• Tekton ACK安装


    1、ACK集群安装NAS插件:

    kind: Deployment
    apiVersion: extensions/v1beta1
    metadata:
      name: alicloud-nas-controller
      namespace: kube-system
    spec:
      strategy:
        type: Recreate
      template:
        metadata:
          labels:
            app: alicloud-nas-controller
        spec:
          tolerations:
          - operator: Exists
          affinity:
            nodeAffinity:
              preferredDuringSchedulingIgnoredDuringExecution:
              - weight: 1
                preference:
                  matchExpressions:
                  - key: node-role.kubernetes.io/master
                    operator: Exists
          priorityClassName: system-node-critical
          serviceAccount: admin
          hostNetwork: true
          containers:
            - name: nfs-provisioner
              image: registry.cn-hangzhou.aliyuncs.com/acs/alicloud-nas-controller:v1.14.3.8-58bf821-aliyun
              env:
              - name: PROVISIONER_NAME
                value: alicloud/nas
              securityContext:
                privileged: true
              volumeMounts:
              - mountPath: /var/log
                name: log
          affinity:
            nodeAffinity:
               requiredDuringSchedulingIgnoredDuringExecution:
                 nodeSelectorTerms:
                 - matchExpressions:
                   - key: type
                     operator: NotIn
                     values:
                       - virtual-kubelet
          volumes:
          - hostPath:
              path: /var/log
            name: log

    1.1、创建Nas StorageClass

    apiVersion: storage.k8s.io/v1
    kind: StorageClass
    metadata:
      name: alicloud-nas
    mountOptions:
    - nolock,tcp,noresvport
    - vers=3
    parameters:
      server: "xxx.cn-shenzhen.nas.aliyuncs.com:/tekton"
      driver: flexvolume
    provisioner: alicloud/nas
    reclaimPolicy: Delete

    1.2、检查ACK storageclass 设置 alicloud-nas为默认存储类

       注:因为Tekton每次构建都需要动态创建PVC,为构建存储数据,阿里自带的存储类CSI创建硬盘不能少于20G,故选择NAS,便宜

    设置alicloud-nas为默认存储类
    kubectl patch sc alicloud-nas -p '{"metadata": {"annotations": {"storageclass.beta.kubernetes.io/is-default-class": "true"}}}'
    kubectl get storageclasses
    NAME                       PROVISIONER     AGE
    alicloud-disk-available    alicloud/disk   420d
    alicloud-disk-efficiency   alicloud/disk   420d
    alicloud-disk-essd         alicloud/disk   420d
    alicloud-disk-ssd          alicloud/disk   420d
    alicloud-nas (default)     alicloud/nas    4h35m

    2、安装Tekton Pipelines

    kubectl apply --filename https://storage.googleapis.com/tekton-releases/pipeline/latest/release.notags.yaml
    安装可能需要一些时间才能完成。您可以使用以下命令检查进度:
    kubectl get pods --namespace tekton-pipelines
    NAME                                           READY   STATUS    RESTARTS   AGE
    tekton-dashboard-698b46b468-7qdhq              1/1     Running   0          41h
    tekton-pipelines-controller-5d8f4756bb-5xxt2   1/1     Running   0          18h
    tekton-pipelines-webhook-5bb8695cc7-5hc42      1/1     Running   0          18h
    确认列出的每个组件都具有状态Running

    3、安装Tekton DashboardUI

    kubectl apply --filename https://github.com/tektoncd/dashboard/releases/latest/download/tekton-dashboard-release.yaml
    安装可能需要一些时间才能完成。您可以使用以下命令检查进度:
    kubectl get pods --namespace tekton-pipelines
    NAME                                           READY   STATUS    RESTARTS   AGE
    tekton-dashboard-698b46b468-7qdhq              1/1     Running   0          41h
    tekton-pipelines-controller-5d8f4756bb-5xxt2   1/1     Running   0          18h
    tekton-pipelines-webhook-5bb8695cc7-5hc42      1/1     Running   0          18h
    确认列出的每个组件都具有状态Running

    4、创建Ingress暴露服务,tekton各个服务的svc安装过程中都会安装完成

    apiVersion: extensions/v1beta1
    kind: Ingress
    metadata:
      name: tekton-dashboard-ui
      namespace: tekton-pipelines
    spec:
      rules:
        - host: tekton.xxx.com
          http:
            paths:
              - backend:
                  serviceName: tekton-dashboard
                  servicePort: 9097
                path: /
      tls:
        - hosts:
            - tekton.xxx.com
          secretName: xxx

     安装到此成功!!!

    5、创建Tekton CI需要的Secret、ServiceAccount、namespace

    5.1、创建构建使用的namespace

    kubectl create namespace operation

    5.2、创建拉取代码的git-secret

    apiVersion: v1
    kind: Secret
    metadata:
      annotations:
          tekton.dev/git-0: xxx.com
      name: git-ssh-key
      namespace: operation
    type: kubernetes.io/ssh-auth
    data:
      ssh-privatekey: xxxx

    5.3、创建推送镜像的docker-secret

    apiVersion: v1
    kind: Secret
    metadata:
      annotations:
        tekton.dev/docker-0: https://xxx.com
      name: docker-registry
      namespace: operation
    type: kubernetes.io/basic-auth
    stringData:
      username: xxxx
      password: xxx

    5.4、创建拉去镜像的docker-secret

    kubectl create secret docker-registry regcred 
      --docker-server=<你的镜像仓库服务器> 
      --docker-username=<你的用户名> 
      --docker-password=<你的密码> 
      --docker-email=<你的邮箱地址>

    5.5、修改operation命名空间下 default ServiceAccount

       注:Tekton,构建的时候没有定义用户的时候,回默认使用构建的operation命名空间下的default 用户

    apiVersion: v1
    imagePullSecrets:
    - name: regsecret
    kind: ServiceAccount
    metadata:
      name: default
      namespace: operation
    secrets:
    - name: docker-registry
    - name: git-ssh-key

    5.6、创建,maven-settings-ConfigMap,

            注:用于tekton构建时指定的settings文件

    kind: ConfigMap
    apiVersion: v1
    metadata:
      name: maven-settings
      namespace: operation
    data:
      settings.xml: |-
          xxxx

    5.7、ACK node节点打labes,

    注:因Tekton 构建需要做缓存,加速构建速度、故利用容器的hostpath,来存储缓存数据,所以要固定构建节点通过定义node labes来绑定构建节点

    kubectl label nodes xxx  kops.k8s.io/instancegroup=build-instance-group
    kubectl label nodes xxx  kops.k8s.io/instancegroup=build-instance-group
     
    kubectl get nodes --show-labels | grep build-instance-group
    xxx    Ready                      <none>   243d    v1.16.9-aliyun.1         kops.k8s.io/instancegroup=build-instance-group,

    xxx Ready <none> 243d v1.16.9-aliyun.1 kops.k8s.io/instancegroup=build-instance-group,

    5.8、修改Tekton ConfigMap 帮定labes,

    kubectl get cm -n tekton-pipelines
    NAME                     DATA   AGE
    config-artifact-bucket   0      46h
    config-artifact-pvc      2      46h
    config-defaults          2      46h
    config-leader-election   4      46h
    config-logging           3      46h
    config-observability     1      46h
    config-registry-cert     0      46h
    feature-flags            8      46h
    istio-ca-root-cert       1      46h
     
    kubectl edit cm config-defaults -n tekton-pipelines
    apiVersion: v1
    data:
      _example: |
        ################################
        #                              #
        #    EXAMPLE CONFIGURATION     #
        #                              #
        ################################
     
        # This block is not actually functional configuration,
        # but serves to illustrate the available configuration
        # options and document them in a way that is accessible
        # to users that `kubectl edit` this config map.
        #
        # These sample configuration options may be copied out of
        # this example block and unindented to be in the data block
        # to actually change the configuration.
     
        # default-timeout-minutes contains the default number of
        # minutes to use for TaskRun and PipelineRun, if none is specified.
        default-timeout-minutes: "60"  # 60 minutes
     
        # default-service-account contains the default service account name
        # to use for TaskRun and PipelineRun, if none is specified.
        default-service-account: "default"
     
        # default-managed-by-label-value contains the default value given to the
        # "app.kubernetes.io/managed-by" label applied to all Pods created for
        # TaskRuns. If a user's requested TaskRun specifies another value for this
        # label, the user's request supercedes.
        default-managed-by-label-value: "tekton-pipelines"
     
        # default-pod-template contains the default pod template to use
        # TaskRun and PipelineRun, if none is specified. If a pod template
        # is specified, the default pod template is ignored.
        # default-pod-template:
     
        # default-cloud-events-sink contains the default CloudEvents sink to be
        # used for TaskRun and PipelineRun, when no sink is specified.
        # Note that right now it is still not possible to set a PipelineRun or
        # TaskRun specific sink, so the default is the only option available.
        # If no sink is specified, no CloudEvent is generated
        # default-cloud-events-sink:
     
        # default-task-run-workspace-binding contains the default workspace
        # configuration provided for any Workspaces that a Task declares
        # but that a TaskRun does not explicitly provide.
        # default-task-run-workspace-binding: |
        #   emptyDir: {}
      default-pod-template: |-
        nodeSelector:
          kops.k8s.io/instancegroup: build-instance-group
    kind: ConfigMap
    metadata:
      annotations:
        kubectl.kubernetes.io/last-applied-configuration: |
          {"apiVersion":"v1","data":{"_example":"################################
    #                              #
    #    EXAMPLE CONFIGURATION     #
    #                              #
    ################################
    
    # This block is not actually functional configuration,
    # but serves to illustrate the available configuration
    # options and document them in a way that is accessible
    # to users that `kubectl edit` this config map.
    #
    # These sample configuration options may be copied out of
    # this example block and unindented to be in the data block
    # to actually change the configuration.
    
    # default-timeout-minutes contains the default number of
    # minutes to use for TaskRun and PipelineRun, if none is specified.
    default-timeout-minutes: "60"  # 60 minutes
    
    # default-service-account contains the default service account name
    # to use for TaskRun and PipelineRun, if none is specified.
    default-service-account: "default"
    
    # default-managed-by-label-value contains the default value given to the
    # "app.kubernetes.io/managed-by" label applied to all Pods created for
    # TaskRuns. If a user's requested TaskRun specifies another value for this
    # label, the user's request supercedes.
    default-managed-by-label-value: "tekton-pipelines"
    
    # default-pod-template contains the default pod template to use
    # TaskRun and PipelineRun, if none is specified. If a pod template
    # is specified, the default pod template is ignored.
    # default-pod-template:
    
    # default-cloud-events-sink contains the default CloudEvents sink to be
    # used for TaskRun and PipelineRun, when no sink is specified.
    # Note that right now it is still not possible to set a PipelineRun or
    # TaskRun specific sink, so the default is the only option available.
    # If no sink is specified, no CloudEvent is generated
    # default-cloud-events-sink:
    
    # default-task-run-workspace-binding contains the default workspace
    # configuration provided for any Workspaces that a Task declares
    # but that a TaskRun does not explicitly provide.
    # default-task-run-workspace-binding: |
    #   emptyDir: {}
    "},"kind":"ConfigMap","metadata":{"annotations":{},"labels":{"app.kubernetes.io/instance":"default","app.kubernetes.io/part-of":"tekton-pipelines"},"name":"config-defaults","namespace":"tekton-pipelines"}}
      creationTimestamp: "2021-01-05T09:54:34Z"
      labels:
        app.kubernetes.io/instance: default
        app.kubernetes.io/part-of: tekton-pipelines
      name: config-defaults
      namespace: tekton-pipelines
      resourceVersion: "2681271548"
      selfLink: /api/v1/namespaces/tekton-pipelines/configmaps/config-defaults
      uid: 5748ce13-ebd5-473f-82b1-ef92061a7dc8

    所需要的镜像现在版本是v.0.19

    官网地址:https://tekton.dev/docs/

  • 相关阅读:
    iot 表 主键索引叶子块包含了表所有数据
    iot 表索引dump《2》
    iot 表索引dump《2》
    heap表和iot表排序规则不同
    heap表和iot表排序规则不同
    ActiveMQ学习总结(4)——业界消息队列简介
    主宰全球的10大算法
    主宰全球的10大算法
    主宰全球的10大算法
    SVN学习总结(1)——SVN简介及入门使用
  • 原文地址:https://www.cnblogs.com/Mr-Axin/p/14292550.html
Copyright © 2020-2023  润新知