开源云原生CI/CD框架Tekton国内部署方式
2024-06-11 03:16:30
Tekton 是一款功能非常强大而灵活的 CI/CD 开源的云原生框架。致力于提供全功能、标准化的云原生 CI/CD 解决方案。【本文主要是通过流水线自动化的将tekton镜像同步到腾讯云仓库,并部署tekton】
应用镜像
阿里云镜像仓库居然有限制...这次转到腾讯云镜像仓库了;ccr.ccs.tencentyun.com/tektons/dashboard
Pipeline
借助GitHub Actions:
同步镜像并生成镜像映射文件(json):
收集镜像映射文件为制品;
This is a basic workflow to help you get started with Actionsname: Get Tekton Images
env:VERSION: v0.29.0on:push:paths:- '.github/workflows/tekton.yaml'- 'tekton/**'jobs:build:runs-on: ubuntu-18.04steps:- uses: actions/checkout@v2- name: buildrun: |curl https://storage.googleapis.com/tekton-releases/pipeline/previous/${{ env.VERSION }}/release.yaml -o release.yamlgrep -v "#" release.yaml | grep -v "^$" > release1.yaml ; sed -i 's/\-\-\-/###/g' release1.yamlpython3 tekton/get_tekton_images.py ${{ secrets.DOCKER_USER}} ${{ secrets.DOCKER_PASSWD}}- uses: actions/upload-artifact@v2with: name: ${{ env.VERSION }}-tekton-imagespath: tekton_images.json
部署文件解析
下载release部署yaml;
解析Deployments对象中的images;
tekton-pipelines-controller
tekton-pipelines-webhook
tekton-dashboard(最新tag)
gcr.io/tekton-releases/github.com/tektoncd/pipeline/cmd/controller:v0.29.0@sha256:72f79471f06d096cc53e51385017c9f0f7edbc87379bf415f99d4bd11cf7bc2b
gcr.io/tekton-releases/github.com/tektoncd/pipeline/cmd/kubeconfigwriter:v0.29.0@sha256:6d058f2203b9ab66f538cb586c7dc3b7cc31ae958a4135dd99e51799f24b06c9
gcr.io/tekton-releases/github.com/tektoncd/pipeline/cmd/git-init:v0.29.0@sha256:c0b0ed1cd81090ce8eecf60b936e9345089d9dfdb6ebdd2fd7b4a0341ef4f2b9
gcr.io/tekton-releases/github.com/tektoncd/pipeline/cmd/entrypoint:v0.29.0@sha256:66958b78766741c25e31954f47bc9fd53eaa28263506b262bf2cc6df04f18561
gcr.io/tekton-releases/github.com/tektoncd/pipeline/cmd/nop:v0.29.0@sha256:6a037d5ba27d9c6be32a9038bfe676fb67d2e4145b4f53e9c61fb3e69f06e816
gcr.io/tekton-releases/github.com/tektoncd/pipeline/cmd/imagedigestexporter:v0.29.0@sha256:e38dd0d32253fce5aaf1e501c0bc71facc3720564b7e97055921cc5390d612e0
gcr.io/tekton-releases/github.com/tektoncd/pipeline/cmd/pullrequest-init:v0.29.0@sha256:d28202fb8b33a1d4c05f261ef8dcbcdcf3b469887d4dad256ce91f73c917420e
gcr.io/google.com/cloudsdktool/cloud-sdk@sha256:27b2c22bf259d9bc1a291e99c63791ba0c27a04d2db0a43241ba0f1f20f4067f
gcr.io/distroless/base@sha256:aa4fd987555ea10e1a4ec8765da8158b5ffdfef1e72da512c7ede509bc9966c4
mcr.microsoft.com/powershell:nanoserver@sha256:b6d5ff841b78bdf2dfed7550000fd4f3437385b8fa686ec0f010be24777654d6
gcr.io/tekton-releases/github.com/tektoncd/pipeline/cmd/webhook:v0.29.0@sha256:46d5b90a7f4e9996351ad893a26bcbd27216676ad4d5316088ce351fb2c2c3dd用Python编写一个数据解析脚本:
import yaml
import json
import sys
import osclass Tekton :def __init__(self, file_name, registry_user, registry_passwd):self.yaml_file = file_nameself.arg_imgs = ["gcr.io/tekton-releases/github.com/tektoncd/dashboard/cmd/dashboard@sha256:95f71a2568ced67ec370b5360f88bec3280601908cac9e62dfbb801114480437"]self.split_str = "###"self.deployments = ["tekton-pipelines-controller", "tekton-pipelines-webhook"]self.kind_type = "Deployment"self.target_registry = "ccr.ccs.tencentyun.com/tektons/"self.repos = [ "controller", "kubeconfigwriter", "git-init","entrypoint","nop","imagedigestexporter", "pullrequest-init", "cloud-sdk", "base", "powershell", "webhook"]self.result = []self.registry_user = registry_userself.registry_passwd = registry_passwddef load_yaml(self, data):content = yaml.load(data)return contentdef load_json(self, data):content = json.loads(data)return contentdef get_images(self):f = open(self.yaml_file, 'r').read()for i in f.split("###")[:-1]:try:content = self.load_yaml(i.replace("###", ""))if content["kind"] == self.kind_type:deploy_name = content["metadata"]["name"]# 获取imageif deploy_name in self.deployments:img = content["spec"]["template"]["spec"]["containers"][0]["image"]self.arg_imgs.append(img)# 获取参数中的imagesif deploy_name == "tekton-pipelines-controller":arg_img = content["spec"]["template"]["spec"]["containers"][0]["args"]for a in arg_img:if not a.startswith("-"):self.arg_imgs.append(a)except Exception as e:print(e)return self.arg_imgsdef save_json_file(self, data, file_name):for i in self.arg_imgs:self.result.append({"s_image": i,"t_image": self.target_registry + i.split("/")[-1].split("@")[0]})newdata = json.dumps(self.result, indent=4)a=open(file_name, 'w')a.write(newdata)a.close()def sync_images(self):f = open("tekton_images.json", 'r').read()content = self.load_json(f)docker_login_cmd = "docker login -u {0} -p {1} {2}".format(self.registry_user,self.registry_passwd,self.target_registry.split("/")[0])os.system(docker_login_cmd)for item in content:print("[GetImages] {}".format(item))docker_pull_cmd = "docker pull {0}".format(item["s_image"])docker_tag_cmd = "docker tag {0} {1}".format(item["s_image"], item["t_image"])docker_push_cmd = "docker push {0}".format(item["t_image"])os.system(docker_pull_cmd + "&&" + docker_tag_cmd + "&&" + docker_push_cmd )print("[GetImagesDone] {}".format(item))if __name__ == '__main__':tekton = Tekton("release1.yaml", sys.argv[1], sys.argv[2])images = tekton.get_images()tekton.save_json_file(images, "tekton_images.json")tekton.sync_images()镜像映射文件
s_image 原始镜像名称, t_image 目标镜像名称; 这里使用腾讯云的镜像仓库;
[{"s_image": "gcr.io/tekton-releases/github.com/tektoncd/pipeline/cmd/controller:v0.29.0@sha256:72f79471f06d096cc53e51385017c9f0f7edbc87379bf415f99d4bd11cf7bc2b","t_image": "ccr.ccs.tencentyun.com/tektons/controller:v0.29.0"},{"s_image": "gcr.io/tekton-releases/github.com/tektoncd/pipeline/cmd/kubeconfigwriter:v0.29.0@sha256:6d058f2203b9ab66f538cb586c7dc3b7cc31ae958a4135dd99e51799f24b06c9","t_image": "ccr.ccs.tencentyun.com/tektons/kubeconfigwriter:v0.29.0"},{"s_image": "gcr.io/tekton-releases/github.com/tektoncd/pipeline/cmd/git-init:v0.29.0@sha256:c0b0ed1cd81090ce8eecf60b936e9345089d9dfdb6ebdd2fd7b4a0341ef4f2b9","t_image": "ccr.ccs.tencentyun.com/tektons/git-init:v0.29.0"},{"s_image": "gcr.io/tekton-releases/github.com/tektoncd/pipeline/cmd/entrypoint:v0.29.0@sha256:66958b78766741c25e31954f47bc9fd53eaa28263506b262bf2cc6df04f18561","t_image": "ccr.ccs.tencentyun.com/tektons/entrypoint:v0.29.0"},{"s_image": "gcr.io/tekton-releases/github.com/tektoncd/pipeline/cmd/nop:v0.29.0@sha256:6a037d5ba27d9c6be32a9038bfe676fb67d2e4145b4f53e9c61fb3e69f06e816","t_image": "ccr.ccs.tencentyun.com/tektons/nop:v0.29.0"},{"s_image": "gcr.io/tekton-releases/github.com/tektoncd/pipeline/cmd/imagedigestexporter:v0.29.0@sha256:e38dd0d32253fce5aaf1e501c0bc71facc3720564b7e97055921cc5390d612e0","t_image": "ccr.ccs.tencentyun.com/tektons/imagedigestexporter:v0.29.0"},{"s_image": "gcr.io/tekton-releases/github.com/tektoncd/pipeline/cmd/pullrequest-init:v0.29.0@sha256:d28202fb8b33a1d4c05f261ef8dcbcdcf3b469887d4dad256ce91f73c917420e","t_image": "ccr.ccs.tencentyun.com/tektons/pullrequest-init:v0.29.0"},{"s_image": "gcr.io/google.com/cloudsdktool/cloud-sdk@sha256:27b2c22bf259d9bc1a291e99c63791ba0c27a04d2db0a43241ba0f1f20f4067f","t_image": "ccr.ccs.tencentyun.com/tektons/cloud-sdk"},{"s_image": "gcr.io/distroless/base@sha256:aa4fd987555ea10e1a4ec8765da8158b5ffdfef1e72da512c7ede509bc9966c4","t_image": "ccr.ccs.tencentyun.com/tektons/base"},{"s_image": "mcr.microsoft.com/powershell:nanoserver@sha256:b6d5ff841b78bdf2dfed7550000fd4f3437385b8fa686ec0f010be24777654d6","t_image": "ccr.ccs.tencentyun.com/tektons/powershell:nanoserver"},{"s_image": "gcr.io/tekton-releases/github.com/tektoncd/pipeline/cmd/webhook:v0.29.0@sha256:46d5b90a7f4e9996351ad893a26bcbd27216676ad4d5316088ce351fb2c2c3dd","t_image": "ccr.ccs.tencentyun.com/tektons/webhook:v0.29.0"},{"s_image": "gcr.io/tekton-releases/github.com/tektoncd/dashboard/cmd/dashboard@sha256:95f71a2568ced67ec370b5360f88bec3280601908cac9e62dfbb801114480437","t_image": "ccr.ccs.tencentyun.com/tektons/dashboard"}
]镜像映射文件可以在GitHubActions页面下载:
下载镜像脚本
解析上面生成的镜像文件,docker pull下载对应的镜像到本地;
import json
import osclass Tekton:def __init__(self):self.json_file = "tekton_images.json"self.target_registry = "ccr.ccs.tencentyun.com/tektons/"# self.registry_user = registry_user# self.registry_passwd = registry_passwddef load_json(self, data):content = json.loads(data)return contentdef down_images(self):f = open(self.json_file, 'r').read()content = self.load_json(f)# docker_login_cmd = "docker login -u {0} -p {1} {2}".format(# self.registry_user,# self.registry_passwd,# self.target_registry.split("/")[0])for item in content:print("[GetImages] {}".format(item["t_image"]))docker_pull_cmd = "docker pull {0}".format(item["t_image"])# docker_tag_cmd = "docker tag {0} {1}".format(item["t_image"], item["s_image"].split("@")[0])os.system(docker_pull_cmd + "&&" + docker_tag_cmd )print("[GetImagesDone] {}".format(item))if __name__ == '__main__':t = Tekton().down_images()部署Tekton
替换部署文件中的镜像:
手动更新
release.yaml中的镜像;然后kubectl apply release.yaml部署(后续有时间再优化脚本,实现自动更新release.yaml)手动更新tekton-dashboard-release.yaml中的镜像;然后部署;
[root@master ~]# kubectl -n tekton-pipelines get pod
NAME READY STATUS RESTARTS AGE
tekton-dashboard-5c4b89d9-2z8g7 1/1 Running 0 21m
tekton-pipelines-controller-b96f647bb-gff69 1/1 Running 0 13h
tekton-pipelines-webhook-76bc9c97b9-cd2m4 1/1 Running 0 13h编写一个Ingress来暴露tekton dashboard:
apiVersion: extensions/v1beta1
kind: Ingress
metadata:name: tekton-servicenamespace: tekton-pipelinesannotations:kubernetes.io/ingress.class: nginxnginx.ingress.kubernetes.io/proxy-body-size: 256m
spec:rules:- host: tekton.idevops.sitehttp:paths:- path: /backend:serviceName: tekton-dashboardservicePort: 9097访问UI页面:
编写Pipeline
apiVersion: tekton.dev/v1beta1
kind: Task
metadata:name: tektoncd-task
spec:resources:inputs:- name: repotype: gitsteps:- name: run-testimage: maven:3-jdk-8workingDir: /workspace/repocommand: ["mvn"]args: ["clean", "package"]
---
apiVersion: tekton.dev/v1alpha1
kind: PipelineResource
metadata:name: tektoncd-resource
spec:type: gitparams:- name: urlvalue: http://192.168.1.200/devops/devops-maven-service.git- name: revisionvalue: master
---
apiVersion: tekton.dev/v1beta1
kind: TaskRun
metadata:name: cdpipeline
spec:taskRef:name: tektoncd-taskresources:inputs:- name: reporesourceRef:name: tektoncd-resource>>> 欢迎投稿,微信:devopsvip <<<
往期推荐
关于我们
DevOps云学堂,专注于企业级DevOps运维开发技术实践分享,主要以新Linux运维技术、DevOps技术课程为主。丰富的一线实战经验,课程追求实用性获得多数学员认可。课程内容均来源于企业应用,在这里既学习技术又能获取热门技能,欢迎您的到来!
更多DevOps实践,请关注「DevOps云学堂」
点击阅读原文,进入DevOps学堂
开源云原生CI/CD框架Tekton国内部署方式相关推荐
- 云原生CI/CD框架Tekton国内部署方式
Tekton 是一款功能非常强大而灵活的 CI/CD 开源的云原生框架.致力于提供全功能.标准化的云原生 CI/CD 解决方案.[本文主要是通过流水线自动化的将tekton镜像同步到腾讯云仓库,并部署 ...
- 云原生 CI/CD 框架 Tekton 初体验
Tekton 是一款功能非常强大而灵活的 CI/CD 开源的云原生框架.Tekton 的前身是 Knative 项目的 build-pipeline 项目,这个项目是为了给 build 模块增加 pi ...
- 云原生CI/CD:tekton/pipeline之认证篇
云原生CI/CD:tekton/pipeline之认证篇 既然说tekton/pipeline是CI/CD,必然需要用到拉取git仓库代码,仓库代码可能是私有的,看下tekton/pipeline在这 ...
- 云原生CI/CD:Tekton之trigger介绍
云原生CI/CD:Tekton之trigger组件 简介 上面背景图片用了一张手枪扳机的图片,啥意思呢?trigger对于pipeline的作用就像扳机对于手枪的作用的,读完文章再来体会这句话. 前面 ...
- 云原生CI/CD:Tekton/pipelin之pipeline概念篇
云原生CI/CD:Tekton/pipelin之pipeline概念篇 本节介绍下tekton中pipeline概念.作为云原生的CI/CD神器在之前介绍的task和taskrun之后,还有什么强大的 ...
- kubernetes原生ci/cd工具tekton版本升级至v0.18.1
前言 最近没啥好写的,一直都在弄hpa的问题,也就是解决hpa没生效的问题,以及最优minReplica最小基数的问题.也已经划水了两篇博客了,所以今天就来简单记录一下之前做过的一个小任务,也就是将项 ...
- Kubernetes原生CI/CD构建框架Tekton详解
流水线(Pipeline)是把一个重复的过程分解为若干个子过程,使每个子过程与其他子过程并行进行的技术.本文主要介绍了诞生于云原生时代的流水线框架 Tekton. 什么是流水线? 在计算机中,流水线是 ...
- k8s原生的CI/CD工具tekton
Tekton是什么 Tekton是一个谷歌开源的kubernetes原生CI/CD系统,功能强大且灵活,开源社区也正在快速的迭代和发展壮大.google cloud已经推出了基于Tekton的服务(h ...
- 云原生的 CICD 框架:Tekton
作者 | AddoZhang 来源 | 云原生指北 Tekton 是 Google 开源的 Kubernetes 原生CI/CD 系统,功能强大扩展性强.前身是 Knavite 里的 build-pi ...
最新文章
- python爬取页面链接
- python连接mysql数据库并实现增删改查
- V$SESSION_LONGOPS
- 我在德国做SAP CRM One Order redesign工作的心得
- python中的迭代器Iterator
- NodeJs 的安装及配置环境变量
- mysql用户增删改
- Gitl用户在组中有五种权限:Guest、Reporter、Developer、Master、Owner 解释
- oracle表空间使用率统计查询
- 【个人学习记录】RoboWare Studio安装使用
- 数学分析教程(科大)——3.5笔记+习题
- median _matlab 中值滤波函数
- 关于宽哥英语课,本人的遭遇
- c语言中void f1(),c语言常见笔试题f1ryiedy.doc
- IIR滤波器和FIR滤波器的区别与联系
- Nginx重启时提示nginx: [emerg] bind() to 0.0.0.0解决方法 老蒋 发布于 2019-06-03 分类:运维笔记 评论(0) 2000+站长交流QQ群: 59
- 一维数据二维化的办法汇总(一)
- google chrome浏览器 Linux平台安装包(rpm,deb)
- 视频剪辑教程,视频加图片,图片加视频,教你制作画中画特效
- Spring Security登录验证,验证码,动态管理uri访问权限,Thymeleaf,限制密码强度、过期、错误密码锁定超时自动解锁、禁用历史密码、新密码和现密码差异要求编辑距离