Simplify your Red Hat OpenShift build pipeline with Tekton

Transcript

1. Simplify your Openshift build pipeline With Tekton (formerly known as

   Knative build-pipeline) Vincent Demeester Steve Speicher Principal Software Engineer Senior Principal Product Manager May 7, 2019

2. Agenda • Pipelines in OpenShift • Tekton pipelines • Demo

   • Tekton Pipeline Knative • Future !

3. OpenShift Pipelines

4. Pipelines in OpenShift 3 • Pipeline build strategy (BuildConfig) •

   Based on Jenkins and Jenkinsfiles • Embedded and SCM kind: "BuildConfig" apiVersion: "v1" metadata: name: "tasks-pipeline" spec: strategy: jenkinsPipelineStrategy: jenkinsfile: <pipeline> type: JenkinsPipeline

5. Love Jenkins, Hate Jenkins • Jenkins is not built for

   container environments • Jenkins needs babysitting and it become an overhead quickly* • Jenkins configuration is brittle • Jenkins doesn’t fit microservices team structures • Jenkins plugins mania • Jenkins at customers is often outside OpenShift, or is a self-created image • OpenShift Pipelines don’t replace Jenkins UI • OpenShift Pipelines are not standard Kubernetes objects (CRD) * https://jenkins.io/blog/2018/08/31/shifting-gears/

6. JenkinsPipeline Build Strategy

7. Pipelines in OpenShift 4 Support for existing investments in Jenkins

   Cloud-native CI/CD for OpenShift Based on Tekton pipeline

8. Tekton* Pipelines * A tektōn is a Greek artisan or

   craftsman

9. What is CI/CD ? Continuous Integration & Delivery Build code

   Run Tests Build Image Deploy to QA End-to-end tests Deploy to Prod Continuous Integration (CI) Continuous Delivery (CD) Source Repo Scan image

10. What is Tekton Pipeline A Kubernetes-native pipeline resource “The Tekton

    Pipelines project provides Kubernetes-style resources for declaring CI/CD-style pipelines.” “A Neutral Home for the Next Generation of Continuous Delivery Collaboration” Contributors: Google Red Hat CloudBees IBM …

11. What is Tekton Pipeline (bis) Tekton Pipelines are Cloud Native:

    • Run on Kubernetes • Have Kubernetes clusters as a first class type • Use containers as their building blocks Tekton Pipelines are Decoupled: • One Pipeline can be used to deploy to any k8s cluster • The Tasks which make up a Pipeline can easily be run in isolation • Resources such as git repos can be easily swapped between runs Tekton Pipelines are Typed: • The concept of typed resources means that for a resource such as an Image, implementations can easily be swapped out (e.g. building with kaniko v.s. buildah)

12. Tekton Pipeline main concepts Tekton Pipelines uses CRDs to extend

    Kubernetes with custom types : definitions. Task Step Step Pipeline Task Task Task Task Task • Task is a collection of sequential steps you would want to run as part of your continuous integration flow. A task will run inside a container on your cluster. ◦ Steps run on the same node • Pipeline is a collection tasks you want to run as part of your continuous integration flow. Tasks will be executed as a graph (Tasks can depend on each others). ◦ Tasks run on different nodes ◦ Link input and outputs

13. Tekton Pipeline main concepts Tekton Pipelines uses CRDs to extend

    Kubernetes with custom types: runtimes. Pipeline Run Task Run Pipeline Resource • PipelineResource is an object that is used as Input or Output for a Task. • TaskRun represents an execution of a Task. It binds a Task with resources (PipelineResource) and other constructs (parameters, service accounts, …). • PipelineRun represents an execution of a Pipeline. It binds a Pipeline and its Tasks with resources and other constructs (parameters, service accounts, …).

14. Tekton Pipeline usage master pull request local dev quay.io/prod-images github.com/myorg/

    myproj @ master https://prod.cluster End to End Pipeline End to End Pipeline End to End Pipeline quay.io/ staging-images github.com/myorg/ myproj @ 176efe9 https://staging.cluster quay.io/my-images github.com/myorg/ myproj @ 9af7ced https://my.cluster

15. Demo

16. Tekton Pipeline Knative

17. Serving An event-driven model that serves the container with your

    application and can "scale to zero". Events Common infrastructure for consuming and producing events that will stimulate applications. Knative is "...an extension to Kubernetes exposing building blocks to build modern, source-centric, and container-based applications that can run anywhere". Build A pluggable model for building artifacts, like jar files, zips or containers from source code. Tekton Pipeline Knative Can be swapped, e.g with Tekton pipelines

18. Tekton Pipeline Knative knative/eventing knative/serving tektoncd/pipeline GitHub Source Triggerer* PipelineRun

    Resource Pipeline Task Frontend Backend <sends> <sinks> <creates> <uses> <deploys> <uses>

19. The Future

20. OpenShift/Tekton Pipeline Roadmap Dev Preview Release Dev Preview Release(s) Tech

    Preview Release GA Release • Build-Test-Push-Deploy pipeline • Installation via OperatorHub • Tasks (S2I, dockerfile, oc client) • Push to Quay and OpenShift registry • Webhooks (GitHub) • Tekton CLI • OpenShift Dev Console • Tutorial on learn.openshift.com • Bootstrap from blueprints • Deploy apps for pull requests • Pipeline dependencies • Third-party integrations (code analysis, image scanning, etc) • CodeReady integrations • Notifications and ChatOps • Multi-tenancy Next 3 months 3-9 Months More than 9 Month • Gated pipelines • Metrics and trends • Multiple target clusters • Caching artifacts  • GitLab & BitBucket integration • Pull request workflow • Pipeline-as-code
21. None

22. OpenShift/Tekton Pipeline Roadmap • Installation operators, distributed via OperatorHub •

    Command-line (specific, upstream and integrated into openshift cli) • UI integrated in openshift console • Catalog of reusable tasks and pipelines (upstream and in openshift) • Native events (GitHub, Gitlab, … webhooks integration) • Gated pipelines • Notifications and ChatOps • More resources (PullRequestResource, …) • Simplified definitions / Scripting support • Third-party integrations (code analysis, image scanning, etc)

23. OPENSHIFT PIPELINES RED HAT CONFIDENTIAL 23 OPENSHIFT PIPELINES ROADMAP Dev

    Preview Release Dev Preview Release(s) Tech Preview Release GA Release MARCH 2019  • Build-Test-Push-Deploy pipeline • Installation via OperatorHub • Tasks (S2I, dockerfile, oc client) • Push to Quay and OpenShift registry • Webhooks (GitHub) • CLI & Dev Console • Tutorial on learn.openshift.com • Bootstrap from blueprints • Deploy apps for pull requests • Pipeline dependencies • Third-party integrations (code analysis, image scanning, etc) • CodeReady integrations • Notifications and ChatOps • Multi-tenancy Next 3 months 3-9 Months More than 9 Month • Gated pipelines • Metrics and trends • Multiple target clusters • Caching artifacts  • GitLab & BitBucket integration • Pull request workflow • Pipeline-as-code • GitOps

24. Speakers: Content Development Plan (see speaker notes) 45 minutes =

    (35 minutes speaking) + 10 minutes Q&A • Steve - 10 minutes ◦ Context, very brief history of pipelines in OpenShift, ◦ Some background on how Knative and Tekton got started • Vincent - 25 minutes ◦ Who am I impersonate ◦ Describe the app, workflow steps, … ◦ Let's deploy my first application (either manually or using the ci/cd) using knative ◦ Let's do some live changes, commit… ◦ … and watch things going \o/ ◦ Conclusion ▪ Overview of what Knative offers for dev'