Installation and upgrade of Tekton with Tekton Operator
I give 100% credit to my friend and colleague Andrea Frittoli for sharing his experiences on Tekton with me. Without his guidance, I wouldn’t be able to write this tutorial. I was preparing a demo of Tekton Operator for the session Tekton's Hassle-free Journey with Tekton Operator at the in coming cdCon 2021. However, I ran into the issue of connecting github events to Tekton Trigger installed on Kubernetes service. Andrea’s expertise was like the a beam of light penetrating my darkest tunnel, guiding me through the path to the paradise of Tekton truth. Next, I will walk you through how toset up and test the demo of Tekton operator.
Prerequisites:
- Set up a local Tekton locally on docker-desktop Kubernetes
Install smee. Click on the button Start a new channel. You will be directed to the page of webhook Deliveries:
A Webhook Proxy URL is generated for you at https://smee.io/pUUFF1sfFnIXhvX. This URL will be different each time you visit this page. Save it into the variable WEBHOOK_URL for further use. Open the terminal on the local workstation, and run the following commands:
export WEBHOOK_URL=https://smee.io/pUUFF1sfFnIXhvXnpm install --global smee-clientsmee -u $WEBHOOK_URL --target http://localhost/ci/
Install nginx. Run the following commands:
kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v0.45.0/deploy/static/provider/cloud/deploy.yamlkubectl wait --namespace ingress-nginx --for=condition=ready pod --selector=app.kubernetes.io/component=controller --timeout=120s
2. Set up Tekton in IKS
TBD…
Github repository with the webhook:
I am about to use github as the platform to generate the event, so I create the repository here, and then create a webhook for this repository:
Make sure the payload URL is set as the value of the $WEBHOOK_URL. It is https://smee.io/pUUFF1sfFnIXhvX for my example. Don’t forget to get a secret. I use tekton as the secret.
Specify json as the content type. Specify Pull requests as the event.
After this webhook is created, each time there is a new PR, an event payload will be sent to the $WEBHOOK_URL as you specified.
For local Kubernetes service on dosker-desktop, smee can redirect all the traffics sent to the $WEBHOOK_URL to the local path “http://localhost/ci/”. We need to set up an ingress defining the traffic rules, which I will touch based on later.
Install Tekton with Tekton operator:
The latest release of Tekton operator is v0.22.0–2 by far. Install this version via the command:
kubectl apply -f https://storage.googleapis.com/tekton-releases/operator/previous/v0.22.0-2/release.yaml
Check if the operator is ready:
kubectl get deploy -n tekton-operator
If everything is installed, you will get the output as:
NAME READY UP-TO-DATE AVAILABLE AGE
tekton-operator 1/1 1 1 19s
To check the log of the operator, run the command:
kubectl logs -f deploy/tekton-operator -n tekton-operator
Install all Tekton components: pipeline, trigger and dashboard with a single command:
kubectl apply -f https://raw.githubusercontent.com/tektoncd/operator/main/config/crs/kubernetes/config/all/operator_v1alpha1_config_cr.yaml
The CR TektonConfig with full mode is able install of the Tekton operator CRs: TektonPipeline, TektonTrigger and TektonDashboard. This is the most convenient way to install everything, but you can always choose to install them individually with:
For pipeline:
kubectl apply -f https://raw.githubusercontent.com/tektoncd/operator/main/config/crs/kubernetes/pipeline/operator_v1alpha1_pipeline_cr.yaml
For trigger:
kubectl apply -f https://raw.githubusercontent.com/tektoncd/operator/main/config/crs/kubernetes/trigger/operator_v1alpha1_trigger_cr.yaml
For dashboard:
kubectl apply -f https://raw.githubusercontent.com/tektoncd/operator/main/config/crs/kubernetes/dashboard/operator_v1alpha1_dashboard_cr.yaml
Check the status of Tekton components:
kubectl get TektonConfig,TektonPipeline,TektonTrigger,TektonDashboard
Once they are ready, you should get the output as below:
NAME READY REASON
tektonconfig.operator.tekton.dev/config True
NAME VERSION READY REASON
tektonpipeline.operator.tekton.dev/pipeline 0.22.0 True
NAME VERSION READY REASON
tektontrigger.operator.tekton.dev/trigger 0.12.1 True
NAME VERSION READY REASON
tektondashboard.operator.tekton.dev/dashboard 0.15.0 True
Configure the ingress for dashboard:
Apply the following resource “kind: ingress” named “tekton-dashboard” to the cluster.
cat <<EOF | kubectl create -f -
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: tekton-dashboard
namespace: tekton-pipelines
annotations:
nginx.ingress.kubernetes.io/rewrite-target: /\$2
nginx.ingress.kubernetes.io/configuration-snippet: |
rewrite ^(/[a-z1-9\-]*)$ \$1/ redirect;
spec:
rules:
- http:
paths:
- path: /dashboard(/|$)(.*)
pathType: Prefix
backend:
service:
name: tekton-dashboard
port:
number: 9097
EOF
Attention! Be aware of the “escape”. If you want to save the ingress resource into the yaml file, save the following content:
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: tekton-dashboard
namespace: tekton-pipelines
annotations:
nginx.ingress.kubernetes.io/rewrite-target: /$2
nginx.ingress.kubernetes.io/configuration-snippet: |
rewrite ^(/[a-z1-9\-]*)$ $1/ redirect;
spec:
rules:
- http:
paths:
- path: /dashboard(/|$)(.*)
pathType: Prefix
backend:
service:
name: tekton-dashboard
port:
number: 9097
The char “escape” is for script only, not applicable in the yaml file.
Visit the link at http://localhost/dashboard
Install the Github example for Tekton trigger:
Go to the repository: https://github.com/tektoncd/triggers. Download the source code:
git clone git@github.com:tektoncd/triggers.git
Install the example under examples/github/:
kubectl apply -f examples/github/
Configure the ingress for the eventListener in trigger. Save the following content into a file called ingress-trigger.yaml:
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: tekton-trigger
annotations:
nginx.ingress.kubernetes.io/rewrite-target: /$2
nginx.ingress.kubernetes.io/configuration-snippet: |
rewrite ^(/[a-z1-9\-]*)$ $1/ redirect;
spec:
rules:
- http:
paths:
- path: /ci(/|$)(.*)
pathType: Prefix
backend:
service:
name: el-github-listener-interceptor
port:
number: 8000
Run the command to install the ingress for the event listener:
kubectl apply -f ingress-trigger.yaml
Create a new PR for the repository: https://github.com/houshengbo/demo-tekton/
Check if a TaskRun is created, with the name beginning with “github-run-”:
kubectl get taskruns | grep github-run-
Don’t want to derail? Follow Vincent!