Gitlab CI/CD: Deploy on different servers
I had a scenario where I needed to deploy different branches on different environments(Here I am using Digital Ocean’s beautiful droplets)
I have decided to go with Gitlab since their ci cd service is quite reliable and flexible. I have created the self-hosted gitlab runner on Server1(100.100.100.1)
Now, I was having 2 branches:
- master → which needs to be deployed on Server1(100.100.100.1)
- develop → which needs to be deployed on Server2(100.100.100.2)
Here, trouble comes because we are using self-hosted gitlab runner on Server1. We have control of Server1 only so we can setup deployment on this server easily, so we will set deployment in a way that whenever any push occurs to master branch, it will be deployed on this server.
So .gitlab-ci.yml will look like below for master branch:
stages:
- deploy
deploy_to_production:
stage: deploy environment:
name: production
url: 165.227.46.221 before_script:
- echo "Before script...."
- echo $SSH_PRIVATE_KEY
- 'which ssh-agent || ( apt-get update -y && apt-get install openssh-client -y )'
- eval $(ssh-agent -s)
- ssh-add <(echo "$SSH_PRIVATE_KEY")
- mkdir -p ~/.ssh
- '[[ -f /.dockerenv ]] && echo -e "Host *\n\tStrictHostKeyChecking no\n\n" > ~/.ssh/config' script:
- cd /var/www/html/my-project
- git pull origin master only:
- master
SSH_PRIVATE_KEY: First you have to make sure that valid SSH key is setup on both Servers(droplets). To get private key, you can use:$ cat ~/.ssh/id_rsaa and here you have to save this key under CI/CD Settings>Variables in Gitlab (See this URL for more details: https://docs.gitlab.com/ee/ci/variables/)
Till here it was all easy, but now tricky part comes, how could I set deployment on Server2 from Server1.
So the answer could be simple: We need to access Server2 from Server1
Now the final question is how could we do that via Terminal?
There are numerous ways we could do that but simplest would be copying the ssh public key of localhost(Server1) to the remote-host(Server2).
Using ssh-copy-id
ssh-copy-id is a utility available on some operating systems that can copy an SSH public key to a remote server over SSH.
- On Server1(100.100.100.1) execute this command:
$ ssh-copy-id -i ~/.ssh/id_rsa.pub 100.100.100.2 - As an output, you will be asked to enter the password of Server2
- Once you enter it correctly, it will give output message saying:
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@100.100.100.2's password:Number of key(s) added: 1Now try logging into the machine, with: "ssh '100.100.100.2'"
and check to make sure that only the key(s) you wanted were added.
4. So from now on, you can access the Server2 from Server1 using the command: $ ssh ‘100.100.100.2’ OR $ ssh 100.100.100.2 without entering the password.
Now we just need to use this command in .gitlab-ci.yml file of devlop branch
You can visit here to get that information: https://www.linode.com/docs/security/authentication/use-public-key-authentication-with-ssh/
.gitlab-ci.yml fordevelop branch:
stages:
- deploy
deploy_to_lance:
stage: deploy
environment:
name: lance
url: 165.227.186.188
script:
- uname -n
- ssh root@165.227.186.188 "cd /var/www/html/my-project && git pull origin master && exit"
- uname -n
only:
- developIt was just one simple way to achieve deployment on a different server, There are many ways(“more secured 🔑”) to achieve this, but for the internal purpose, this is the best technique.
Hope you liked this, please feel free to share your opinions and thoughts if you have other ways.
Thank you!
