欢迎关注我的公众号:
目前刚开始写一个月,一共写了18篇原创文章,文章目录如下:
istio防故障利器,你知道几个,istio新手不要读,太难!
不懂envoyfilter也敢说精通istio系列-http-rbac-不要只会用AuthorizationPolicy配置权限
不懂envoyfilter也敢说精通istio系列-02-http-corsFilter-不要只会vs
不懂envoyfilter也敢说精通istio系列-03-http-csrf filter-再也不用再代码里写csrf逻辑了
不懂envoyfilter也敢说精通istio系列http-jwt_authn-不要只会RequestAuthorization
不懂envoyfilter也敢说精通istio系列-05-fault-filter-故障注入不止是vs
不懂envoyfilter也敢说精通istio系列-06-http-match-配置路由不只是vs
不懂envoyfilter也敢说精通istio系列-07-负载均衡配置不止是dr
不懂envoyfilter也敢说精通istio系列-08-连接池和断路器
不懂envoyfilter也敢说精通istio系列-09-http-route filter
不懂envoyfilter也敢说精通istio系列-network filter-redis proxy
不懂envoyfilter也敢说精通istio系列-network filter-HttpConnectionManager
不懂envoyfilter也敢说精通istio系列-ratelimit-istio ratelimit完全手册
tekton新课发布:ci/cd之tekton实战--其他视频教程-系统/网络/运维-CSDN程序员研修院
什么是PipelineRun
PipelineRun允许您实例化并执行集群内管道。管道按所需的执行顺序指定一个或多个任务。PipelineRun按照指定的顺序在管道中执行任务,直到所有任务成功执行或发生故障为止。
注意:PipelineRun自动为管道中的每个任务创建相应的TaskRun。
Status
字段跟踪PipelineRun的当前状态,并可用于监视进度。此字段包含每个TaskRun的状态,以及用于实例化此PipelineRun的完整PipelineSpec,以实现全面的可审核性。
资源详解
pipelineRef
resources
serviceAccountName
params
pipelinerun/pipelineRef/sa.yaml
apiVersion: v1 kind: ServiceAccount metadata: name: test-task-robot-git-ssh secrets: - name: registry-secret
kubectl create secret docker-registry registry-secret \ --docker-server=registry.cn-beijing.aliyuncs.com \ --docker-username=195446040@qq.com \ --docker-password=123456 -n tekton kubectl create clusterrolebinding cluster-admin-test-task --clusterrole=cluster-admin --serviceaccount=tekton:test-task-robot-git-ssh -n tekton
pipelinerun/pipelineRef/res-image.yaml
apiVersion: tekton.dev/v1alpha1 kind: PipelineResource metadata: name: my-image spec: type: image params: - name: url value: registry.cn-beijing.aliyuncs.com/hxpdocker/testimage
pipelinerun/pipelineRef/res-git.yaml
apiVersion: tekton.dev/v1alpha1 kind: PipelineResource metadata: name: workspace spec: type: git params: - name: url value: https://codechina.csdn.net/hxpjava1/test.git - name: revision value: master
pipelinerun/pipelineRef/task-build-push-kaniko.yaml
apiVersion: tekton.dev/v1beta1 kind: Task metadata: name: build-push-kaniko spec: resources: inputs: - name: workspace type: git outputs: - name: builtImage type: image params: - name: pathToDockerFile description: The path to the dockerfile to build default: /workspace/workspace/Dockerfile - name: pathToContext description: The build context used by Kaniko default: /workspace/workspace steps: - name: build-and-push image: registry.us-west-1.aliyuncs.com/hxpapp/kaniko-executor:latest #env: #- name: "DOCKER_CONFIG" # value: "/tekton/home/.docker/" args: - --dockerfile=$(inputs.params.pathToDockerFile) - --destination=$(outputs.resources.builtImage.url) - --context=$(inputs.params.pathToContext) - --oci-layout-path=$(inputs.resources.builtImage.path) securityContext: runAsUser: 0 volumeMounts: - name: kaniko-secret mountPath: /kaniko/.docker/ volumes: - name: kaniko-secret secret: secretName: registry-secret items: - key: .dockerconfigjson path: config.json
pipelinerun/pipelineRef/task-kubectl-deploy.yaml
apiVersion: tekton.dev/v1beta1 kind: Task metadata: name: kubectl-deploy spec: params: - name: script_body type: string #default: "kubectl apply -f deployment.yaml -n tekton" resources: inputs: - name: image type: image - name: workspace type: git steps: - name: kubectl-deploy image: registry.cn-shanghai.aliyuncs.com/hxpdocker/kubectl:latest script: | $(params.script_body)
pipelinerun/pipelineRef/pipeline-my.yaml
apiVersion: tekton.dev/v1beta1 kind: Pipeline metadata: name: mypipeline spec: tasks: - name: build-app taskRef: name: build-push-kaniko resources: inputs: - name: workspace resource: workspace outputs: - name: builtImage resource: my-image - name: deploy-app taskRef: name: kubectl-deploy resources: inputs: - name: workspace resource: workspace - name: image resource: my-image from: - build-app params: - name: script_body value: $(params.script_body_pipeline) params: - name: script_body_pipeline type: string resources: - name: workspace type: git - name: my-image type: image
pipelinerun/pipelineRef/pipelinerun-my.yaml
apiVersion: tekton.dev/v1beta1 kind: PipelineRun metadata: generateName: mypipeline-run spec: serviceAccountName: test-task-robot-git-ssh pipelineRef: name: mypipeline params: - name: script_body_pipeline value: "kubectl apply -f /workspace/workspace/deployment.yaml " resources: - name: workspace resourceRef: name: workspace - name: my-image resourceRef: name: my-image
pipelineSpec
pipelinerun/pipelinerun-pipelineSpec.yaml
apiVersion: tekton.dev/v1beta1 kind: PipelineRun metadata: generateName: mypipeline-run spec: serviceAccountName: test-task-robot-git-ssh pipelineSpec: tasks: - name: build-app taskRef: name: build-push-kaniko resources: inputs: - name: workspace resource: workspace outputs: - name: builtImage resource: my-image - name: deploy-app taskRef: name: kubectl-deploy resources: inputs: - name: workspace resource: workspace - name: image resource: my-image from: - build-app params: - name: script_body value: $(params.script_body_pipeline) params: - name: script_body_pipeline type: string resources: - name: workspace type: git - name: my-image type: image params: - name: script_body_pipeline value: "kubectl apply -f /workspace/workspace/deployment.yaml " resources: - name: workspace resourceRef: name: workspace - name: my-image resourceRef: name: my-image
serviceAccountNames
pipelinerun/pipelinerun-serviceAccountNames.yaml
apiVersion: tekton.dev/v1beta1 kind: PipelineRun metadata: generateName: mypipeline-run spec: serviceAccountNames: - taskName: build-app serviceAccountName: test-task-robot-git-ssh - taskName: deploy-app serviceAccountName: test-task-robot-git-ssh pipelineRef: name: mypipeline params: - name: script_body_pipeline value: "kubectl apply -f /workspace/workspace/deployment.yaml " resources: - name: workspace resourceRef: name: workspace - name: my-image resourceRef: name: my-image
taskRunSpec
taskPodTemplate
pipelinerun/pipelinerun-taskRunSpec.yaml
apiVersion: tekton.dev/v1beta1 kind: PipelineRun metadata: generateName: mypipeline-run spec: serviceAccountNames: - taskName: build-app serviceAccountName: test-task-robot-git-ssh pipelineRef: name: mypipeline taskRunSpecs: - pipelineTaskName: deploy-app taskServiceAccountName: test-task-robot-git-ssh taskPodTemplate: nodeSelector: kubernetes.io/hostname: 192.168.198.154 params: - name: script_body_pipeline value: "kubectl apply -f /workspace/workspace/deployment.yaml " resources: - name: workspace resourceRef: name: workspace - name: my-image resourceRef: name: my-image
timeout
pipelinerun/pipelinerun-timeout.yaml
apiVersion: tekton.dev/v1beta1 kind: PipelineRun metadata: generateName: mypipeline-run spec: timeout: 1s serviceAccountNames: - taskName: build-app serviceAccountName: test-task-robot-git-ssh - taskName: deploy-app serviceAccountName: test-task-robot-git-ssh pipelineRef: name: mypipeline params: - name: script_body_pipeline value: "kubectl apply -f /workspace/workspace/deployment.yaml " resources: - name: workspace resourceRef: name: workspace - name: my-image resourceRef: name: my-image
podTemplate
pipelinerun/pipelinerun-podTemplate.yaml
apiVersion: tekton.dev/v1beta1 kind: PipelineRun metadata: generateName: mypipeline-run spec: podTemplate: securityContext: runAsUser: 0 serviceAccountNames: - taskName: build-app serviceAccountName: test-task-robot-git-ssh - taskName: deploy-app serviceAccountName: test-task-robot-git-ssh pipelineRef: name: mypipeline params: - name: script_body_pipeline value: "kubectl apply -f /workspace/workspace/deployment.yaml " resources: - name: workspace resourceRef: name: workspace - name: my-image resourceRef: name: my-image