Environment: Production
-Version: ${IMAGE_TAG}
-- Image: ${DOCKER_REGISTRY}/${DOCKER_REPO}/${APP_NAME}:${IMAGE_TAG} -
-${errorDetails.take(500)}
-
-━━━━━━━━━━━━━━━━━━━━━━
-⚠️ Action Required
-Please review logs and fix issues before redeploying
-
-View Build Logs
- """,
- color: '✅'
- )
-
- } else {
- sendTelegramNotification(
- status: 'ROLLBACK_FAILED',
- message: """
-❌ Rollback Failed
-
-Application: ${APP_NAME}
-Build: #${BUILD_NUMBER}
-
-Error: No previous version found
-
-⚠️ MANUAL INTERVENTION REQUIRED
-kubectl rollout undo deployment/${APP_NAME} -n ${NAMESPACE}
-
-View Build Logs
- """,
- color: '🔴'
- )
- }
-
- } catch (Exception e) {
- sendTelegramNotification(
- status: 'ROLLBACK_FAILED',
- message: """
-❌ Rollback Failed
-
-Application: ${APP_NAME}
-Build: #${BUILD_NUMBER}
-
-Error: ${e.message}
-
-⚠️ MANUAL ROLLBACK REQUIRED
-kubectl rollout undo deployment/${APP_NAME} -n ${NAMESPACE}
-
-View Build Logs
- """,
- color: '🔴'
- )
- }
-
- } else {
- sendTelegramNotification(
- status: 'FAILED',
- message: """
-❌ Deployment Failed
-
-━━━━━━━━━━━━━━━━━━━━━━
-📦 Application
-Name: ${APP_NAME}
-Build: #${BUILD_NUMBER}
-Branch: ${env.BRANCH_NAME}
-Image: ${IMAGE_TAG}
-
-━━━━━━━━━━━━━━━━━━━━━━
-📋 Recent Events
-${errorDetails.take(500)}
-
-━━━━━━━━━━━━━━━━━━━━━━
-🔗 Links
-View Console Output
-Build Details
-
-Rollback: ${env.ROLLBACK_ENABLED == 'true' ? 'Enabled but not on main branch' : 'Disabled'}
- """,
- color: '🔴'
- )
- }
- }
- }
-
- always {
- sh """
- docker rmi ${DOCKER_REGISTRY}/${DOCKER_REPO}/${APP_NAME}:${IMAGE_TAG} || true
- docker rmi ${DOCKER_REGISTRY}/${DOCKER_REPO}/${APP_NAME}:latest || true
- docker stop test-${BUILD_NUMBER} 2>/dev/null || true
- docker rm test-${BUILD_NUMBER} 2>/dev/null || true
- """
- cleanWs()
- }
- }
-}
-
-// Telegram notification function
-def sendTelegramNotification(Map args) {
- def status = args.status
- def message = args.message
- def color = args.color ?: '🔵'
-
- try {
- // HTML formatting for Telegram
- def formattedMessage = message.trim()
-
- sh """
- curl -s -X POST "https://api.telegram.org/bot${TELEGRAM_BOT_TOKEN}/sendMessage" \
- -d chat_id="${TELEGRAM_CHAT_ID}" \
- -d parse_mode="HTML" \
- -d disable_web_page_preview=true \
- -d text="${formattedMessage}"
- """
-
- echo "📱 Telegram notification sent: ${status}"
- } catch (Exception e) {
- echo "⚠️ Failed to send Telegram notification: ${e.message}"
- // Don't fail the pipeline if notification fails
- }
-}
\ No newline at end of file
diff --git a/apps/demo-nginx/Jenkinsfile.backup b/apps/demo-nginx/Jenkinsfile.backup
deleted file mode 100644
index 20c3ad8..0000000
--- a/apps/demo-nginx/Jenkinsfile.backup
+++ /dev/null
@@ -1,449 +0,0 @@
-pipeline {
- agent any
-
- environment {
- APP_NAME = 'demo-nginx'
- NAMESPACE = 'demo-app'
- DOCKER_REGISTRY = 'docker.io'
- DOCKER_REPO = 'vladcrypto'
- GITEA_URL = 'http://gitea-http.gitea.svc.cluster.local:3000'
- GITEA_REPO = 'admin/k3s-gitops'
- GITEA_BRANCH = 'main'
- BUILD_TAG = "${env.BUILD_NUMBER}"
- IMAGE_TAG = "${env.BRANCH_NAME}-${env.BUILD_NUMBER}"
-
- // Rollback configuration
- ROLLBACK_ENABLED = 'true'
- DEPLOYMENT_TIMEOUT = '300s'
- ARGOCD_SYNC_TIMEOUT = '120'
- SKIP_HEALTH_CHECK = 'true' // Skip for now - pods work fine
- }
-
- stages {
- stage('Save Current State') {
- when { branch 'main' }
- steps {
- script {
- echo "📸 Saving current deployment state for rollback..."
-
- // Save current image tag
- sh """
- kubectl get deployment ${APP_NAME} -n ${NAMESPACE} \
- -o jsonpath='{.spec.template.spec.containers[0].image}' \
- > /tmp/previous_image_${BUILD_NUMBER}.txt || echo "none" > /tmp/previous_image_${BUILD_NUMBER}.txt
-
- PREV_IMAGE=\$(cat /tmp/previous_image_${BUILD_NUMBER}.txt)
- echo "Previous image: \${PREV_IMAGE}"
- """
-
- // Save current replica count
- sh """
- kubectl get deployment ${APP_NAME} -n ${NAMESPACE} \
- -o jsonpath='{.spec.replicas}' \
- > /tmp/previous_replicas_${BUILD_NUMBER}.txt || echo "2" > /tmp/previous_replicas_${BUILD_NUMBER}.txt
- """
-
- echo "✅ Current state saved"
- }
- }
- }
-
- stage('Checkout Source') {
- steps {
- echo "Checking out application source code..."
-
- // Create Dockerfile with actual version
- sh """
- cat > Dockerfile << 'EOF'
-FROM nginx:1.25.3-alpine
-COPY index.html /usr/share/nginx/html/index.html
-COPY nginx.conf /etc/nginx/nginx.conf
-EXPOSE 80
-CMD ["nginx", "-g", "daemon off;"]
-EOF
- """
-
- // Create index.html with actual version
- sh """
- cat > index.html << EOF
-
-
-
- Environment: Production
-Version: ${IMAGE_TAG}
-- Image: ${DOCKER_REGISTRY}/${DOCKER_REPO}/${APP_NAME}:${IMAGE_TAG} -
-Environment: Production
-Version: ${env.TARGET_VERSION_CLEAN}
-- Image: ${env.TARGET_IMAGE} -
-- ⏮️ Restored from previous deployment -
-Environment: Production
Version: ${IMAGE_TAG}
" > /usr/share/nginx/html/index.html # Inject build metadata into HTML -COPY nginx.conf /etc/nginx/nginx.conf # Copy custom nginx configuration -EXPOSE 80 # Expose HTTP port -CMD ["nginx", "-g", "daemon off;"] # Run nginx in foreground -EOF - ''' - - sh ''' // Generate nginx configuration -cat > nginx.conf << 'EOF' # Create nginx.conf -user nginx; # Run workers as nginx user -worker_processes auto; # Scale workers to CPU cores -error_log /var/log/nginx/error.log warn; # Error log level and path -pid /var/run/nginx.pid; # PID file location -events { worker_connections 1024; } # Max connections per worker -http { # HTTP configuration block - include /etc/nginx/mime.types; # Load MIME types - default_type application/octet-stream; # Default content type - log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; # Access log format - access_log /var/log/nginx/access.log main; # Enable access logging - sendfile on; # Enable zero-copy file transfer - keepalive_timeout 65; # Keepalive timeout - server { # Server definition - listen 80; # Listen on port 80 - server_name _; # Catch-all server - location / { # Root location - root /usr/share/nginx/html; # Serve static files - index index.html; # Default index file - } - location /health { # Health check endpoint - access_log off; # Disable logging for health checks - return 200 "healthy\n"; # Always return HTTP 200 - add_header Content-Type text/plain; # Explicit content type - } - } -} -EOF - ''' - } - } - - stage('Build Docker Image') { // Stage: build Docker image - steps { - script { // Scripted block - echo "Building Docker image: ${DOCKER_REGISTRY}/${DOCKER_REPO}/${APP_NAME}:${IMAGE_TAG}" // Log image name - sh """ // Execute Docker build - docker build \ - -t ${DOCKER_REGISTRY}/${DOCKER_REPO}/${APP_NAME}:${IMAGE_TAG} \ // Versioned image - -t ${DOCKER_REGISTRY}/${DOCKER_REPO}/${APP_NAME}:latest \ // Latest tag - . // Build context - """ - echo "✅ Image built successfully!" // Success message - } - } - } - - stage('Push to Registry') { // Stage: push image to registry - when { branch 'main' } // Execute only on main branch - steps { - script { - echo "Pushing image to registry..." // Log push start - withCredentials([usernamePassword( // Inject Docker credentials - credentialsId: 'docker-registry-credentials', - usernameVariable: 'DOCKER_USER', - passwordVariable: 'DOCKER_PASS' - )]) { - sh """ // Authenticate and push image - echo "\${DOCKER_PASS}" | docker login ${DOCKER_REGISTRY} -u "\${DOCKER_USER}" --password-stdin // Login securely - docker push ${DOCKER_REGISTRY}/${DOCKER_REPO}/${APP_NAME}:${IMAGE_TAG} // Push versioned image - docker push ${DOCKER_REGISTRY}/${DOCKER_REPO}/${APP_NAME}:latest // Push latest image - docker logout ${DOCKER_REGISTRY} // Logout - """ - } - echo "✅ Image pushed successfully!" // Push success - } - } - } - - stage('Update GitOps Manifests') { // Stage: update GitOps repository - when { branch 'main' } // Only from main branch - steps { - script { - echo "Updating Kubernetes manifests..." // Log GitOps update - withCredentials([usernamePassword( // Inject Gitea credentials - credentialsId: 'gitea-credentials', - usernameVariable: 'GIT_USER', - passwordVariable: 'GIT_PASS' - )]) { - sh """ // Clone and update manifests - rm -rf k3s-gitops || true // Remove old repo - git clone http://\${GIT_USER}:\${GIT_PASS}@gitea-http.gitea.svc.cluster.local:3000/admin/k3s-gitops.git // Clone repo - cd k3s-gitops // Enter repo - git config user.name "Jenkins" // Git author name - git config user.email "jenkins@thedevops.dev" // Git author email - sed -i 's|image: .*|image: ${DOCKER_REGISTRY}/${DOCKER_REPO}/${APP_NAME}:${IMAGE_TAG}|' apps/demo-nginx/deployment.yaml // Update image - git add apps/demo-nginx/deployment.yaml // Stage change - git commit -m "chore(demo-nginx): Update image to ${IMAGE_TAG}" || echo "No changes" // Commit if needed - git push origin main // Push to main - """ - } - echo "✅ Manifests updated!" // GitOps success - } - } - } - - stage('Verify Deployment') { // Stage: verify Kubernetes deployment - when { branch 'main' } // Only on main - steps { - script { - echo "Verifying deployment..." // Log verification start - sh """ // Check deployment status - sleep 30 // Wait for rollout start - kubectl rollout status deployment/${APP_NAME} -n ${NAMESPACE} --timeout=300s || true // Rollout status - kubectl get pods -n ${NAMESPACE} -l app=${APP_NAME} // List pods - """ - echo "✅ Deployment completed!" // Verification success - } - } - } - } - - post { // Post-pipeline actions - success { // On success - echo """ // Success summary - ✅ Pipeline SUCCESS! - Image: ${DOCKER_REGISTRY}/${DOCKER_REPO}/${APP_NAME}:${IMAGE_TAG} - Namespace: ${NAMESPACE} - """ - } - failure { // On failure - echo "❌ Pipeline failed!" // Failure message - } - always { // Always execute cleanup - sh """ // Cleanup Docker artifacts - docker rmi ${DOCKER_REGISTRY}/${DOCKER_REPO}/${APP_NAME}:${IMAGE_TAG} || true // Remove versioned image - docker rmi ${DOCKER_REGISTRY}/${DOCKER_REPO}/${APP_NAME}:latest || true // Remove latest image - docker stop test-${BUILD_NUMBER} 2>/dev/null || true // Stop test container - docker rm test-${BUILD_NUMBER} 2>/dev/null || true // Remove test container - """ - cleanWs() // Clean Jenkins workspace - } - } -} diff --git a/apps/demo-nginx/docs/README.md b/apps/demo-nginx/docs/README.md deleted file mode 100644 index 21c34de..0000000 --- a/apps/demo-nginx/docs/README.md +++ /dev/null @@ -1,235 +0,0 @@ -# Demo Nginx Documentation - -Документация для demo-nginx deployment с автоматическим и ручным rollback. - ---- - -## 📚 Available Documentation - -### [ROLLBACK_MANUAL.md](./ROLLBACK_MANUAL.md) -**Comprehensive Manual Rollback Guide** - -Полная документация по функции ручного rollback: -- 3 способа rollback (IMAGE_TAG, REVISION, GIT_COMMIT) -- Setup guide -- Troubleshooting со всеми fixes -- Best practices -- Examples -- FAQ - -**When to use:** Нужна детальная информация или troubleshooting - ---- - -### [ROLLBACK_QUICK_REF.md](./ROLLBACK_QUICK_REF.md) -**Quick Reference Card** - -Краткая справка для быстрого использования: -- Quick start (2 минуты) -- 3 способа rollback -- Emergency procedure -- Verification commands -- Checklist - -**When to use:** Быстрый rollback в production - ---- - -## 🎯 Quick Links - -### Rollback Feature -- **Full Guide:** [ROLLBACK_MANUAL.md](./ROLLBACK_MANUAL.md) -- **Quick Ref:** [ROLLBACK_QUICK_REF.md](./ROLLBACK_QUICK_REF.md) -- **Jenkinsfile:** [Jenkinsfile.rollback](../Jenkinsfile.rollback) -- **CI/CD Guide:** [../../../CICD_GUIDE.md](../../../CICD_GUIDE.md) - -### Related Resources -- **Jenkins RBAC:** [apps/jenkins/rbac.yaml](../../jenkins/rbac.yaml) -- **Deployment:** [deployment.yaml](../deployment.yaml) -- **Main CI/CD:** [Jenkinsfile](../Jenkinsfile) - ---- - -## 🚀 Quick Start - -### Manual Rollback (2 minutes) - -``` -1. Jenkins → demo-nginx-rollback -2. IMAGE_TAG + main-21 -3. SKIP_HEALTH_CHECK: true -4. Build -``` - -See [ROLLBACK_QUICK_REF.md](./ROLLBACK_QUICK_REF.md) for details. - ---- - -### Emergency Rollback (30 seconds) - -```bash -kubectl rollout undo deployment/demo-nginx -n demo-app -``` - ---- - -## 📊 Features Summary - -### Manual Rollback -✅ 3 rollback methods (IMAGE_TAG, REVISION, GIT_COMMIT) -✅ GitOps sync (auto-commit to Git) -✅ Zero downtime (rolling updates) -✅ DRY_RUN mode (safe testing) -✅ Full RBAC permissions -✅ Input validation (auto-trim) -✅ Retry logic (5 attempts) -⚠️ Health check optional (use SKIP_HEALTH_CHECK=true) - -### Automatic Rollback -✅ Triggered on deployment failure -✅ Saves previous state -✅ Kubernetes rollback -✅ Git revert -✅ Health checks -✅ Timeout protection - ---- - -## 🐛 All Fixes Applied - -| # | Issue | Fix | Status | Doc | -|---|-------|-----|--------|-----| -| 1 | Container name | Use `nginx` | ✅ | [Link](./ROLLBACK_MANUAL.md#issue-1-container-name-error--fixed) | -| 2 | Whitespace | Auto-trim | ✅ | [Link](./ROLLBACK_MANUAL.md#issue-2-whitespace-in-input--fixed) | -| 3 | RBAC | pods/exec perm | ✅ | [Link](./ROLLBACK_MANUAL.md#issue-3-rbac-permissions--fixed) | -| 4 | Health timing | SKIP option | ⚠️ | [Link](./ROLLBACK_MANUAL.md#issue-4-health-check-timing--workaround) | -| 5 | Bash loop | Explicit list | ✅ | [Link](./ROLLBACK_MANUAL.md#issue-5-bash-loop-syntax--fixed) | - ---- - -## 💡 Recommended Reading Order - -### For New Users: -1. Start → [ROLLBACK_QUICK_REF.md](./ROLLBACK_QUICK_REF.md) -2. Practice → Follow quick start -3. Deep Dive → [ROLLBACK_MANUAL.md](./ROLLBACK_MANUAL.md) - -### For Troubleshooting: -1. Check → [ROLLBACK_MANUAL.md - Troubleshooting](./ROLLBACK_MANUAL.md#troubleshooting--fixes) -2. Verify → [ROLLBACK_QUICK_REF.md - Verification](./ROLLBACK_QUICK_REF.md#-verify-rollback) -3. Support → [ROLLBACK_MANUAL.md - Support](./ROLLBACK_MANUAL.md#support) - -### For Emergency: -1. Fast → [ROLLBACK_QUICK_REF.md - Emergency](./ROLLBACK_QUICK_REF.md#-emergency-rollback-30-seconds) -2. Alternative → [ROLLBACK_MANUAL.md - Emergency](./ROLLBACK_MANUAL.md#emergency-rollback-procedure) - ---- - -## 🎓 Key Concepts - -### Rollback Methods Comparison - -| Method | Speed | Precision | Use Case | -|--------|-------|-----------|----------| -| IMAGE_TAG | ⚡⚡⚡ | 🎯 High | Known build number | -| REVISION | ⚡⚡ | 🎯 Medium | Recent rollback | -| GIT_COMMIT | ⚡ | 🎯🎯 High | Exact code state | - -### When to Use What - -**Use IMAGE_TAG when:** -- You know the build number (main-21) -- Quick rollback needed -- Most common scenario - -**Use REVISION_NUMBER when:** -- Need to go back N versions -- Don't remember exact tag -- Working with kubectl history - -**Use GIT_COMMIT when:** -- Need exact code state -- Multiple changes in one build -- Precise rollback required - ---- - -## 📈 Monitoring - -### Check Rollback Status - -```bash -# Deployment status -kubectl get deployment demo-nginx -n demo-app - -# Pod status -kubectl get pods -n demo-app -l app=demo-nginx - -# Rollout history -kubectl rollout history deployment/demo-nginx -n demo-app - -# ArgoCD status -kubectl get application demo-nginx -n argocd -``` - -### Grafana Queries - -```promql -# Rollback count -sum(increase(deployment_rollback_total[1h])) by (deployment) - -# Rollback rate -rate(deployment_rollback_total[5m]) -``` - ---- - -## ❓ FAQ - -### Q: Какой метод rollback использовать? -**A:** Для большинства случаев используй IMAGE_TAG - самый быстрый и простой. - -### Q: Health check всегда падает, это баг? -**A:** Нет, это timing issue во время rolling update. Используй `SKIP_HEALTH_CHECK: true` и проверь вручную через минуту. - -### Q: Как быстро откатиться в emergency? -**A:** Используй `kubectl rollout undo` (30 секунд) или Jenkins с SKIP_HEALTH_CHECK (2 минуты). - -### Q: Где полная документация? -**A:** [ROLLBACK_MANUAL.md](./ROLLBACK_MANUAL.md) - comprehensive guide со всеми details. - ---- - -## 🆘 Support - -**Need Help?** - -1. Check [ROLLBACK_MANUAL.md - Troubleshooting](./ROLLBACK_MANUAL.md#troubleshooting--fixes) -2. Review [ROLLBACK_MANUAL.md - FAQ](./ROLLBACK_MANUAL.md#faq) -3. Check Jenkins console output -4. Verify RBAC permissions -5. Review pod status and logs - -**Still stuck?** -- Jenkins logs: Jenkins → Build → Console Output -- K8s events: `kubectl get events -n demo-app` -- Pod logs: `kubectl logs -n demo-app -l app=demo-nginx` - ---- - -## 📝 Documentation Updates - -**Last Updated:** 2026-01-06 -**Version:** 1.0 -**Status:** Production Ready ✅ - -**Recent Changes:** -- ✅ Added comprehensive manual rollback guide -- ✅ Added quick reference card -- ✅ Documented all 5 fixes -- ✅ Added examples and best practices -- ✅ Production-ready feature - ---- - -**Ready to rollback? Start with [Quick Reference](./ROLLBACK_QUICK_REF.md)! 🚀** diff --git a/apps/demo-nginx/docs/ROLLBACK_MANUAL.md b/apps/demo-nginx/docs/ROLLBACK_MANUAL.md deleted file mode 100644 index c50207c..0000000 --- a/apps/demo-nginx/docs/ROLLBACK_MANUAL.md +++ /dev/null @@ -1,717 +0,0 @@ -# 🔄 Manual Rollback Feature - Complete Documentation - -## 📋 Table of Contents - -1. [Overview](#overview) -2. [Features](#features) -3. [Setup Guide](#setup-guide) -4. [Usage Guide](#usage-guide) -5. [Rollback Methods](#rollback-methods) -6. [Troubleshooting & Fixes](#troubleshooting--fixes) -7. [Best Practices](#best-practices) -8. [Examples](#examples) - ---- - -## Overview - -Manual Rollback feature позволяет откатить deployment на любую предыдущую версию через Jenkins Pipeline. - -### Key Features: -- ✅ **3 способа rollback** (IMAGE_TAG, REVISION_NUMBER, GIT_COMMIT) -- ✅ **GitOps sync** - автоматически обновляет Git manifests -- ✅ **Zero downtime** - rolling updates -- ✅ **DRY_RUN mode** - безопасное тестирование -- ✅ **Health checks** - опциональная проверка после rollback -- ✅ **Full RBAC** - правильные permissions - ---- - -## Features - -### Rollback Methods - -| Method | Description | Example | Use Case | -|--------|-------------|---------|----------| -| **IMAGE_TAG** | По Docker image tag | `main-21` | Знаешь конкретный build number | -| **REVISION_NUMBER** | По Kubernetes revision | `2` | Откат на N шагов назад | -| **GIT_COMMIT** | По Git commit SHA | `abc123def` | Точное состояние кода | - -### Parameters - -```groovy -ROLLBACK_METHOD // Выбор метода -TARGET_VERSION // Целевая версия (auto-trim whitespace) -SKIP_HEALTH_CHECK // Пропустить health checks (default: false) -DRY_RUN // Только показать план (default: false) -``` - ---- - -## Setup Guide - -### Step 1: Create Jenkins Pipeline - -``` -1. Jenkins → New Item -2. Name: demo-nginx-rollback -3. Type: Pipeline -4. Click OK -``` - -### Step 2: Configure Pipeline - -```yaml -Pipeline: - Definition: Pipeline script from SCM - SCM: Git - Repository URL: http://gitea-http.gitea.svc.cluster.local:3000/admin/k3s-gitops - Credentials: gitea-credentials - Branch: */main - Script Path: apps/demo-nginx/Jenkinsfile.rollback -``` - -### Step 3: Verify RBAC - -RBAC уже настроен в `apps/jenkins/rbac.yaml`: - -```yaml -ClusterRole: jenkins-deployer -Permissions: - - pods, services, deployments (full CRUD) - - pods/exec, pods/log (for health checks) - - ingresses, applications (for ArgoCD) -``` - -### Step 4: Test with DRY_RUN - -``` -Jenkins → demo-nginx-rollback → Build with Parameters -├─ ROLLBACK_METHOD: IMAGE_TAG -├─ TARGET_VERSION: main-21 -├─ DRY_RUN: ✅ true -└─ Build -``` - ---- - -## Usage Guide - -### Quick Start - -``` -Jenkins → demo-nginx-rollback → Build with Parameters - -┌─────────────────────────────────────┐ -│ ROLLBACK_METHOD: IMAGE_TAG │ -│ TARGET_VERSION: main-21 │ -│ SKIP_HEALTH_CHECK: true (рекоменд.) │ -│ DRY_RUN: false │ -└─────────────────────────────────────┘ - -→ Build → ✅ SUCCESS! -``` - -### Pipeline Stages - -``` -Stage 1: Validate Input - └─ Trim whitespace, validate TARGET_VERSION - -Stage 2: Show Current State - └─ Current deployment, image, pods, history - -Stage 3: Prepare Rollback - └─ Build target image path or verify revision - -Stage 4: Execute Rollback - ├─ kubectl set image (or rollout undo) - └─ Git commit & push - -Stage 5: Wait for Rollout - ├─ kubectl rollout status (300s timeout) - └─ sleep 10s (stabilization) - -Stage 6: Health Check (optional) - └─ 5 retry attempts with 5s delay - -Stage 7: Show New State - └─ New deployment state, pods, history -``` - ---- - -## Rollback Methods - -### Method 1: IMAGE_TAG (Recommended) - -**Когда использовать:** Знаешь конкретный build number - -**Как найти tag:** -```bash -# Docker Hub -https://hub.docker.com/r/vladcrypto/demo-nginx/tags - -# Jenkins build history -Jenkins → demo-nginx → Build History - -# Git commits -git log --oneline | grep "Update image" -``` - -**Example:** -``` -ROLLBACK_METHOD: IMAGE_TAG -TARGET_VERSION: main-21 - -Result: Rollback to docker.io/vladcrypto/demo-nginx:main-21 -``` - ---- - -### Method 2: REVISION_NUMBER - -**Когда использовать:** Нужно откатиться на N шагов назад - -**Как найти revision:** -```bash -kubectl rollout history deployment/demo-nginx -n demo-app - -# Output: -REVISION CHANGE-CAUSE -1 Initial deployment -2 Update to main-20 -3 Update to main-21 -4 Update to main-22 (current) -``` - -**Example:** -``` -ROLLBACK_METHOD: REVISION_NUMBER -TARGET_VERSION: 2 - -Result: Rollback to revision 2 (main-20) -``` - ---- - -### Method 3: GIT_COMMIT - -**Когда использовать:** Нужно вернуться к конкретному состоянию кода - -**Как найти commit:** -```bash -# Gitea -https://git.thedevops.dev/admin/k3s-gitops/commits/branch/main - -# Git CLI -git log --oneline apps/demo-nginx/deployment.yaml - -# Output: -abc123d Update image to main-22 (current) -def456e Update image to main-21 -ghi789f Update image to main-20 -``` - -**Example:** -``` -ROLLBACK_METHOD: GIT_COMMIT -TARGET_VERSION: def456e - -Result: Rollback to commit def456e -``` - ---- - -## Troubleshooting & Fixes - -### Issue #1: Container Name Error ✅ FIXED - -**Error:** -``` -error: unable to find container named "demo-nginx" -``` - -**Root Cause:** -Pipeline использовал deployment name вместо container name. - -**Fix:** -```groovy -environment { - APP_NAME = 'demo-nginx' // Deployment name - CONTAINER_NAME = 'nginx' // Container name ✅ -} - -kubectl set image deployment/${APP_NAME} \ - ${CONTAINER_NAME}=${TARGET_IMAGE} -``` - -**How to verify:** -```bash -kubectl get deployment demo-nginx -n demo-app \ - -o jsonpath='{.spec.template.spec.containers[0].name}' -# Output: nginx -``` - ---- - -### Issue #2: Whitespace in Input ✅ FIXED - -**Error:** -``` -Target image: docker.io/vladcrypto/demo-nginx: main-21 - ^ - Space! -``` - -**Root Cause:** -User ввел TARGET_VERSION с пробелом. - -**Fix:** -```groovy -stage('Validate Input') { - // Auto-trim whitespace - env.TARGET_VERSION_CLEAN = params.TARGET_VERSION.trim() - - // Use everywhere - ${env.TARGET_VERSION_CLEAN} -} -``` - ---- - -### Issue #3: RBAC Permissions ✅ FIXED - -**Error:** -``` -Error: User "system:serviceaccount:jenkins:jenkins" -cannot create resource "pods/exec" -``` - -**Root Cause:** -Jenkins ServiceAccount не имел прав на pods/exec для health checks. - -**Fix:** -```yaml -# apps/jenkins/rbac.yaml -rules: -- apiGroups: [""] - resources: ["pods/exec", "pods/log"] # ← Added! - verbs: ["create", "get"] -``` - -**Applied:** -```bash -kubectl apply -f apps/jenkins/rbac.yaml -``` - ---- - -### Issue #4: Health Check Timing ⚠️ WORKAROUND - -**Error:** -``` -wget: can't connect to remote host: Connection refused -``` - -**Root Cause:** -Health check runs too early during rolling update (race condition). - -**Workaround:** -```groovy -// Option 1: Skip health check (recommended) -SKIP_HEALTH_CHECK: true - -// Option 2: Longer stabilization wait -sleep 30 // Instead of 10 -``` - -**Timeline:** -``` -T+0s: kubectl set image -T+30s: Rollout status = complete -T+40s: sleep 10s -T+50s: Health check (pods might still be starting) -``` - -**Solution:** -Use `SKIP_HEALTH_CHECK: true` и проверь вручную через 30-60s: - -```bash -kubectl get pods -n demo-app -l app=demo-nginx -``` - ---- - -### Issue #5: Bash Loop Syntax ✅ FIXED - -**Error:** -``` -Health check attempt {1..5}/5... -# Loop executed only once! -``` - -**Root Cause:** -`{1..5}` не работает в sh/dash, нужен bash. - -**Fix:** -```bash -#!/bin/bash # ← Added shebang -set -e - -# Fixed loop syntax -for i in 1 2 3 4 5; do # Instead of {1..5} - echo "Health check attempt $i/5..." - if kubectl exec ...; then - exit 0 - fi - if [ $i -lt 5 ]; then - sleep 5 - fi -done -``` - ---- - -## Best Practices - -### 1. Always Use DRY_RUN First - -``` -Step 1: DRY_RUN=true → Проверь план -Step 2: Verify output -Step 3: DRY_RUN=false → Execute -``` - -### 2. Use SKIP_HEALTH_CHECK for Emergency - -``` -Emergency rollback: -├─ SKIP_HEALTH_CHECK: true -├─ Focus on speed -└─ Verify manually after -``` - -### 3. Document Rollback Reason - -Add comment в Jenkins build: -``` -Build Comment: -"Rollback due to: API errors in main-23 -Previous working version: main-21 -Impact: None (zero downtime)" -``` - -### 4. Monitor After Rollback - -```bash -# Watch pods -watch kubectl get pods -n demo-app - -# Check logs -kubectl logs -n demo-app -l app=demo-nginx -f - -# Verify image -kubectl get deployment demo-nginx -n demo-app \ - -o jsonpath='{.spec.template.spec.containers[0].image}' -``` - -### 5. Verify in ArgoCD - -``` -ArgoCD UI → demo-nginx -├─ Status: Synced ✅ -└─ Health: Healthy ✅ -``` - ---- - -## Examples - -### Example 1: Quick Rollback to Previous Build - -``` -Scenario: Build #23 failed, rollback to #21 - -Steps: -1. Jenkins → demo-nginx-rollback -2. IMAGE_TAG + main-21 -3. SKIP_HEALTH_CHECK: true -4. Build - -Time: ~2 minutes -Result: ✅ SUCCESS -``` - ---- - -### Example 2: Rollback to Last Week's Version - -``` -Scenario: Need stable version from last week - -Steps: -1. Find old build: Jenkins → Build History → #15 -2. Check image tag: main-15 -3. Jenkins → demo-nginx-rollback -4. IMAGE_TAG + main-15 -5. DRY_RUN: true (verify first!) -6. DRY_RUN: false (execute) - -Result: ✅ Rolled back to main-15 -``` - ---- - -### Example 3: Rollback by Revision Number - -``` -Scenario: Откатить на 3 versions назад - -Steps: -1. Check history: - kubectl rollout history deployment/demo-nginx -n demo-app - -2. Find revision: 25 (current: 28) - -3. Jenkins → demo-nginx-rollback -4. REVISION_NUMBER + 25 -5. Build - -Result: ✅ Rolled back to revision 25 -``` - ---- - -### Example 4: Rollback by Git Commit - -``` -Scenario: Нужно точное состояние кода - -Steps: -1. Find commit: - git log --oneline apps/demo-nginx/deployment.yaml - -2. Copy SHA: abc123def - -3. Jenkins → demo-nginx-rollback -4. GIT_COMMIT + abc123def -5. Build - -Result: ✅ Rolled back to commit abc123def -``` - ---- - -## Manual Verification Commands - -### Check Deployment Status -```bash -kubectl get deployment demo-nginx -n demo-app - -# Expected: -NAME READY UP-TO-DATE AVAILABLE AGE -demo-nginx 2/2 2 2 15h -``` - -### Check Image Version -```bash -kubectl get deployment demo-nginx -n demo-app \ - -o jsonpath='{.spec.template.spec.containers[0].image}' - -# Expected: docker.io/vladcrypto/demo-nginx:main-21 -``` - -### Check Pods -```bash -kubectl get pods -n demo-app -l app=demo-nginx - -# Expected: 2 pods Running -``` - -### Check Rollout History -```bash -kubectl rollout history deployment/demo-nginx -n demo-app - -# Shows all revisions -``` - -### Test Health Endpoint -```bash -POD=$(kubectl get pods -n demo-app -l app=demo-nginx -o jsonpath='{.items[0].metadata.name}') -kubectl exec $POD -n demo-app -- wget -q -O- http://localhost/health - -# Expected: healthy -``` - ---- - -## Emergency Rollback Procedure - -### If Production is Down - -**Option 1: Jenkins (2 minutes)** -``` -1. Jenkins → demo-nginx-rollback -2. IMAGE_TAG → last known good version -3. SKIP_HEALTH_CHECK: ✅ true -4. Build -``` - -**Option 2: kubectl (30 seconds)** -```bash -# Fastest - rollback to previous -kubectl rollout undo deployment/demo-nginx -n demo-app - -# To specific revision -kubectl rollout undo deployment/demo-nginx -n demo-app --to-revision=25 -``` - -**Option 3: ArgoCD (1 minute)** -``` -1. ArgoCD UI → demo-nginx -2. History → Select previous version -3. Rollback button -``` - ---- - -## Configuration Reference - -### Environment Variables - -```groovy -APP_NAME = 'demo-nginx' // Deployment name -CONTAINER_NAME = 'nginx' // Container name -NAMESPACE = 'demo-app' // K8s namespace -DOCKER_REGISTRY = 'docker.io' // Registry -DOCKER_REPO = 'vladcrypto' // Docker Hub user -HEALTH_CHECK_TIMEOUT = '300s' // Rollout timeout -``` - -### Customization - -Изменить настройки в Jenkinsfile.rollback: - -```groovy -// Увеличить timeout -HEALTH_CHECK_TIMEOUT = '600s' - -// Больше попыток health check -for i in 1 2 3 4 5 6 7 8 9 10; do - -// Дольше ждать stabilization -sleep 30 // Instead of 10 -``` - ---- - -## Monitoring & Alerts - -### Grafana Dashboard - -```promql -# Rollback count -sum(increase(deployment_rollback_total[1h])) by (deployment) - -# Rollback rate -rate(deployment_rollback_total[5m]) - -# Average rollback duration -avg(deployment_rollback_duration_seconds) -``` - -### Alert Rules - -```yaml -- alert: FrequentRollbacks - expr: rate(deployment_rollback_total[1h]) > 2 - annotations: - summary: "Frequent rollbacks detected" - description: "More than 2 rollbacks in last hour" - -- alert: RollbackFailed - expr: deployment_rollback_failed_total > 0 - annotations: - summary: "Rollback failed" - description: "Manual intervention required" -``` - ---- - -## Summary of All Fixes - -| # | Issue | Fix | Status | -|---|-------|-----|--------| -| 1 | Container name wrong | Use `nginx` not `demo-nginx` | ✅ Fixed | -| 2 | Whitespace in input | Auto-trim with `.trim()` | ✅ Fixed | -| 3 | RBAC pods/exec | Add permission to ClusterRole | ✅ Fixed | -| 4 | Health check timing | Use `SKIP_HEALTH_CHECK=true` | ⚠️ Workaround | -| 5 | Bash loop syntax | Use explicit list `1 2 3 4 5` | ✅ Fixed | - ---- - -## Success Criteria - -✅ **Rollback Methods:** 3/3 working (IMAGE_TAG, REVISION, GIT_COMMIT) -✅ **GitOps Sync:** Git commits automatically -✅ **Zero Downtime:** Rolling updates -✅ **RBAC:** Full permissions configured -✅ **Input Validation:** Whitespace auto-trimmed -✅ **DRY_RUN:** Safe testing mode -✅ **Retry Logic:** 5 attempts with proper bash syntax -⚠️ **Health Check:** Optional (use SKIP_HEALTH_CHECK=true) - ---- - -## FAQ - -### Q: Health check всегда падает, это нормально? - -**A:** Да, из-за timing race condition во время rolling update. Используй `SKIP_HEALTH_CHECK: true` и проверь вручную через 30-60s. - -### Q: Как откатиться на несколько версий назад? - -**A:** Используй `REVISION_NUMBER` метод и укажи нужную revision из `kubectl rollout history`. - -### Q: Можно ли откатить только в staging? - -**A:** Да, измени `NAMESPACE` в Jenkinsfile или создай отдельный job для staging. - -### Q: Как быстро откатиться в emergency? - -**A:** Используй `kubectl rollout undo` (30 секунд) или Jenkins с `SKIP_HEALTH_CHECK=true` (2 минуты). - -### Q: Что если Git commit fail? - -**A:** Rollback всё равно произошёл в Kubernetes! Git нужен только для GitOps sync. ArgoCD пере-синкает через 3 минуты. - ---- - -## Related Documentation - -- [CI/CD Guide](../../../CICD_GUIDE.md) -- [Automatic Rollback](../Jenkinsfile) - See `post { failure }` section -- [Jenkins RBAC](../../jenkins/rbac.yaml) -- [Deployment Manifest](../deployment.yaml) - ---- - -## Support - -**Issues?** -- Check Jenkins console output -- Verify RBAC permissions -- Check pod status: `kubectl get pods -n demo-app` -- Review ArgoCD sync status - -**Need Help?** -- Jenkins logs: Jenkins → Build → Console Output -- Kubernetes events: `kubectl get events -n demo-app` -- Pod logs: `kubectl logs -n demo-app -l app=demo-nginx` - ---- - -**Last Updated:** 2026-01-06 -**Version:** 1.0 -**Status:** Production Ready ✅ diff --git a/apps/demo-nginx/docs/ROLLBACK_QUICK_REF.md b/apps/demo-nginx/docs/ROLLBACK_QUICK_REF.md deleted file mode 100644 index ccf4fb4..0000000 --- a/apps/demo-nginx/docs/ROLLBACK_QUICK_REF.md +++ /dev/null @@ -1,144 +0,0 @@ -# 🔄 Manual Rollback - Quick Reference - -## 🚀 Quick Start (2 minutes) - -``` -Jenkins → demo-nginx-rollback → Build with Parameters - -ROLLBACK_METHOD: IMAGE_TAG -TARGET_VERSION: main-21 -SKIP_HEALTH_CHECK: true (recommended!) -DRY_RUN: false - -→ Build → ✅ SUCCESS! -``` - ---- - -## 📋 3 Ways to Rollback - -### 1. By Image Tag (Fastest) -``` -Method: IMAGE_TAG -Target: main-21 -Use: When you know the build number -``` - -### 2. By Revision Number -``` -Method: REVISION_NUMBER -Target: 2 -Use: Rollback N steps back -Find: kubectl rollout history deployment/demo-nginx -n demo-app -``` - -### 3. By Git Commit -``` -Method: GIT_COMMIT -Target: abc123def -Use: Exact code state -Find: git log --oneline apps/demo-nginx/deployment.yaml -``` - ---- - -## ⚡ Emergency Rollback (30 seconds) - -```bash -# Fastest - kubectl -kubectl rollout undo deployment/demo-nginx -n demo-app - -# To specific revision -kubectl rollout undo deployment/demo-nginx -n demo-app --to-revision=25 -``` - ---- - -## 🔍 Verify Rollback - -```bash -# Check image -kubectl get deployment demo-nginx -n demo-app \ - -o jsonpath='{.spec.template.spec.containers[0].image}' - -# Check pods -kubectl get pods -n demo-app -l app=demo-nginx - -# Test health -POD=$(kubectl get pods -n demo-app -l app=demo-nginx -o jsonpath='{.items[0].metadata.name}') -kubectl exec $POD -n demo-app -- wget -q -O- http://localhost/health -``` - ---- - -## ⚙️ Parameters - -| Parameter | Default | Recommended | -|-----------|---------|-------------| -| ROLLBACK_METHOD | IMAGE_TAG | IMAGE_TAG | -| TARGET_VERSION | (required) | main-21 | -| SKIP_HEALTH_CHECK | false | **true** | -| DRY_RUN | false | false | - ---- - -## 🐛 Common Issues - FIXED - -| Issue | Fix | Status | -|-------|-----|--------| -| Wrong container name | Use `nginx` | ✅ Fixed | -| Whitespace in input | Auto-trim | ✅ Fixed | -| RBAC permission | Added pods/exec | ✅ Fixed | -| Health check timing | Use SKIP_HEALTH_CHECK | ⚠️ Workaround | -| Bash loop broken | Use `1 2 3 4 5` | ✅ Fixed | - ---- - -## 💡 Best Practices - -1. ✅ Always test with `DRY_RUN: true` first -2. ✅ Use `SKIP_HEALTH_CHECK: true` for faster rollback -3. ✅ Verify manually after rollback (30-60s wait) -4. ✅ Document rollback reason in Jenkins build comment -5. ✅ Check ArgoCD sync status after rollback - ---- - -## 📊 Verification Commands - -```bash -# Full status check -kubectl get deployment demo-nginx -n demo-app -kubectl get pods -n demo-app -l app=demo-nginx -kubectl rollout history deployment/demo-nginx -n demo-app - -# Watch pods update -watch kubectl get pods -n demo-app - -# Check logs -kubectl logs -n demo-app -l app=demo-nginx --tail=50 -``` - ---- - -## 🎯 Success Checklist - -- [ ] Jenkins pipeline exists (demo-nginx-rollback) -- [ ] RBAC configured (pods/exec permission) -- [ ] Target version identified -- [ ] DRY_RUN tested -- [ ] Rollback executed -- [ ] Pods verified (Running) -- [ ] Image version confirmed -- [ ] Health check passed (manual) -- [ ] ArgoCD synced - ---- - -## 📚 Full Documentation - -See: [apps/demo-nginx/docs/ROLLBACK_MANUAL.md](./ROLLBACK_MANUAL.md) - ---- - -**Quick Reference - Keep this handy! 📌** diff --git a/apps/demo-nginx/docs/SCALING_HISTORY.md b/apps/demo-nginx/docs/SCALING_HISTORY.md deleted file mode 100644 index 9d55faa..0000000 --- a/apps/demo-nginx/docs/SCALING_HISTORY.md +++ /dev/null @@ -1,107 +0,0 @@ -# Demo-Nginx Scaling History - -This document tracks the scaling changes made to the demo-nginx deployment for capacity planning and audit purposes. - -## Scaling Timeline - -### 2026-01-12: Scale to 5 Replicas -**Change:** Increased from 3 to 5 replicas -**Reason:** Enhanced capacity and improved high availability -**Impact:** -- Additional 2 pod instances for better load distribution -- Improved resilience against node failures -- Better handling of traffic spikes -- Total resource allocation: - - CPU requests: 500m (5 × 100m) - - Memory requests: 640Mi (5 × 128Mi) - - CPU limits: 1000m (5 × 200m) - - Memory limits: 1280Mi (5 × 256Mi) - -**Commit:** `0669ac66c8a651f74b4c16a4618db03bdd843c02` -**Deployment Method:** GitOps via ArgoCD automatic sync - -### 2026-01-12: Scale to 3 Replicas -**Change:** Increased from 2 to 3 replicas -**Reason:** Initial scaling for improved availability -**Commit:** `d5ffa97159ec391de950dc2d861361074ff3eee8` - -### Initial Deployment: 2 Replicas -**Change:** Initial deployment with 2 replicas -**Reason:** Baseline deployment for demo application - -## Current Configuration - -- **Replicas:** 5 -- **Namespace:** demo-app -- **Image:** docker.io/vladcrypto/demo-nginx:main-50 -- **Service Type:** ClusterIP -- **Port:** 80 -- **Health Checks:** Liveness and Readiness probes enabled -- **Monitoring:** Prometheus scraping enabled - -## Scaling Guidelines - -### When to Scale Up -- CPU utilization consistently above 70% -- Memory utilization consistently above 75% -- Response time degradation observed -- Preparing for expected traffic increase -- Node maintenance requires pod redistribution - -### When to Scale Down -- CPU utilization consistently below 30% for extended period -- Cost optimization requirements -- Application usage patterns indicate over-provisioning - -## Resource Considerations - -Each replica consumes: -- **CPU Request:** 100m -- **Memory Request:** 128Mi -- **CPU Limit:** 200m -- **Memory Limit:** 256Mi - -Total cluster resources for 5 replicas: -- **Total CPU Requests:** 500m (0.5 cores) -- **Total Memory Requests:** 640Mi (~0.625 GB) -- **Total CPU Limits:** 1000m (1 core) -- **Total Memory Limits:** 1280Mi (~1.25 GB) - -## Monitoring and Alerts - -Monitor the following metrics in Grafana: -- Pod CPU/Memory utilization -- Request latency -- Error rates -- Pod restart count -- Service availability - -## Rollback Procedure - -If issues arise after scaling: - -1. Revert the deployment.yaml in Git: - ```bash - git revert