《OpenShift 4.x HOL教程汇总》
说明:本文已经在OpenShift 4.8环境中验证
Task
在Task中执行命令
在Task中可以使用“command”和“script”方式在运行Task的容器中执行命令,但是在一个“Step”中只允许使用一种方式,不允许两者同时使用。
command 的使用方式
一个Task的command只能运行一个命令
apiVersion: tekton.dev/v1beta1
kind: Task
metadata:
name: my-command
spec:
steps:
- name: say-hello-1
image: registry.access.redhat.com/ubi8/ubi-minimal
command:
- /bin/bash
args: ['-c', 'echo Hello World']
- name: say-hello-2
image: registry.access.redhat.com/ubi8/ubi-minimal
command:
- echo
args:
- Hello World
- image: registry.access.redhat.com/ubi8/ubi-minimal
name: say-hello-3
command:
- /bin/bash
- '-c'
- echo Hello World
执行任务
$ tkn task start my-command --showlog --use-taskrun my-command-run
TaskRun started: my-command-run-z4pbh
Waiting for logs to be available...
[say-hello-1] Hello World
[say-hello-2] Hello World
[say-hello-3] Hello World
script 的使用方式
在一个Task的script 中可以使用多个命令。
apiVersion: tekton.dev/v1beta1
kind: Task
metadata:
name: my-script
spec:
params:
- name: GIT
type: string
- name: APP_NAME
type: string
- name: IMAGE_NAME
type: string
steps:
- image: image-registry.openshift-image-registry.svc:5000/openshift/cli:latest
name: oc-script
script: |
#!/usr/bin/env bash
oc new-app $(params.IMAGE_NAME)~$(params.GIT) --name=$(params.APP_NAME)
执行任务
$ tkn task start my-script --showlog \
-p IMAGE_NAME='centos/ruby-25-centos7' \
-p GIT=https://github.com/sclorg/ruby-ex.git \
-p APP_NAME=myapp
TaskRun的缺省运行属性
每个Task对应一个TaskRun运行,而每个TaskRun对应一个Pod;而每个Step对应一个Container。如果一个Task中有多个Step,则这些Step都在同一个Pod中。可以查看上面名为“my-command”的Task对应的TaskRun实例中的Pod内部包含的容器。
$ oc get pod my-command-run-z4pbh-pod-p4gjn -ojsonpath={
.spec.containers[*].name}
step-say-hello-1 step-say-hello-2 step-say-hello-3
每个TaskRun缺省使用当前项目中名为“pipeline”的‘ServiceAccountName’运行,同时设置运行该Task的超时“timeout”为一小时。
serviceAccountName: pipeline
timeout: 1h0m0s
Task 下的缺省目录
在Task中可以设置在运行期间与其对应的运行Pod使用的目录:
(1)Task缺省所处目录是在“/workspace”,可以通过设置“step”的“workingDir”来更改缺省所处目录
(2)Task缺省HOME目录(即“~/”)是“/tekton/results”
(3)Task执行结果保存在“/tekton/results”目录下
- “/tekton/home”
apiVersion: tekton.dev/v1beta1
kind: Task
metadata:
name: directory-task
spec:
steps:
- image: registry.access.redhat.com/ubi8/ubi-minimal
name: step-1
script: |
#!/usr/bin/env bash
echo "pwd"
pwd
echo -e "\necho ~"
echo ~
echo -e "\nls -l /workspace"
ls -l /workspace
echo -e "\nls -l /tekton"
ls -l /tekton
echo -e "\nls -l /tekton/results"
ls -l /tekton/results
- image: registry.access.redhat.com/ubi8/ubi-minimal
name: step-2
workingDir: /workspace/src/step-2
script: |
#!/usr/bin/env bash
pwd
执行结果
$ tkn task start directory-task --showlog
TaskRun started: directory-task-run-bjdzp
Waiting for logs to be available...
[step-1] pwd
[step-1] /workspace
[step-1]
[step-1] echo ~
[step-1] /tekton/home
[step-1]
[step-1] ls -l /workspace
[step-1] total 0
[step-1] drwxr-sr-x. 3 root 1000730000 20 Oct 6 12:10 src
[step-1]
[step-1] ls -l /tekton
[step-1] total 0
[step-1] drwxrwsrwt. 3 root 1000730000 60 Oct 6 09:58 creds
[step-1] drwxr-xr-x. 6 root root 126 Oct 6 09:58 creds-secrets
[step-1] drwxrwsrwt. 3 root 1000730000 100 Oct 6 09:58 downward
[step-1] drwxrwsrwx. 3 root 1000730000 21 Oct 6 09:58 home
[step-1] drwxrwsrwx. 2 root 1000730000 6 Oct 6 09:58 results
[step-1] drwxrwsrwx. 2 root 1000730000 28 Oct 6 09:58 scripts
[step-1] -rw-rw-rw-. 1 root root 0 Oct 6 09:58 termination
[step-1] drwxrwsrwx. 2 root 1000730000 24 Oct 6 09:58 tools
[step-1]
[step-1] ls -l /tekton/results
[step-1] total 0
[step-2] /workspace/src/step-2
在Task中不同的Step共享数据
由于同一Task中不同的Step是一个Pod中的多个Container,因此这些Step可以利用Pod的存储共享数据。
使用results共享数据
可以将字符串数据保存在Task的results区域,这些数据实际存放在“/workspace/results”目录中,数据名称和值分别是文件名和文件内容。
apiVersion: tekton.dev/v1beta1
kind: Task
metadata:
name: sharing-results
spec:
results:
- name: message
description: Message to be shared
steps:
- name: write
image: registry.access.redhat.com/ubi8/ubi-minimal
script: |
#!/usr/bin/env bash
echo "Secret Message" | base64 > $(results.message.path)
ls -al $(results.message.path)
- name: read
image: registry.access.redhat.com/ubi8/ubi-minimal
script: |
#!/usr/bin/env bash
cat $(results.message.path)
执行结果
$ tkn task start sharing-results --showlog
TaskRun started: sharing-results-run-vcjj4
Waiting for logs to be available...
[write] -rw-r--r--. 1 root 1000760000 21 Sep 7 15:21 /tekton/results/message
[read] U2VjcmV0IE1lc3NhZ2UK
使用Home目录共享文件
apiVersion: tekton.dev/v1beta1
kind: Task
metadata:
name: write-read-file
spec:
steps:
- image: registry.access.redhat.com/ubi8/ubi-minimal
name: write-file
script: |
#!/usr/bin/env bash
echo Hello Tekton > ~/hello.txt
ls -l ~/hello.txt
- image: registry.access.redhat.com/ubi8/ubi-minimal
name: read-file
script: |
#!/usr/bin/env bash
cat ~/hello.txt
执行结果
$ tkn task start write-read-file --showlog
TaskRun started: write-read-file-run-4vrt5
Waiting for logs to be available...
[write-file] -rw-r--r--. 1 root 1000630000 13 Sep 6 09:30 /tekton/home/hello.txt
[read-file] Hello Tekton
利用Pod的emptyDir存储目录共享文件
在Pod级别定义名为“my-volume”的空卷,然后挂到对应“Step”对应的容器上。可以有多个不同的空卷,但是它们对应的Pod上的存储是对应不同目录。
apiVersion: tekton.dev/v1beta1
kind: Task
metadata:
name: volume-task
spec:
steps:
- image: registry.access.redhat.com/ubi8/ubi-minimal
name: write
script: |
#!/usr/bin/env bash
echo hello > /var/write-volume/$(context.taskRun.uid)
ls -l /var/write-volume/
volumeMounts:
- mountPath: /var/write-volume
name: my-volume
- image: registry.access.redhat.com/ubi8/ubi
name: read
script: |
#!/usr/bin/env bash
ls -l /etc/read-volume/
cat /etc/read-volume/$(context.taskRun.uid)
volumeMounts:
- mountPath: /etc/read-volume
name: my-volume
volumes:
- emptyDir: {
}
name: my-volume
$ tkn task start volume-task --showlog
TaskRun started: volume-task-run-9zxrq
Waiting for logs to be available...
[write] total 4
[write] -rw-r--r--. 1 root 1000750000 6 Sep 6 10:29 96313f65-bb96-478f-984a-8febe34d041d
[read] total 4
[read] -rw-r--r--. 1 root 1000750000 6 Sep 6 10:29 96313f65-bb96-478f-984a-8febe34d041d
[read] hello
Task超时
apiVersion: tekton.dev/v1beta1
kind: Task
metadata:
name: task-timeout
spec:
steps:
- image: registry.access.redhat.com/ubi8/ubi-minimal
name: sleep-then-timeout
script: |
#!/usr/bin/env bash
echo "I am supposed to sleep for 60 seconds!"
sleep 60
timeout: 5s
执行结果
$ tkn task start task-timeout --showlog
TaskRun started: task-timeout-run-jx2w5
Waiting for logs to be available...
[sleep-then-timeout] I am supposed to sleep for 60 seconds!
[sleep-then-timeout] 2021/09/04 12:32:31 Error executing command: context deadline exceeded
container step-sleep-then-timeout has failed : [{
"key":"StartedAt","value":"2021-09-04T12:32:26.611Z","type":"InternalTektonResult"},{
"key":"Reason","value":"TimeoutExceeded","type":"InternalTektonResult"}]
保存 Task 执行结果
The stored results can be used at the Task level or at the Pipeline level.
可以用Task的result保存执行结果,结果被写入名为“results..path”的文件中,result结果不能超过4096个字节。
apiVersion: tekton.dev/v1beta1
kind: Task
metadata:
name: print-date
spec:
results:
- name: current-date-unix-timestamp
- name: current-date-human-readable
steps:
- name: print-date-unix-timestamp
image: bash:latest
script: |
#!/usr/bin/env bash
date +%s | tee $(results.current-date-unix-timestamp.path)
echo $(results.current-date-unix-timestamp.path)
- name: print-date-human-readable
image: bash:latest
script: |
#!/usr/bin/env bash
date | tee $(results.current-date-human-readable.path)
echo $(results.current-date-human-readable.path)
执行结果:
$ tkn task start print-date --showlog
TaskRun started: print-date-run-8gvll
Waiting for logs to be available...
[print-date-unix-timestamp] 1630845531
[print-date-unix-timestamp] /tekton/results/current-date-unix-timestamp
[print-date-human-readable] Sun Sep 5 12:38:52 UTC 2021
[print-date-human-readable] /tekton/results/current-date-human-readable
ClusterTask和Task
Tekton的ClusterTask可以在任何项目中被使用,而一般的Task只能在对应的项目中被使用。
$ oc get clustertask
NAME AGE
buildah 9d
buildah-1-5-0 9d
git-cli 9d
git-clone 9d
git-clone-1-5-0 9d
helm-upgrade-from-repo 9d
helm-upgrade-from-source 9d
jib-maven 9d
kn 9d
kn-1-5-0 9d
kn-apply 9d
kn-apply-1-5-0 9d
kubeconfig-creator 9d
maven 9d
openshift-client 9d
openshift-client-1-5-0 9d
pull-request 9d
s2i-dotnet 9d
s2i-dotnet-1-5-0 9d
s2i-go 9d
s2i-go-1-5-0 9d
s2i-java 9d
s2i-java-1-5-0 9d
s2i-nodejs 9d
s2i-nodejs-1-5-0 9d
s2i-perl 9d
s2i-perl-1-5-0 9d
s2i-php 9d
s2i-php-1-5-0 9d
s2i-python 9d
s2i-python-1-5-0 9d
s2i-ruby 9d
s2i-ruby-1-5-0 9d
skopeo-copy 9d
skopeo-copy-1-5-0 9d
tkn 9d
tkn-1-5-0 9d
trigger-jenkins-job 9d
查看ClusterTask,可以看到在名为“openshift-client”的ClusterTask中使用了“image-registry.openshift-image-registry.svc:5000/openshift/cli”镜像。
$ oc get clustertask openshift-client -o yaml
。。。
spec:
description: |-
This task runs commands against the cluster provided by user and if not provided then where the Task is being executed.
OpenShift is a Kubernetes distribution from Red Hat which provides oc, the OpenShift CLI that complements kubectl for simplifying deployment and configuration applications on OpenShift.
params:
- default: oc help
description: The OpenShift CLI arguments to run
name: SCRIPT
type: string
- default: latest
description: The OpenShift Version to use
name: VERSION
type: string
steps:
- image: image-registry.openshift-image-registry.svc:5000/openshift/cli:$(params.VERSION)
name: oc
script: |
#!/usr/bin/env bash
[[ "$(workspaces.manifest-dir.bound)" == "true" ]] && \
cd $(workspaces.manifest-dir.path)
[[ "$(workspaces.kubeconfig-dir.bound)" == "true" ]] && \
[[ -f $(workspaces.kubeconfig-dir.path)/kubeconfig ]] && \
export KUBECONFIG=$(workspaces.kubeconfig-dir.path)/kubeconfig
$(params.SCRIPT)
workspaces:
- description: The workspace which contains kubernetes manifests which we want to apply on the cluster.
name: manifest-dir
optional: true
- description: The workspace which contains the the kubeconfig file if in case we want to run the oc command on another cluster.
name: kubeconfig-dir
optional: true
运行上面的ClusterTask,确认运行结果。
$ tkn clustertask start openshift-client -p SCRIPT="oc version" --showlog --use-param-defaults
? Do you want to give specifications for the optional workspace `manifest-dir`: (y/N) N
? Do you want to give specifications for the optional workspace `kubeconfig-dir`: (y/N) N
TaskRun started: openshift-client-run-2spwv
Waiting for logs to be available...
[oc] Client Version: 4.8.0-202108061927.p0.git.c6ad8ac.assembly.stream-c6ad8ac
[oc] Kubernetes Version: v1.21.1+9807387
Pipeline 执行 Task 的顺序
先创建以下Task
apiVersion: tekton.dev/v1beta1
kind: Task
metadata:
name: say-something
spec:
params:
- name: say-what
description: What should I say
default: hello
type: string
- name: pause-duration
description: How long to wait before saying something
default: '0'
type: string
steps:
- name: say-it
image: registry.access.redhat.com/ubi8/ubi-minimal
command:
- /bin/bash
args: ['-c', 'sleep $(params.pause-duration) && echo $(params.say-what)']
并行运行Task
apiVersion: tekton.dev/v1beta1
kind: Pipeline
metadata:
name: say-things-in-order
spec:
tasks:
- name: task-1
params:
- name: pause-duration
value: "2"
- name: say-what
value: "Hello, this is the first task"
taskRef:
name: say-something
- name: task-2
params:
- name: say-what
value: "Happening after task 1, in parallel with task 3"
- name: pause-duration
value: "2"
taskRef:
name: say-something
- name: task-3
params:
- name: say-what
value: "Happening after task 1, in parallel with task 2"
- name: pause-duration
value: "1"
taskRef:
name: say-something
- name: task-4
params:
- name: say-what
value: "Happening after task 2 and 3"
taskRef:
name: say-something
执行结果
$ tkn pipeline start say-things-in-order --showlog
PipelineRun started: say-things-in-order-run-rp2kw
Waiting for logs to be available...
[task-4 : say-it] Happening after task 2 and 3
[task-3 : say-it] Happening after task 1, in parallel with task 2
[task-1 : say-it] Hello, this is the first task
[task-2 : say-it] Happening after task 1, in parallel with task 3
串并运行Task
apiVersion: tekton.dev/v1beta1
kind: Pipeline
metadata:
name: say-things-in-order
spec:
tasks:
- name: task-1
params:
- name: pause-duration
value: "2"
- name: say-what
value: "Hello, this is the first task"
taskRef:
name: say-something
- name: task-2
params:
- name: say-what
value: "Happening after task 1, in parallel with task 3"
- name: pause-duration
value: "2"
taskRef:
name: say-something
runAfter:
- task-1
- name: task-3
params:
- name: say-what
value: "Happening after task 1, in parallel with task 2"
- name: pause-duration
value: "1"
taskRef:
name: say-something
runAfter:
- task-1
- name: task-4
params:
- name: say-what
value: "Happening after task 2 and 3"
taskRef:
name: say-something
runAfter:
- task-2
- task-3
执行结果
$ tkn pipeline start say-things-in-order --showlog
PipelineRun started: say-things-in-order-run-4rkzz
Waiting for logs to be available...
[task-1 : say-it] Hello, this is the first task
[task-3 : say-it] Happening after task 1, in parallel with task 2
[task-2 : say-it] Happening after task 1, in parallel with task 3
[task-4 : say-it] Happening after task 2 and 3
PipelineResource
在Pipeline和Task中使用的PipelineResources是一组对象,它们将被用作Task的输入或输出。
- Git资源:A Task’s input could be a GitHub source which contains your application code.
- Image资源:A Task’s output can be your application container image which can be deployed.
- JAR资源:A Task’s output can be a jar file to be uploaded to a storage bucket.
Git类型资源
只能作为 Input 资源。可用用“targetPath”和“workingDir”参数修改
- Tekton的git资源缺省会放在“/workspace/source”目录下,可以用"targetPath参数指定目标目录,如下面将git资源保存到“/workspace/code”中。
apiVersion: tekton.dev/v1beta1
kind: Task
metadata:
name: repo-files-count
spec:
resources:
inputs:
- name: repo
type: git
targetPath: code
steps:
- image: registry.access.redhat.com/ubi8/ubi-minimal
name: repo-files-count
script: |
#!/usr/bin/env bash
echo [pwd]
pwd
echo --------------------
echo ['ls -l /workspace']
ls -l /workspace
echo --------------------
echo ['ls -l ./code']
ls -l ./code
echo --------------------
echo $(find ./code -type f | wc -l) files in repo
- image: registry.access.redhat.com/ubi8/ubi
name: change-workingdir
workingDir: /workspace/code
script: |
#!/usr/bin/env bash
echo [pwd]
pwd
---
apiVersion: tekton.dev/v1alpha1
kind: PipelineResource
metadata:
name: git-repo
spec:
type: git
params:
- name: url
value: https://github.com/joellord/handson-tekton.git
执行结果
$ tkn task start repo-files-count --inputresource repo=git-repo --showlog
TaskRun started: repo-files-count-run-75296
Waiting for logs to be available...
[git-source-repo-gqwqc] {
"level":"info","ts":1630813246.0270514,"caller":"git/git.go:169","msg":"Successfully cloned https://github.com/joellord/handson-tekton.git @ 0f1518c2b6b21024b956572bcb20a7e01bded1a4 (grafted, HEAD) in path /workspace/code"}
[git-source-repo-gqwqc] {
"level":"info","ts":1630813246.073183,"caller":"git/git.go:207","msg":"Successfully initialized and updated submodules in path /workspace/code"}
[repo-files-count] [pwd]
[repo-files-count] /workspace
[repo-files-count] --------------------
[repo-files-count] [ls -l /workspace]
[repo-files-count] total 0
[repo-files-count] drwxr-sr-x. 6 root 1000730000 96 Oct 6 13:27 code
[repo-files-count] --------------------
[repo-files-count] [ls -l ./code]
[repo-files-count] total 20
[repo-files-count] -rw-r--r--. 1 root 1000730000 18788 Oct 6 13:27 README.md
[repo-files-count] drwxr-sr-x. 3 root 1000730000 100 Oct 6 13:27 app
[repo-files-count] drwxr-sr-x. 2 root 1000730000 227 Oct 6 13:27 demo
[repo-files-count] drwxr-sr-x. 2 root 1000730000 24 Oct 6 13:27 installation
[repo-files-count] --------------------
[repo-files-count] 60 files in repo
[change-workingdir] [pwd]
[change-workingdir] /workspace/code
Image类型资源
用Workspace共享数据
Workspace可以是以下类型和调用:
- PVC
name=my-pvc,claimName=pvc1[,subPath=dir]
可用在Pipeline的不同Task之间共享文件数据 - Secret
name=my-secret,secret=secret-name
可用在Pipeline的不同Task之间共享Secret数据 - ConfigMap
name=my-config,config=rpg[,item=ultimav=1]
可用在Pipeline的不同Task之间共享ConfigMap数据 - emptyDir
name=my-empty-dir,emptyDir=""
emptyDir字段引用一个emptyDir卷,它持有一个临时目录,其寿命与调用它的TaskRun一样长。emptyDir卷不适合在一个管道内的任务之间共享数据。然而,它们对于单个任务运行来说效果很好,因为存储在 emptyDir 中的数据需要在任务的步骤中共享,并在执行后被丢弃。
创建PVC资源
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: tkn-pvc-1
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 1Gi
在Pipeline中不同的Task读写同一文件
apiVersion: tekton.dev/v1beta1
kind: Task
metadata:
name: write
spec:
workspaces:
- name: write-dir
steps:
- name: write
image: registry.access.redhat.com/ubi8/ubi
command:
- /bin/bash
args: ['-c', 'echo hello > $(workspaces.write-dir.path)/hello.txt && echo done']
- image: registry.access.redhat.com/ubi8/ubi
name: print-dir
script: |
#!/usr/bin/env bash
echo [ls -l $(workspaces.write-dir.path)]
ls -l $(workspaces.write-dir.path)
echo workspaces.write-dir.bound=$(workspaces.write-dir.bound)
echo workspaces.write-dir.claim=$(workspaces.write-dir.claim)
echo workspaces.write-dir.volume=$(workspaces.write-dir.volume)
---
apiVersion: tekton.dev/v1beta1
kind: Task
metadata:
name: read
spec:
workspaces:
- name: read-dir
steps:
- name: read
image: registry.access.redhat.com/ubi8/ubi
command:
- /bin/bash
args: ['-c', 'cat $(workspaces.read-dir.path)/hello.txt']
- image: registry.access.redhat.com/ubi8/ubi
name: print-dir
script: |
#!/usr/bin/env bash
echo [ls -l $(workspaces.read-dir.path)]
ls -l $(workspaces.read-dir.path)
---
apiVersion: tekton.dev/v1beta1
kind: Pipeline
metadata:
name: workspaces-sharing
spec:
workspaces:
- name: pipeline-ws1
tasks:
- name: write
taskRef:
name: write
workspaces:
- name: write-dir
workspace: pipeline-ws1
- name: read
taskRef:
name: read
workspaces:
- name: read-dir
workspace: pipeline-ws1
runAfter:
- write
执行结果:
$ tkn pipeline start workspaces-sharing -w name=pipeline-ws1,claimName=tkn-pvc-1 --showlog
PipelineRun started: workspaces-sharing-run-5scgt
Waiting for logs to be available...
[write : write] done
[write : print-dir] [ls -l /workspace/write-dir]
[write : print-dir] total 8
[write : print-dir] -rw-rw-r--. 1 root 1000750000 6 Sep 5 11:49 hello.txt
[write : print-dir] workspaces.write-dir.bound=true
[write : print-dir] workspaces.write-dir.claim=tkn-pvc-1
[write : print-dir] workspaces.write-dir.volume=ws-sr7dk
[read : read] hello
[read : print-dir] [ls -l /workspace/read-dir]
[read : print-dir] total 8
[read : print-dir] -rw-rw-r--. 1 root 1000750000 6 Sep 5 11:49 hello.txt
更改Workspace挂载资源位置
可以使用“mountPath”参数更改Workspace的挂载的目录位置。
apiVersion: tekton.dev/v1beta1
kind: Task
metadata:
name: change-ws-mountpath
spec:
steps:
- image: registry.access.redhat.com/ubi8/ubi-minimal
name: write-message
script: |
#!/usr/bin/env bash
pwd
echo $(workspaces.ws.path)
workspaces:
- mountPath: /custom/path/relative/to/root
name: ws
执行结果
$ tkn task start change-ws-mountpath --showlog -w name=messages,claimName=tkn-pvc-1
TaskRun started: change-ws-mountpath-run-hdkc7
Waiting for logs to be available...
[write-message] /workspace
[write-message] /custom/path/relative/to/root
在Pipeline中使用Workspace的subPath
如果没有设置“subPath”,数据将写入Task对应容器的"/workspace/<WORKSPACE-NAME>"目录下,如果设置了“subPath”,则数据则写到“/workspace/<WORKSPACE-NAME>/<SUBPATH>"目录下。
apiVersion: tekton.dev/v1beta1
kind: Task
metadata:
name: write
spec:
steps:
- name: write
image: registry.access.redhat.com/ubi8/ubi-minimal
script: |
#!/usr/bin/env bash
echo bar > $(workspaces.write-ws.path)/foo
ls -l $(workspaces.write-ws.path)/foo
workspaces:
- name: write-ws
---
apiVersion: tekton.dev/v1beta1
kind: Task
metadata:
name: read-both
spec:
params:
- name: directory1
type: string
- name: directory2
type: string
workspaces:
- name: read-ws
steps:
- name: read
image: ubuntu
script: |
#!/usr/bin/env bash
ls -l $(workspaces.read-ws.path)/$(params.directory1)/foo
ls -l $(workspaces.read-ws.path)/$(params.directory2)/foo
rm -rf $(workspaces.read-ws.path)/$(params.directory1)/*
rm -rf $(workspaces.read-ws.path)/$(params.directory2)/*
---
apiVersion: tekton.dev/v1beta1
kind: Pipeline
metadata:
name: pipeline-using-different-subpaths
spec:
workspaces:
- name: ws
tasks:
- name: write-1
taskRef:
name: write
workspaces:
- name: write-ws
workspace: ws
subPath: dir-1
- name: write-2
runAfter:
- write-1
taskRef:
name: write
workspaces:
- name: write-ws
workspace: ws
subPath: dir-2
- name: read-all
runAfter:
- write-2
params:
- name: directory1
value: dir-1
- name: directory2
value: dir-2
taskRef:
name: read-both
workspaces:
- name: read-ws
workspace: ws
执行pipeline,确认在2个write过程是看不到subpath(但实际上有),而read-both则会全部显示。
$ tkn pipeline start pipeline-using-different-subpaths --showlog -w name=ws,claimName=tkn-pvc-1
PipelineRun started: pipeline-using-different-subpaths-run-psnqn
Waiting for logs to be available...
[writer-1 : write] -rw-rw-r--. 1 root 1000760000 4 Sep 7 11:58 /workspace/write-ws/foo
[writer-2 : write] -rw-rw-r--. 1 root 1000760000 4 Sep 7 11:58 /workspace/write-ws/foo
[read-all : read] -rw-rw-r--. 1 root 1000760000 4 Sep 7 11:58 /workspace/read-ws/dir-1/foo
[read-all : read] -rw-rw-r--. 1 root 1000760000 4 Sep 7 11:58 /workspace/read-ws/dir-2/foo
也可用以下命令单独运行每个Task。
$ tkn task start writer --showlog -w name=write-ws,claimName=tkn-pvc-1,subPath=dir-1
$ tkn task start writer --showlog -w name=write-ws,claimName=tkn-pvc-1,subPath=dir-2
$ tkn task start read-both --showlog -w name=read-ws,claimName=tkn-pvc-1 -p directory1=dir-1 -p directory2=dir-2
PipelineRun将资源关联
关联Workspace和PVC
使用PVC模板
- 命令引用方式
$ tkn pipeline start PIPELINE-NAME -w name=WORKSPACE-NAME,volumeClaimTemplateFile=PVC-FILE.yaml
- 文件引用方式
。。。
workspaces:
- name: WORKSPACE-NAME
volumeClaimTemplate:
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: PVC-NAME
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 500Mi
。。。
$ oc get pvc
NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS AGE
PVC-NAME Bound pvc-910260a3-3adc-4426-a95a-b6bb940a6179 1Gi RWO gp2 26m
使用 PVC 对象
- 命令引用方式
$ tkn pipeline start PIPELINE-NAME -w name=WORKSPACE-NAME,claimName=PVC-NAME
- 文件引用方式
。。。
workspaces:
- name: PIPELINE-NAME
persistentVolumeClaim:
claimName: PVC-NAME
。。。
参考
https://tekton.dev/docs/pipelines/migrating-v1alpha1-to-v1beta1
https://github.com/tektoncd/pipeline/blob/main/docs/tutorial.md
https://github.com/joellord/handson-tekton
https://github.com/joellord/tekton-lab
https://books.google.com.hk/books?id=hQg8EAAAQBAJ&pg=PR15&lpg=PR15&dq=Building+CI/CD+systems+using+Tekton+book+download+pdf&source=bl&ots=3tAy-keCOB&sig=ACfU3U2zEdQRI8uQBOVPKxkTqNYdhGig2A&hl=zh-CN&sa=X&redir_esc=y&sourceid=cndr#v=twopage&q&f=false
https://github.com/joellord/handson-tekton/tree/master/demo
https://redhat-scholars.github.io/tekton-tutorial/tekton-tutorial/workspaces.html
https://github.com/tektoncd/pipeline/tree/main/examples/v1beta1