Search code examples
kubernetesazure-devopsazure-pipelinescicdazure-pipelines-yaml

Error Deploying Apps on K8 on-Prem Cluster using Azure Devops CI/CD pipeline

I have a on-prem Kubernetes cluster i am trying to build a pipeline which does below steps

  1. Build the docker image from the repo
  2. Push the docker image to the docker hub
  3. I have a manifest.yaml file which will do the deployments of apps on k8 cluster which is present in the repo in azure devops

1 & 2 are working fine but 3 steps applying manifest.yaml is failing with the following errors:

Pipeline logs 1

Pipeline logs 2

Pipeline.yaml

trigger:
- none

resources:
- repo: self

variables:
  # Docker Hub service connection established during pipeline creation
  dockerHubServiceConnection: 'docker-registry-connection' ## Update with your Docker Hub service connection ID
  imageRepository: '786786786raees/email1_monitoring' ## Update with your Docker Hub username and repository name
  dockerfilePath: '$(Build.SourcesDirectory)/Dockerfile'
  tag: '$(Build.BuildId)'

  # Agent VM image name
  vmImageName: 'ubuntu-latest'

stages:
- stage: Build
  displayName: Build and push stage
  jobs:  
  - job: Build
    displayName: Build
    pool:
      vmImage: $(vmImageName)
    steps:
    - task: Docker@2
      displayName: Build and push an image to Docker Hub
      inputs:
        command: buildAndPush
        repository: $(imageRepository)
        dockerfile: $(dockerfilePath)
        containerRegistry: $(dockerHubServiceConnection)
        tags: |
          $(tag)
    
    - task: PublishPipelineArtifact@1
      inputs:
        targetPath: '$(Build.SourcesDirectory)'
        artifact: 'drop'
        publishLocation: 'pipeline'

- stage: Deploy
  displayName: Deploy to kubernetes
  dependsOn: Build
  jobs:  
  - job: Deploy
    displayName: Deploy POds
    pool:
      vmImage: $(vmImageName)
    steps:
    - task: DownloadPipelineArtifact@2
      inputs:
        buildType: 'current'
        artifactName: 'drop'
        targetPath: '$(Pipeline.Workspace)/drop'
         
    - task: KubernetesManifest@1
      inputs:
        action: 'deploy'
        connectionType: 'kubernetesServiceConnection'
        kubernetesServiceConnection: 'k8s_connection'
        namespace: 'conn-devops'
        manifests: '$(Pipeline.Workspace)/drop/manifest.yaml'
        arguments: '--validate=false'

I have also created namespace and serviceaccount mentioned in the yaml file and given role and rolebindings to it what is the thing that i am missing currently. I have also service connection using the service account

Solution

  • From the information you provided, you are using Microsoft-hosted agents to run the deployment job. If your on-prem server has some firewall rules applied, the Microsoft-hosted agents might not be able to access the server.

    you can try to set up a Self-hosted agent on your server machine to run the deployment job. Since the agent is hosted on the server machine, it can access the Kubernetes server.