5

Tekton 设计简介 及 实践 - 远方V3

 1 year ago
source link: https://www.cnblogs.com/smallidea/p/16944692.html
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
neoserver,ios ssh client

Tekton 设计简介 及 实践

本文是我对Tekton的实现原理和背后技术逻辑的理解,以及在实践过程中的一些总结。

Tekton 是一个基于 Kubernetes 的云原生 CI/CD 开源(https://cd.foundation/)框架,基于 CRD(Custom Resource Definitions)方式实现,目前阿里、google、ibm 都在使用这个框架。

Tekton 定义了 Task、TaskRun、Pipeline、PipelineRun、PipelineResource 五类核心对象,通过对task、pipeline资源的编排我可以实现CI/CD。
除此之外Tekton还提供了:

  • Tekton CLI 命令行工具可以更加快捷和针对性的现实tekton的运行状态;
  • Tekton Dashboard 可以图形化界面的形式查看运行状态和结果;
  • Tekton Trigger 提供了web api可以进行基本的触发。

Tekton 是基于CRD(Custom Resource Definitions)实现的,是标准的k8s扩展机制。Tekton 有四个基本的对象 Task、TaskRun、Pipeline、PipelineRun ,下图是Tekton Dashboard 的界面,可以直观的感受一下 这几个对象。

289667-20221203225742113-514002075.png

如下图所示, Pipeline 实例化为 Pipeline Run,Pipeline Run 创建并管理 Pod,一个 Pod 对应 Task 的实例 Task Run,Task Run / Task 中的 step 对应 Pod 中的 container,除此Pod通常会共享一个 PersistentVolume 支持的临时文件系统。

289667-20221203225800598-1535226249.png

参考: 产品路线图 https://github.com/orgs/tektoncd/projects/26

  • Task 构建任务,是 Tekton 中不可分割的最小单位,正如同 Pod 在 Kubernetes 中的概念一样。在 Task 中,可以有多个 Step,每个 Step 由一个 Container 来执行。
  • Pipeline 由一个或多个 Task 组成。在 Pipeline 中,用户可以定义这些 Task 的执行顺序以及依赖关系来组成 DAG(有向无环图)。
  • Pipeline Run 是 Pipeline 的实际执行产物,当用户定义好 Pipeline 后,可以通过创建 PipelineRun 的方式来执行流水线,并生成一条流水线记录。
  • Task Run PipelineRun 被创建出来后,会对应 Pipeline 里面的 Task 创建各自的 TaskRun。一个 TaskRun 控制一个 Pod,Task 中的 Step 对应 Pod 中的 Container。当然,TaskRun 也可以单独被创建。

引用:https://cloud.tencent.com/developer/article/1803399

https://tekton.dev/docs/cli/

Tekton Trigger

可以通过http接口的形式触发Tekton流水线,包括三个主要组件,设置有点繁琐,如果是所有人都需要配置会疯掉。

  • EventListner 监听http请求的发起
  • TriggerTemplate 配置Pipeline Run
  • TriggerBinding 从http的request body中获取数据传递给Pipeline Run

参考:https://tekton.dev/docs/getting-started/triggers/

289667-20221203225955381-2083156052.png

Tekton Dashboard

后端的接口会转发到k8s的api

参考:https://tekton.dev/docs/dashboard/install/
源码:https://github.com/tektoncd/dashboard

以下yaml文件均存储于 https://github.com/smallidea/tekton-test

以 linux / mac 为例

# docker & docker-compose install
curl -o- https://smartidedl.blob.core.chinacloudapi.cn/docker/linux/docker-install.sh | bash

# Kubectl install
curl -LO https://smartidedl.blob.core.chinacloudapi.cn/kubectl/v1.23.0/bin/linux/amd64/kubectl
sudo install -o root -g root -m 0755 kubectl /usr/local/bin/kubectl

# minikube install,参考 https://minikube.sigs.k8s.io/docs/start/
curl -LO https://smartidedl.blob.core.chinacloudapi.cn/minikube/v1.24.0/minikube-linux-amd64
sudo install minikube-linux-amd64 /usr/local/bin/minikub
minikube delete
minikube start --image-mirror-country=cn --driver=docker --cpus=2 --memory=2048mb

# Tekton Pipeline & Dashboard install
kubectl apply -f https://gitee.com/chileeb/SmartIDE/raw/main/server/deployment/online/pipeline/v0.32.0/smartide-tekton-release.yaml
kubectl apply -f https://gitee.com/chileeb/SmartIDE/raw/main/server/deployment/online/dashboard/v0.32.0/smartide-tekton-dashboard-release.yaml

# Tekton Trigger install (选装)
kubectl apply -f https://gitee.com/chileeb/SmartIDE/raw/main/server/deployment/online/trigger/v0.18.0/smartide-release.yaml
kubectl apply -f https://gitee.com/chileeb/SmartIDE/raw/main/server/deployment/online/trigger/v0.18.0/smartide-interceptor.yaml

# Tekton CLI, https://tekton.dev/docs/cli/
brew install tektoncd-cli

参考:SmartIDE (https://smartide.cn/zh/)的私有化部署脚本
国内网络一键安装
curl -o- https://gitee.com/chileeb/SmartIDE/raw/main/server/deployment/online/deployment_cn.sh | bash
国际网络一键安装
curl -o- https://gitee.com/chileeb/SmartIDE/raw/main/server/deployment/online/deployment.sh | bash

1. yaml

task.yaml

apiVersion: tekton.dev/v1beta1
kind: Task
metadata:
  name: tekton-task-test
spec:
  description: >-
    This Task is test task to test Tekton.

  params:
    - name: USERNAME
      description: your name
      type: string
      default: 

  steps:
    - name: step-01
      image: ubuntu
      script: |
        #!/bin/bash
        echo "Hello World!"

    - name: step-02
      image: ubuntu
      script: |
        #!/bin/bash
        echo "I'm $(params.USERNAME)"

pipeline.yaml

apiVersion: tekton.dev/v1beta1
kind: Pipeline

metadata:
  name: tekton-pipeline-test

spec:
  params:
    - name: FIRST_NAME
      description: Your first name
      type: string
      default: "jason"
    - name: LAST_NAME
      description: Your last name
      type: string
      default: "chen"

  tasks:
    - name: task-001
      taskRef:
        name: tekton-task-test
      params:
        - name: USERNAME
          value: $(params.FIRST_NAME)

    - name: task-002
      runAfter:
        - task-001
      taskRef:
        name: tekton-task-test
      params:
        - name: USERNAME
          value: $(params.LAST_NAME)

pipeline_run.yaml

apiVersion: tekton.dev/v1beta1
kind: PipelineRun

metadata:
  name: tekton-pipeline-test-run-003

spec:
  pipelineRef:
    name: tekton-pipeline-test
  params:
    - name: FIRST_NAME
      value: "Jason"
    - name: LAST_NAME
      value: "Chen"

2. Pipeline Run

# apply
kubectl apply -f task.yaml
kubectl apply -f pipeline.yaml
kubectl apply -f pipeline-run.yaml

# 通过 Tekton CLI 查看运行结果
tkn pipelinerun logs tekton-pipeline-test-run-003 -f -n default
289667-20221203230356413-1799323355.png

通过 Dashboard 查看运行结果

289667-20221203230407202-2074976446.png

3. Tekton Trigger

trigger.yaml

apiVersion: triggers.tekton.dev/v1beta1
kind: TriggerBinding
metadata:
  name: pipeline-binding-test
spec:
  params:
  - name: FIRST_NAME
    value: $(body.FIRST_NAME)
  - name: LAST_NAME
    value: $(body.LAST_NAME)

---

apiVersion: triggers.tekton.dev/v1beta1
kind: EventListener
metadata:
  name: trigger-listener-test
spec:
  serviceAccountName: tekton-triggers-test-sa
  triggers:
    - name: trigger-test
      bindings:
        - ref: pipeline-binding-test
      template:
        ref: tekton-pipeline-test

---

apiVersion: triggers.tekton.dev/v1beta1
kind: TriggerTemplate
metadata:
  name: pipeline-template-test
spec:
  params:
  - name: FIRST_NAME
    default: 
  - name: LAST_NAME
    default: 

  resourcetemplates:
  - apiVersion: tekton.dev/v1beta1
    kind: PipelineRun
    metadata:
      generateName: tekton-pipeline-test-run-
    spec:
      pipelineRef:
        name: tekton-pipeline-test
      params:
      - name: FIRST_NAME
        value: $(tt.params.FIRST_NAME)
      - name: LAST_NAME
        value: $(tt.params.LAST_NAME)

--- 

apiVersion: v1
kind: ServiceAccount
metadata:
  name: tekton-triggers-test-sa

---

apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
  name: tekton-triggers-test-eventlistener-binding
subjects:
- kind: ServiceAccount
  name: tekton-triggers-test-sa
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: tekton-triggers-eventlistener-roles

---

apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: tekton-triggers-test-eventlistener-clusterbinding
subjects:
- kind: ServiceAccount
  name: tekton-triggers-test-sa
  namespace: default
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: tekton-triggers-eventlistener-clusterroles

# apply
kubectl apply -f trigger.yaml
# 端口尽量不要使用常用的,避免冲突;如果是多个pipeline的trigger,记得端口保持唯一。
# Tekton Listener 对应service的名称,一般是 el-<tekton listener name>
kubectl port-forward service/el-trigger-listener-test 9091:8080 --address 0.0.0.0 &

# 使用curl命令触发
curl -v \
   -H 'content-Type: application/json' \
   -d '{"FIRST_NAME": "Tekton", "LAST_NAME": "CD"}' \
   http://localhost:9091

report

Recommend

About Joyk


Aggregate valuable and interesting links.
Joyk means Joy of geeK