| source: | ||
| binary: {} | ||
| type: Binary | ||
| strategy: | ||
| sourceStrategy: | ||
| from: | ||
| kind: ImageStreamTag | ||
| name: ${IMAGE_STREAM_TAG_NAME} | ||
| namespace: ${IMAGE_STREAM_NAMESPACE} | ||
| type: Source | ||
| parameters: | ||
| - description: The name for the application. | ||
| name: APPLICATION_NAME | ||
| required: true | ||
| value: simple-spring-boot | ||
| - description: The namespace to deploy into | ||
| name: NAMESPACE | ||
| required: true | ||
| - description: Git source URI for application | ||
| name: SOURCE_REPOSITORY_URL | ||
| required: true | ||
| value: https://github.com/malacourse/simple-spring-boot-web.git | ||
| - description: Git branch/tag reference | ||
| name: SOURCE_REPOSITORY_REF | ||
| value: "master" | ||
| - description: Path within Git project to build; empty for root project directory. | ||
| name: CONTEXT_DIR | ||
| value: | ||
| - description: Path within Git project pointing to the pipeline run script | ||
| name: PIPELINE_SCRIPT | ||
| value: pipeline.groovy | ||
| - description: GitHub trigger secret | ||
| from: '[a-zA-Z0-9]{8}' | ||
| generate: expression | ||
| name: GITHUB_WEBHOOK_SECRET | ||
| required: true | ||
| - description: Generic build trigger secret | ||
| from: '[a-zA-Z0-9]{8}' | ||
| generate: expression | ||
| name: GENERIC_WEBHOOK_SECRET | ||
| required: true | ||
| - description: Namespace in which the ImageStreams for Red Hat Middleware images are | ||
| installed. These ImageStreams are normally installed in the openshift namespace. | ||
| You should only need to modify this if you've installed the ImageStreams in a | ||
| different namespace/project. | ||
| name: IMAGE_STREAM_NAMESPACE | ||
| required: true | ||
| value: openshift | ||
| - description: Image stream tag for the image you'd like to use to build the application | ||
| name: IMAGE_STREAM_TAG_NAME | ||
| required: true | ||
| value: redhat-openjdk18-openshift:1.1 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,3 @@ | ||
| APPLICATION_NAME=spring-boot-web | ||
| NAMESPACE=simple-spring-boot-dev | ||
| IMAGE_STREAM_TAG_NAME=redhat-openjdk18-openshift:1.1 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,3 @@ | ||
| APPLICATION_NAME=spring-boot-web | ||
| NAMESPACE=simple-spring-boot-dev | ||
| SA_NAMESPACE=simple-spring-boot-dev |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,4 @@ | ||
| APPLICATION_NAME=spring-boot-web | ||
| NAMESPACE=simple-spring-boot-prod | ||
| SA_NAME=jenkins | ||
| SA_NAMESPACE=simple-spring-boot-dev |
Oops, something went wrong.