Page MenuHomePhabricator
Create Task
Maniphest T217912

Evaluate Tekton
Closed, ResolvedPublic
Actions

Description

Tekton Pipeline is a bit different than other candidates we have on the list but nonetheless a compelling option. It's essentially a set of k8s custom resource definitions (CRDs) that can constitute a basic CI/CD system. Whether this alone, or with minimal extension, could make up a sufficient system is not clear. Other systems such as Jenkins X seem to be evaluating it as an underlying framework.

A good background on the project, as a subproject of the Knative Community Project, can be found here.

Related Objects
Search...

StatusSubtypeAssignedTask
 Resolved LarsWirzeniusT217325 Consider and evaluate possible new CI tooling
 Resolved dduvallT217912 Evaluate Tekton

Event Timeline

dduvall created this task.Mar 8 2019, 5:58 PM
zeljkofilipin triaged this task as Medium priority.Mar 14 2019, 6:15 PM
hashar subscribed.Mar 15 2019, 6:57 AM
zeljkofilipin mentioned this in T217325: Consider and evaluate possible new CI tooling.Mar 18 2019, 1:22 PM
LarsWirzenius removed LarsWirzenius as the assignee of this task.Mar 18 2019, 1:23 PM
zeljkofilipin closed this task as Declined.Mar 19 2019, 10:07 AM

After some initial evaluation, we have decided it does not meet our requirements.

zeljkofilipin reopened this task as Open.Mar 20 2019, 10:46 AM

@dduvall said in IRC that he would like to evaluate it. He was able to get it running locally.

zeljkofilipin added a comment.Mar 20 2019, 11:08 AM

See P8237.

dduvall added a comment.EditedMar 21 2019, 7:10 PM

Summary

Tekton is narrow in scope but it seems to do what it does well: It provides a coherent set of Custom Resource Definitions (CRD) necessary to get CI type workloads running on k8s efficiently and quickly. Its narrowness in scope and CRD nature yield these benefits and drawbacks:

  • Benefit: It took very little time and effort to install Tekton CRDs into minikube and get Blubber built using the new Pipeline/Task resources, ~ an hour or so.
  • Benefit: For someone with k8s knowledge, it was perfectly clear what was going on under the hood and the running system was easy to interrogate using kubectl get taskruns, kubectl get pipelineruns etc.
  • Benefit: Execution of the task had almost no additional overhead since k8s is doing all the work (i.e. TaskRuns simply spawn Pods).
  • Benefit: The PipelineResource, Pipeline, Task, PipelineRun, TaskRun resources are all very flexible in their design. I could see these being either maintained by teams themselves or being generated by a higher level abstraction that we provide (e.g. a .pipeline/config.yaml).
  • Drawback: For a developer having no k8s knowledge, interrogating the running system would not be easy. A Web UI and/or CLI tooling built around kubectl would be straightforward to implement but would have to be implemented nonetheless.
  • Drawback: This is a barebones system that would require us to implement UI and possibly other components (e.g. an Gerrit event-stream handler and reporting, however that's true for other systems too).

Installation

I followed the docs and installation worked perfectly in well under a minute on a fresh minikube.

$ minikube start
😄  minikube v0.35.0 on darwin (amd64)
🔥  Creating virtualbox VM (CPUs=2, Memory=2048MB, Disk=20000MB) ...
📶  "minikube" IP address is 192.168.99.113
🐳  Configuring Docker as the container runtime ...
✨  Preparing Kubernetes environment ...
🚜  Pulling images required by Kubernetes v1.13.4 ...
🚀  Launching Kubernetes v1.13.4 using kubeadm ...
⌛  Waiting for pods: apiserver proxy etcd scheduler controller addon-manager dns
🔑  Configuring cluster permissions ...{F28437673}
🤔  Verifying component health .....
💗  kubectl is now configured to use "minikube"
🏄  Done! Thank you for using minikube!
$ kubectl apply --filename https://storage.googleapis.com/knative-releases/build-pipeline/latest/release.yaml
namespace/tekton-pipelines created
clusterrole.rbac.authorization.k8s.io/tekton-pipelines-admin created
serviceaccount/tekton-pipelines-controller created
clusterrolebinding.rbac.authorization.k8s.io/tekton-pipelines-controller-admin created
customresourcedefinition.apiextensions.k8s.io/clustertasks.tekton.dev created
customresourcedefinition.apiextensions.k8s.io/images.caching.internal.knative.dev created
customresourcedefinition.apiextensions.k8s.io/pipelines.tekton.dev created
customresourcedefinition.apiextensions.k8s.io/pipelineruns.tekton.dev created
customresourcedefinition.apiextensions.k8s.io/pipelineresources.tekton.dev created
customresourcedefinition.apiextensions.k8s.io/tasks.tekton.dev created
customresourcedefinition.apiextensions.k8s.io/taskruns.tekton.dev created
service/tekton-pipelines-controller created
service/tekton-pipelines-webhook created
configmap/config-artifact-bucket created
configmap/config-entrypoint created
configmap/config-logging created
deployment.apps/tekton-pipelines-controller created
deployment.apps/tekton-pipelines-webhook created
$ kubectl get pods --namespace tekton-pipelines
NAME                                           READY   STATUS    RESTARTS   AGE
tekton-pipelines-controller-65dd4b87c6-dxhvg   1/1     Running   0          10s
tekton-pipelines-webhook-679d966dc9-hqlt8      1/1     Running   0          10s

Building Blubber

I wrapped everything up in a Makefile which shows what is needed to get Blubber built. I particularly liked how well the CRDs mapped to widespread CI concepts of pipelines, resources, and tasks, which made writing a simple pipeline for Blubber straightforward, but would also allow for more complex pipelines.

https://asciinema.org/a/XX2NnCyNwCVr8wMMey3iKYw99

Makefile
all: clean resources run

install:
	kubectl apply --filename https://storage.googleapis.com/knative-releases/build-pipeline/latest/release.yaml

clean:
	kubectl delete pipelineruns --all
	kubectl delete pipelines --all
	kubectl delete tasks --all
	kubectl delete pipelineresources --all

resources:
	kubectl apply -f resources.yaml

run:
	kubectl apply -f runs.yaml
resources.yaml
---
apiVersion: tekton.dev/v1alpha1
kind: PipelineResource
metadata:
  name: blubber-master-branch
spec:
  type: git
  params:
    - name: revision
      value: master
    - name: url
      value: https://gerrit.wikimedia.org/r/blubber
---
apiVersion: tekton.dev/v1alpha1
kind: Task
metadata:
  name: build-go-project-via-make
spec:
  inputs:
    resources:
      - name: src
        type: git
  steps:
    - name: build-via-make
      image: golang:1.11
      command:
        - sh
      args:
        - "-c"
        - "cd src && go build ./cmd/blubber"
---
apiVersion: tekton.dev/v1alpha1
kind: Pipeline
metadata:
  name: build-go-project-via-make-pipeline
spec:
  resources:
    - name: source-repo
      type: git
  tasks:
    - name: build-via-make
      taskRef:
        name: build-go-project-via-make
      resources:
        inputs:
          - name: src
            resource: source-repo
runs.yaml
---
apiVersion: tekton.dev/v1alpha1
kind: PipelineRun
metadata:
  name: build-blubber-1
spec:
  pipelineRef:
    name: build-go-project-via-make-pipeline
  trigger:
    type: manual
  resources:
    - name: source-repo
      resourceRef:
        name: blubber-master-branch
dduvall closed this task as Resolved.Mar 21 2019, 7:25 PM
dduvall claimed this task.
zeljkofilipin renamed this task from Evaluate Tekton Pipeline to Evaluate Tekton.Mar 22 2019, 1:58 PM
dduvall mentioned this in T218827: Evaluate Argo.Mar 22 2019, 7:05 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL