1
0
mirror of https://github.com/avinal/avinal.github.io.git synced 2026-07-04 07:40:09 +05:30

add new blog

This commit is contained in:
2023-07-19 20:27:18 +05:30
parent 1168062168
commit 38bcfeead3
4 changed files with 369 additions and 62 deletions
@@ -37,11 +37,15 @@ So, what is the solution, how can you save your pipelines' data without having t
As mentioned on the [project repository](https://github.com/tektoncd/results):
> Tekton Results aims to help users logically group CI/CD workload history and separate out long term result storage away from the Pipeline controller. This allows you to:
> Tekton Results aims to help users logically group CI/CD workload history and
> separate out long term result storage away from the Pipeline controller. This
> allows you to:
>
> - Provide custom Result metadata about your CI/CD workflows not available in the Tekton TaskRun/PipelineRun CRDs (for example: post-run actions)
> - Provide custom Result metadata about your CI/CD workflows not available in
> the Tekton TaskRun/PipelineRun CRDs (for example: post-run actions)
> - Group related workloads together (e.g. bundle related TaskRuns and PipelineRuns into a single unit)
> - Make long-term result history independent of the Pipeline CRD controller, letting you free up etcd resources for Run execution.
> - Make long-term result history independent of the Pipeline CRD controller,
> letting you free up etcd resources for Run execution.
In short, Tekton results archives the run data (called results) and logs to an
external storage. Now you can safely prune completed TaskRuns/PipelineRuns and
@@ -60,15 +64,15 @@ be a persistent storage on the same cluster or hosted externally such as RDS.
If no external storage is attached, logs are also stored on a persistent storage
on the cluster, you may use a S3 (or compatible) storage solution for that.
The lifecycle of a *result* is as below:
The lifecycle of a _result_ is as below:
1. The first step is to create a Tekton PipelineRun or TaskRun.
2. The Watcher listens for any changes in the TaskRun or PipelineRun.
3. On change, Watcher updates (or creates) a corresponding `Record` or `Result` using the Results API.
Watcher adds annotations to the TaskRuns or PipelineRuns with proper identifiers. Watcher uses
these annotations to decide if the `Result` has been created/updated/finished or not.
Watcher adds annotations to the TaskRuns or PipelineRuns with proper identifiers. Watcher uses
these annotations to decide if the `Result` has been created/updated/finished or not.
4. You can now query the Results data using the API. If the run state is incomplete yet, the response
from the API will indicate that as well via the status flag.
from the API will indicate that as well via the status flag.
5. Once the TaskRun/PipelineRun has been completed, you can safely prune the resource object.
## Installing Tekton Results
@@ -80,80 +84,84 @@ demonstration, I will be using a Kind cluster and a local database.
- [Kind](https://kind.sigs.k8s.io/docs/user/quick-start/#installation) for a local Kubernetes cluster.
- [kubectl](https://kubernetes.io/docs/tasks/tools/#kubectl)
- [curl](https://curl.se/download.html) for quering the API.
- [curl](https://curl.se/download.html) for querying the API.
- [OpenSSL](https://www.openssl.org/source/) for generating certificates.
### Let's start
1. Create a Kind Cluster
```sh
kind create cluster --name tekton-results
kind export kubeconfig --name tekton-results
```
```bash
kind create cluster --name tekton-results
kind export kubeconfig --name tekton-results
```
2. [Tekton Pipelines]() must be installed on the cluster. You can install it using the command below.
2. [Tekton Pipelines](https://github.com/tektoncd/results) must be installed on
the cluster. You can install it using the command below.
```sh
kubectl apply --filename https://storage.googleapis.com/tekton-releases/pipeline/latest/release.yaml
```
```bash
kubectl apply --filename https://storage.googleapis.com/tekton-releases/pipeline/latest/release.yaml
```
3. Generate a database root password and store as a Kubernetes Secret. If you are using an external
database, prove the credential for the same. Here is a bare minimum requirement as YAML.
database, prove the credential for the same. Here is a bare minimum requirement as YAML.
```yaml
apiVersion: v1
kind: Secret
metadata:
name: tekton-results-postgres
namespace: tekton-pipelines
type: Opaque
data:
POSTGRES_USER: postgres
POSTGRES_PASSWORD: <your-password>
```
```yaml
apiVersion: v1
kind: Secret
metadata:
name: tekton-results-postgres
namespace: tekton-pipelines
type: Opaque
data:
POSTGRES_USER: postgres
POSTGRES_PASSWORD: <your-password>
```
You can directly use the command line as well:
You can directly use the command line as well:
```sh
kubectl create secret generic tekton-results-postgres --namespace="tekton-pipelines" --from-literal=POSTGRES_USER=postgres --from-literal=POSTGRES_PASSWORD=$(openssl rand -base64 20)
```
```bash
kubectl create secret generic tekton-results-postgres \
--namespace="tekton-pipelines" \
--from-literal=POSTGRES_USER=postgres \
--from-literal=POSTGRES_PASSWORD=$(openssl rand -base64 20)
```
4. Generate a cert/key pair. You may use any cert management software to generate this. You can even
use cluster generated certs.
use cluster generated certs.
```sh
openssl req -x509 \
-newkey rsa:4096 \
-keyout key.pem \
-out cert.pem \
-days 365 \
-nodes \
-subj "/CN=tekton-results-api-service.tekton-pipelines.svc.cluster.local" \
-addext "subjectAltName = DNS:tekton-results-api-service.tekton-pipelines.svc.cluster.local"
```
```bash
openssl req -x509 \
-newkey rsa:4096 \
-keyout key.pem \
-out cert.pem \
-days 365 \
-nodes \
-subj "/CN=tekton-results-api-service.tekton-pipelines.svc.cluster.local" \
-addext "subjectAltName = DNS:tekton-results-api-service.tekton-pipelines.svc.cluster.local"
```
5. Create another TLS Kubernetes Secret with the name `tekon-results-tls` to store the cert/key pair.
```sh
kubectl create secret tls -n tekton-pipelines tekton-results-tls \
--cert=cert.pem \
--key=key.pem
```
```bash
kubectl create secret tls -n tekton-pipelines tekton-results-tls \
--cert=cert.pem \
--key=key.pem
```
6. Install Tekton Results
```sh
kubectl apply -f https://storage.googleapis.com/tekton-releases/results/latest/release.yaml
```
```bash
kubectl apply -f https://storage.googleapis.com/tekton-releases/results/latest/release.yaml
```
7. You can check the status of the deployments using the below command. Do not worry
if some deployments show `CrashLoopBackOff`. Wait for some time, and
they should all be running.
if some deployments show `CrashLoopBackOff`. Wait for some time, and
they should all be running.
```sh
kubectl get pods -n tekton-pipelines --watch
```
```bash
kubectl get pods -n tekton-pipelines --watch
```
Once all deployments are ready, we can start creating some TaskRuns/PipelineRuns. In the next part
of this blog, I will explain how to retrieve data from Tekton Results. Happy Reading.
@@ -161,4 +169,4 @@ of this blog, I will explain how to retrieve data from Tekton Results. Happy Rea
## References
- [Tekton Results](https://github.com/tektoncd/results)
- [Tekton Pipelines](https://github.com/tektoncd/pipelines)
- [Tekton Pipelines](https://github.com/tektoncd/pipeline)