Tekton 基于 cronjob 触发流水线
Tekton EventListener 在8080端口监听事件,kubernetes 原生 cronjob 定时通过curl 命令向 EventListener 发送事件请求,触发tekton流水线执行,实现定时运行tekton pipeline
任务。
前置要求:
- kubernetes集群中已部署
tekton pipeline
、tekton triggers
以及tekton dashboard
三个组件;
创建serviceaccount
官方示例:https://github.com/tektoncd/triggers/blob/main/examples/rbac.yaml
因为 EventListener 最终需要创建 taskrun、pipelinerun 同时会查询一些其他信息,因此需要为其配置一个 serviceAccount,同时还需要为这个 serviceAccount 赋予相应的权限。
yaml
$ cat serviceAccount.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
name: tekton-triggers-example-sa
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: triggers-example-eventlistener-binding
subjects:
- kind: ServiceAccount
name: tekton-triggers-example-sa
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: tekton-triggers-eventlistener-roles
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: triggers-example-eventlistener-clusterbinding
subjects:
- kind: ServiceAccount
name: tekton-triggers-example-sa
namespace: default
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: tekton-triggers-eventlistener-clusterroles
应用yaml
bash
kubectl apply -f serviceAccount.yaml
创建EventListener
EventListener 是一个 Kubernetes 对象,用于侦听 Kubernetes 集群上指定端口上的事件。它公开了一个可寻址接收器,用于接收传入事件并指定一个或多个 Triggers 。
yaml
$ cat eventListener.yaml
apiVersion: triggers.tekton.dev/v1beta1
kind: EventListener
metadata:
name: hello-listener
spec:
serviceAccountName: tekton-triggers-example-sa
triggers:
- name: hello-trigger
bindings:
- ref: hello-binding
template:
ref: hello-template
应用yaml
bash
kubectl apply -f eventListener.yaml
创建TriggerBinding
TriggerBinding 允许您从事件负载中提取字段并将它们绑定到命名参数,然后可以在 TriggerTemplate 中使用这些命名参数。
yaml
$ cat triggerBinding.yaml
apiVersion: triggers.tekton.dev/v1beta1
kind: TriggerBinding
metadata:
name: hello-binding
spec:
params:
- name: message
value: Hello from the Triggers EventListener!
应用yaml
bash
kubectl apply -f triggerBinding.yaml
创建TriggerTemplate
TriggerTemplate 是指定资源蓝图的资源,例如 TaskRun 或 PipelineRun ,当您的EventListener 检测到事件。它公开了您可以在资源模板中的任何位置使用的参数。
以下示例通过pipelineSpec
和taskSpec
直接引入task并运行:
yaml
$ cat triggerTemplate.yaml
apiVersion: triggers.tekton.dev/v1beta1
kind: TriggerTemplate
metadata:
name: hello-template
spec:
resourcetemplates:
- apiVersion: tekton.dev/v1beta1
kind: PipelineRun
metadata:
generateName: hello-cron-
spec:
pipelineSpec:
tasks:
- name: task01
taskSpec:
steps:
- name: step01
image: alpine
script: |
echo step01
- name: step02
image: alpine
script: |
echo step02
- name: task02
taskSpec:
steps:
- name: step01
image: alpine
script: |
echo step01
- name: step02
image: alpine
script: |
echo step02
runAfter:
- task01
应用yaml
bash
kubectl create -f triggerTemplate.yaml
创建cronjob
查看EventListener service地址,并记录该地址
bash
root@kube001:~# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
el-hello-listener ClusterIP 10.96.1.167 <none> 8080/TCP,9000/TCP 14m
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 91d
或使用tkn CLI命令查看
bash
root@kube001:~# tkn eventlisteners list
NAME AGE URL AVAILABLE
hello-listener 14 minutes ago http://el-hello-listener.default.svc.cluster.local:8080 True
每3分钟触发一次pipeline任务,注意修改curl地址:
yaml
# cronjob.yaml
apiVersion: batch/v1
kind: CronJob
metadata:
name: hello
spec:
schedule: "*/3 * * * *"
successfulJobsHistoryLimit: 0
failedJobsHistoryLimit: 0
jobTemplate:
spec:
template:
spec:
restartPolicy: Never
containers:
- name: hello
image: curlimages/curl
env:
- name: MESSAGE
value: hello
imagePullPolicy: IfNotPresent
args: ["curl", "-X", "POST", "--data",
'{"message": "$(MESSAGE)"}',
"el-hello-listener.default.svc.cluster.local:8080"]
应用yaml
bash
kubectl apply -f cronjob.yaml
完整示例
yaml
$ cat cronjob_trigger.yaml
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: tekton-triggers-example-sa
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: triggers-example-eventlistener-binding
subjects:
- kind: ServiceAccount
name: tekton-triggers-example-sa
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: tekton-triggers-eventlistener-roles
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: triggers-example-eventlistener-clusterbinding
subjects:
- kind: ServiceAccount
name: tekton-triggers-example-sa
namespace: default
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: tekton-triggers-eventlistener-clusterroles
---
apiVersion: triggers.tekton.dev/v1beta1
kind: EventListener
metadata:
name: hello-listener
spec:
serviceAccountName: tekton-triggers-example-sa
triggers:
- name: hello-trigger
bindings:
- ref: hello-binding
template:
ref: hello-template
---
apiVersion: triggers.tekton.dev/v1beta1
kind: TriggerBinding
metadata:
name: hello-binding
spec:
params:
- name: message
value: Hello from the Triggers EventListener!
---
apiVersion: triggers.tekton.dev/v1beta1
kind: TriggerTemplate
metadata:
name: hello-template
spec:
resourcetemplates:
- apiVersion: tekton.dev/v1beta1
kind: PipelineRun
metadata:
generateName: hello-cron-
spec:
pipelineSpec:
tasks:
- name: task01
taskSpec:
steps:
- name: step01
image: alpine
script: |
echo step01
- name: step02
image: alpine
script: |
echo step02
- name: task02
taskSpec:
steps:
- name: step01
image: alpine
script: |
echo step01
- name: step02
image: alpine
script: |
echo step02
runAfter:
- task01
---
apiVersion: batch/v1
kind: CronJob
metadata:
name: hello
spec:
schedule: "*/3 * * * *"
successfulJobsHistoryLimit: 0
failedJobsHistoryLimit: 0
jobTemplate:
spec:
template:
spec:
restartPolicy: Never
containers:
- name: hello
image: curlimages/curl
env:
- name: MESSAGE
value: hello
imagePullPolicy: IfNotPresent
args: ["curl", "-X", "POST", "--data",
'{"message": "$(MESSAGE)"}',
"el-hello-listener.default.svc.cluster.local:8080"]
应用以上配置
bash
kubectl create -f cronjob_trigger.yaml
查看定时任务
查看触发的pipeline任务
bash
root@kube001:~# kubectl get pipelineruns | grep hello-cron
hello-cron-d6k2n True Succeeded 10m 9m44s
hello-cron-gcfpm True Succeeded 4m4s 3m44s
hello-cron-j4nk6 True Succeeded 63s 38s
查看运行完成的pods
bash
root@kube001:~# kubectl get pods | grep hello-cron
hello-cron-9jwwp-task01-pod 0/2 Completed 0 7m42s
hello-cron-9jwwp-task02-pod 0/2 Completed 0 7m33s
hello-cron-d6k2n-task01-pod 0/2 Completed 0 10m
hello-cron-d6k2n-task02-pod 0/2 Completed 0 10m
hello-cron-gcfpm-task01-pod 0/2 Completed 0 4m42s
hello-cron-gcfpm-task02-pod 0/2 Completed 0 4m32s
hello-cron-j4nk6-task01-pod 0/2 Completed 0 101s
hello-cron-j4nk6-task02-pod 0/2 Completed 0 91s
访问dashboard查看自动执行的pipelinerun
任务详情