March 31, 2020

Tekton vs Harness CD - Filming my Journey

Table of Contents

Fresh off the heels of KubeCon 2018 in Seattle, The Continuous Delivery Foundation was formed a little over a year ago in March 2019 which Harness is a member of. The charter projects were familiar projects to myself of Spinnaker and Jenkins/Jenkins X. Though there was another project I have never heard of before which was Tekton and I was very curious to learn more about the project. Using the answer box aka Google, the project was very green and even searching for “Tekton” would not have the project readily available. Even as today, the Tekton website is still being worked on as the project is rounding out a year.

Fast forward to today, the project continues to grow. Though Tekton is appearing to be more of an engine now e.g powering OpenShift Pipelines and even Jenkins X Pipelines. I went through an exercise by using Tekton by itself with a fresh pair of eyes. The goal is similar to other comparisons we made around Spinnaker and Jenkins X if we have an image e.g Nginx, how can we deploy to an awaiting Kubernetes cluster, in my case, Amazon EKS.

The video is about an hour-long where I go through the Tekton Tutorial. The wirings seemed to work together in Tekton; where I drew the line in the sand was creating source-to-image build steps. When looking at Tekton for yourself, I recommend the IBM Tekton Tutorial which does a good job listing out Tekton concepts. I was able to get Nginx deployed from zero to deployed including installing a Harness Delegate into my EKS cluster in about 5 minutes at the end of the video.

The “Tektonic” Video

Without further ado, here is the video. Compared to the other videos a new day didn’t elapse and no need for a change of shirt.

Methodology

Deploying an image is a good starting point for many people along their journey. Depending on existing development methodologies, moving to a GitOps-based approach can be difficult. Tekton with proper wiring can follow a stringent GitOps model or can wean away once the proper Tekton Objects are generated and in place per pipeline.

Leveraging Tekton there are several objects that you need to create. Familiarizing yourself with a Tekton Task and a Tekton Pipeline, both have Run objects which are needed to execute. Since Tekton leverages Custom Resource Definitions you do need to keep track of these objects.

I chose to run my Kubernetes Cluster in AWS with Amazon EKS. Starting out with the Tekton Setup requires a persistent area in which I was able to spin up quickly in Amazon S3 as I am an administrator on my account. Since I did not leverage source-to-image or other persistent Tekton Pipeline steps, the S3 bucket was never written to.

As Tekton is moving towards being an engine, once you have access to Tekton you have access to what Tekton has access to. I could not find at the time any sort of permissions out of the box from the project which access control is a pillar of the Harness Platform.

Towards the end, I fired up the Harness Platform and was able to get success pretty quickly. 

Harness vs. Tekton

This is thanks in part to the Harness CD Abstraction Model where loading up the moving parts is easy and assembling the pipeline is made rapid off of the parts.

In comparison below is the wiring needed for a basic Tekton Pipeline.

My Tekton Steps

##Tekton Commands

#Install Tekton
kubectl apply --filename https://storage.googleapis.com/tekton-releases/pipeline/latest/release.yaml

#Monitor Installation
kubectl get pods --namespace tekton-pipelines --watch

#Config Map for S3 - tekton-storage.yaml
apiVersion: v1
kind: Secret
metadata:
name: tekton-storage
namespace: tekton-pipelines
type: kubernetes.io/opaque
stringData:
boto-config: |
[Credentials]
aws_access_key_id = Key
aws_secret_access_key = Key
[s3]
host = s3.us-east-1.amazonaws.com
[Boto]
https_validate_certificates = True
---
apiVersion: v1
kind: ConfigMap
metadata:
name: config-artifact-bucket
namespace: tekton-pipelines
data:
location: s3://tektonstorage
bucket.service.account.secret.name: tekton-storage
bucket.service.account.secret.key: boto-config
bucket.service.account.field.name: BOTO_CONFIG

#Create Config Map
kubectl apply -f tekton-storage.yaml

#Validate Config Map
kubectl get configmap config-artifact-bucket -n tekton-pipelines -o yaml

#Install the Tekton CLI
brew tap tektoncd/tools
brew install tektoncd/tools/tektoncd-cli

#Validate Tekton CLI
tkn version

#Create a Task - nginx-task.yaml
apiVersion: tekton.dev/v1beta1
kind: Task
metadata:
name: nginx-task
spec:
steps:
- name: first
image: nginx

#Apply Task
kubectl apply -f nginx-task.yaml

#Describe Task
tkn task describe nginx-task

#Run the Task - nginx-task-run.yaml
apiVersion: tekton.dev/v1beta1
kind: TaskRun
metadata:
name: nginx-task-run
spec:
taskRef:
name: nginx-task

#Apply Task Run
kubectl apply -f nginx-task-run.yaml

#Validate Task Run
tkn taskrun describe nginx-task-run
tkn taskrun logs nginx-task-run

#Wrap the task in a pipeline - pipeline.yaml
apiVersion: tekton.dev/v1beta1
kind: Pipeline
metadata:
name: nginx-pipeline
spec:
tasks:
- name: nginx-pipeline-task
taskRef:
name: nginx-task

#Apply Pipeline
kubectl apply -f pipeline.yaml

#Create a Pipeline Run - pipeline-run.yaml
apiVersion: tekton.dev/v1beta1
kind: PipelineRun
metadata:
name: nginx-pipeline-run-1
spec:
pipelineRef:
name: nginx-pipeline

#Apply Pipeline Run
kubectl apply -f pipeline-run.yaml

#Get Pipeline Logs
tkn pipelinerun logs nginx-pipeline-run-1 -f

#Get Pipeline Plan
tkn pipelinerun describe nginx-pipeline-run-1


###Helper Methods
#Create EKS Cluster
eksctl create cluster \
--name The-Tektons \
--version 1.15 \
--region us-east-1 \
--nodegroup-name standard-workers \
--node-type t3.xlarge \
--nodes 4 \
--nodes-min 1 \
--nodes-max 5 \
--node-ami auto

#Delete Cluster
eksctl delete cluster --name=The-Tektons --region=us-east-1

#Add K8s Dashboard
kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.0-rc6/aio/deploy/recommended.yaml

#Add Service Account
#https://docs.aws.amazon.com/eks/latest/userguide/dashboard-tutorial.html
kubectl apply -f eks-admin-service-account.yaml

#Get Auth Token
kubectl -n kube-system describe secret $(kubectl -n kube-system get secret | grep eks-admin | awk '{print $1}')

#Launch Dashboard
kubectl proxy
http://localhost:8001/api/v1/namespaces/kubernetes-dashboard/services/https:kubernetes-dashboard:/proxy/#!/login

The Harness Platform, Your Confidence Engine

The Harness Platform is purpose-built to accept a wide swath of workloads and confidence building steps in a convention-based fashion. The Harness Platform can supercharge your Continuous Delivery goals by allowing many methodologies to be orchestrated by the platform in an easy to consume fashion.

Having the ability to have looked over several tools such as Spinnaker, Argo, and now Tekton, there is a lot of engineering expertise required in these tools. At DeliverConf, a recent talk talked about the need for composition; decomposing your pipeline into exactly what you need when you need it which code-heavy solutions allude to. The difficulty in that is coupling your deployables and infrastructure(s) to have the right components at the right time to execute a deployment. It is very reminiscent of designing the actual piece of software you are deploying; managing features across the journey.

We have taken a different approach with the Harness Platform. We have baked in an easy to consume interface acting as a system of record with convention-based deployments and deployment patterns. Sign up for a Harness Trial today to free yourself from building a platform for your platform.

Cheers,

-Ravi  

You might also like
No items found.

Similar Blogs

No items found.
Continuous Delivery & GitOps