-
Notifications
You must be signed in to change notification settings - Fork 17
/
Copy pathACS::CICD::DockerDeployOnSingleEcs.yml
302 lines (295 loc) · 9.91 KB
/
ACS::CICD::DockerDeployOnSingleEcs.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
FormatVersion: OOS-2019-06-01
Description:
name-en: ACS::CICD::DockerDeployOnSingleEcs
name-zh-cn: 部署Docker镜像在单台ECS
en: Deploy Docker Image (only support linux machine)
zh-cn: 部署Docker镜像 (仅支持在linux机器部署)
Parameters:
regionId:
Label:
en: region
zh-cn: 地域
Type: String
Default: '{{ ACS::RegionId }}'
AssociationProperty: RegionId
instanceId:
Label:
en: ECSInstanceId
zh-cn: ECS实例ID
Type: String
AssociationProperty: ALIYUN::ECS::Instance::InstanceId
AssociationPropertyMetadata:
RegionId: regionId
acrType:
Label:
en: ACR Type
zh-cn: 容器镜像类型
Type: String
AllowedValues:
- Enterprise
- Personal
AssociationPropertyMetadata:
ValueLabelMapping:
Enterprise: 企业版
Personal: 个人版
username:
Label:
en: Username
zh-cn: 用户名
Description:
en: Username, represents the username of the container image
zh-cn: 容器镜像仓库用户名
Type: String
Default: ''
AssociationPropertyMetadata:
Visible:
Condition:
Fn::Equals:
- ${acrType}
- Personal
Required:
Condition:
Fn::Equals:
- ${acrType}
- Personal
password:
Label:
en: Password
zh-cn: 密码
Description:
en: Password, represents the password of the container image
zh-cn: 容器镜像仓库密码
Default: ''
Type: String
AssociationPropertyMetadata:
Visible:
Condition:
Fn::Equals:
- ${acrType}
- Personal
Required:
Condition:
Fn::Equals:
- ${acrType}
- Personal
acrId:
Label:
en: ACR Instance ID
zh-cn: 容器镜像服务实例ID
Description:
en: ACR ID, represents the ID of the cloud container registry
zh-cn: 容器镜像服务实例ID
Type: String
Default: ''
AssociationProperty: ALIYUN::CR::Instance::InstanceId
AssociationPropertyMetadata:
Visible:
Condition:
Fn::Equals:
- ${acrType}
- Enterprise
Required:
Condition:
Fn::Equals:
- ${acrType}
- Enterprise
namespace:
Label:
en: NameSpace
zh-cn: 命名空间
Description:
en: namespace, represents the namespace of the container image
zh-cn: 容器镜像仓库命名空间
Type: String
Default: ''
AssociationProperty: ALIYUN::CR::NameSpace::Name
AssociationPropertyMetadata:
InstanceId: ${acrId}
Attribute: NamespaceName
Visible:
Condition:
Fn::Equals:
- ${acrType}
- Enterprise
Required:
Condition:
Fn::Equals:
- ${acrType}
- Enterprise
repoName:
Label:
en: Repo Name
zh-cn: 仓库名称
Description:
en: Repo Name, represents the repository name of the container image
zh-cn: 容器镜像仓库名称
Type: String
AssociationProperty: ALIYUN::CR::Repository::RepoName
AssociationPropertyMetadata:
AcrType: ${acrType}
RegionId: ${regionId}
InstanceId: ${acrId}
RepoNamespaceName: ${namespace}
RepoStatus: ALL
imageVersion:
Label:
en: Image Version
zh-cn: 镜像版本
Description:
en: Image Version, represents the version of the container image to pull
zh-cn: 要拉取的镜像版本
Type: String
dockerRunOptions:
Label:
en: DockerRunOptions
zh-cn: Docker运行选项
Description:
en: DockerRunOptions, represents the options of the command "docker run", such as "-p 80:80". These will be added to the docker run command. Note that --name is not open for specification, OOS will automatically generate the default container name.
zh-cn: docker run命令的选项, 例如"-p 80:80",这些选项会被添加到docker run命令中。注意,--name不开放指定,由OOS自动生成默认容器名。
Type: String
AllowedPattern: ^(?!.*--name).*$
Default: ''
isInternal:
Label:
en: whether to use internal link to pull image
zh-cn: 是否通过内网链接拉取镜像
Description:
en: False generates an public url, True generates an internal url. If you want to use internal link to pull image, please ensure that your image repository and ECS instance are in the same VPC (personal acr, accessible to all VPC machines, no separate configuration required), please refer to <a href="https://help.aliyun.com/zh/acr/user-guide/configure-access-over-vpcs/?spm=a2c4g.11186623.0.0.3af016be83KUhr" target="_blank">acr configuration access VPC</a>.
zh-cn: False生成公网URL,True生成内网URL。如果您想要使用内网链接拉取镜像,请确保您的镜像仓库和ECS实例在同一个VPC内(个人版acr,VPC机器均可访问,无需单独配置),具体请参考<a href="https://help.aliyun.com/zh/acr/user-guide/configure-access-over-vpcs/?spm=a2c4g.11186623.0.0.3af016be83KUhr" target="_blank">acr配置访问VPC</a>。
Type: Boolean
Default: true
Tasks:
- Name: checkInstance
Action: ACS::CheckFor
Description: Checks if the ECS OSType is linux
Properties:
Service: ECS
API: DescribeInstances
Parameters:
InstanceIds:
- '{{ instanceId }}'
DesiredValues:
- linux
PropertySelector: Instances.Instance[].OSType
- Name: installDocker
Description:
en: Install environment
zh-cn: 安装环境
Action: ACS::ECS::ConfigureOOSPackageWithTemporaryURL
Properties:
regionId: '{{ regionId }}'
instanceId: '{{ instanceId }}'
action: install
packageName: ACS-Extension-DockerCE-1853370294850618
- Name: generateAuthorizationToken
Action: ACS::CR::GetAuthorizationToken
When:
Fn::Equals:
- '{{ acrType }}'
- 'Enterprise'
Description:
en: Generate authorization token
zh-cn: 生成授权令牌
Properties:
instanceId: '{{ acrId }}'
Outputs:
tempUsername:
Type: String
ValueSelector: tempUsername
authorizationToken:
Type: String
ValueSelector: authorizationToken
- Name: getAcrName
Action: ACS::ExecuteAPI
When:
Fn::Equals:
- '{{ acrType }}'
- 'Enterprise'
Description:
en: Get ACR name
zh-cn: 获取acr名称
Properties:
Service: CR
API: GetInstance
Parameters:
InstanceId: '{{acrId}}'
Outputs:
acrName:
Type: String
ValueSelector: .InstanceName
- Name: dockerDeployEnterprise
When:
Fn::Equals:
- '{{ acrType }}'
- 'Enterprise'
Description:
en: Deploy Docker Image (from enterprise ACR)
zh-cn: 部署Docker镜像(从企业版仓库拉取)
Action: ACS::ECS::RunCommand
Properties:
regionId: '{{ regionId }}'
instanceId: '{{ instanceId }}'
commandType: RunShellScript
commandContent: |-
#!/bin/bash
if [ {{ isInternal }} == true ]; then
repo={{getAcrName.acrName}}-registry-vpc.{{regionId}}.cr.aliyuncs.com
current_image={{getAcrName.acrName}}-registry-vpc.{{regionId}}.cr.aliyuncs.com/{{namespace}}/{{repoName}}:{{imageVersion}}
else
repo={{getAcrName.acrName}}-registry.{{regionId}}.cr.aliyuncs.com
current_image={{getAcrName.acrName}}-registry.{{regionId}}.cr.aliyuncs.com/{{namespace}}/{{repoName}}:{{imageVersion}}
fi
docker login --username={{ generateAuthorizationToken.tempUsername }} --password={{ generateAuthorizationToken.authorizationToken }} $repo
docker pull $current_image
container_name="oos-{{getAcrName.acrName}}-{{regionId}}-{{namespace}}-{{repoName}}"
container_id=$(docker ps -aq -f name=${container_name})
if [ -n "$container_id" ]; then
docker stop $container_id
docker rm $container_id
fi
if [ -n '{{ dockerRunOptions }}' ]; then
docker run -d --name ${container_name} {{ dockerRunOptions }} $current_image
else
docker run -d --name ${container_name} $current_image
fi
- Name: dockerDeployPersonal
When:
Fn::Equals:
- '{{ acrType }}'
- 'Personal'
Description:
en: Deploy Docker Image (from personal ACR)
zh-cn: 部署Docker镜像(从个人版仓库拉取)
Action: ACS::ECS::RunCommand
Properties:
regionId: '{{ regionId }}'
instanceId: '{{ instanceId }}'
commandType: RunShellScript
commandContent: |-
#!/bin/bash
if [ {{ isInternal }} == true ]; then
repo=registry-vpc.{{regionId}}.aliyuncs.com
original_repo_name="{{repoName}}"
modified_repo_name=$(echo "$original_repo_name" | sed 's/registry\(.*\)\./registry-vpc\1./')
current_image=$modified_repo_name:{{imageVersion}}
else
repo=registry.{{regionId}}.aliyuncs.com
current_image={{repoName}}:{{imageVersion}}
fi
docker login --username={{ username }} --password={{ password }} $repo
docker pull $current_image
input_full_repo_name="{{repoName}}"
cur_repo_name=${input_full_repo_name##*/}
input_full_repo_name_without_tail=${input_full_repo_name%/*}
cur_namespace=${input_full_repo_name_without_tail##*/}
container_name="oos-{{regionId}}-$cur_namespace-$cur_repo_name"
container_id=$(docker ps -aq -f name=${container_name})
if [ -n "$container_id" ]; then
docker stop $container_id
docker rm $container_id
fi
if [ -n '{{ dockerRunOptions }}' ]; then
docker run -d --name ${container_name} {{ dockerRunOptions }} $current_image
else
docker run -d --name ${container_name} $current_image
fi