Tekton 在 Kubernetes 集群中的完整安装步骤

Tekton 在 Kubernetes 集群中的完整安装步骤

前提条件

1. 确保 Kubernetes 集群运行正常

# 检查集群状态
kubectl cluster-info
kubectl get nodes

# 确保所有节点都是 Ready 状态
NAME                        STATUS   ROLES           AGE     VERSION
k8s-cluster-control-plane   Ready    control-plane   4m25s   v1.29.4
k8s-cluster-worker          Ready    worker          4m4s    v1.29.4
k8s-cluster-worker2         Ready    worker          4m2s    v1.29.4
k8s-cluster-worker3         Ready    worker          4m3s    v1.29.4
k8s-cluster-worker4         Ready    worker          4m2s    v1.29.4

安装步骤

步骤 1: 安装 Tekton Pipelines 核心组件

# 安装最新版本的 Tekton Pipelines
kubectl apply --filename https://storage.googleapis.com/tekton-releases/pipeline/latest/release.yaml

预期输出示例:

namespace/tekton-pipelines created
namespace/tekton-pipelines-resolvers created
podsecuritypolicy.policy/tekton-pipelines created
clusterrole.rbac.authorization.k8s.io/tekton-pipelines-controller-cluster-access created
clusterrole.rbac.authorization.k8s.io/tekton-pipelines-controller-tenant-access created
...

步骤 2: 验证 Tekton Pipelines 安装

# 检查 tekton-pipelines 命名空间
kubectl get namespaces | grep tekton

# 等待所有 Pod 启动完成
kubectl get pods --namespace tekton-pipelines

# 等待所有组件就绪（可能需要几分钟）
kubectl wait --for=condition=ready pod --all -n tekton-pipelines --timeout=300s

预期状态:

NAME                                          READY   STATUS    RESTARTS   AGE
tekton-events-controller-859c5f4d6c-76sfr     1/1     Running   0          65s
tekton-pipelines-controller-9957f8d7b-9qgf4   1/1     Running   0          65s
tekton-pipelines-webhook-58fc8c8df-492q2      1/1     Running   0          65s

步骤 3: 安装 Tekton Dashboard（可选但推荐）

# 安装 Tekton Dashboard
kubectl apply --filename https://storage.googleapis.com/tekton-releases/dashboard/latest/release.yaml

预期输出示例:

customresourcedefinition.apiextensions.k8s.io/extensions.dashboard.tekton.dev created
serviceaccount/tekton-dashboard created
role.rbac.authorization.k8s.io/tekton-dashboard-info created
...
deployment.apps/tekton-dashboard created

步骤 4: 验证 Dashboard 安装

# 检查 Dashboard Pod 状态
kubectl get pods --namespace tekton-pipelines | grep dashboard

# 检查 Dashboard 服务
kubectl get services --namespace tekton-pipelines | grep dashboard

预期状态:

tekton-dashboard-74746d598c-w9lmx             1/1     Running   0          54s

NAME                          TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)    AGE
tekton-dashboard              ClusterIP   10.96.111.202   <none>        9097/TCP   67s

步骤 5: 访问 Tekton Dashboard

# 启动端口转发
kubectl port-forward -n tekton-pipelines service/tekton-dashboard 9097:9097 &

# 在浏览器中访问
# http://localhost:9097

步骤 6: 安装 Tekton CLI（可选）

方法 1: 使用 Homebrew（推荐）

brew install tektoncd/tools/tektoncd-cli

方法 2: 直接下载（如果 Homebrew 失败）

# 对于 macOS ARM64
curl -LO "https://github.com/tektoncd/cli/releases/latest/download/tkn_Darwin_arm64.tar.gz"
tar -xzf tkn_Darwin_arm64.tar.gz
sudo mv tkn /usr/local/bin/
rm tkn_Darwin_arm64.tar.gz

# 验证安装
tkn version

验证安装

创建测试 Task

# 创建测试文件
cat << EOF > hello-task.yaml
apiVersion: tekton.dev/v1beta1
kind: Task
metadata:
  name: hello-task
spec:
  steps:
    - name: hello
      image: ubuntu
      command:
        - echo
      args:
        - "Hello World from Tekton!"
EOF

# 应用 Task
kubectl apply -f hello-task.yaml

创建测试 Pipeline

# 创建 Pipeline 文件
cat << EOF > hello-pipeline.yaml
apiVersion: tekton.dev/v1beta1
kind: Pipeline
metadata:
  name: hello-pipeline
spec:
  tasks:
    - name: hello-task
      taskRef:
        name: hello-task
EOF

# 应用 Pipeline
kubectl apply -f hello-pipeline.yaml

运行测试 PipelineRun

# 创建 PipelineRun 文件
cat << EOF > hello-pipelinerun.yaml
apiVersion: tekton.dev/v1beta1
kind: PipelineRun
metadata:
  name: hello-pipelinerun-001
spec:
  pipelineRef:
    name: hello-pipeline
EOF

# 运行 Pipeline
kubectl apply -f hello-pipelinerun.yaml

查看运行结果

# 查看 PipelineRun 状态
kubectl get pipelineruns

# 查看 TaskRun 状态
kubectl get taskruns

# 查看执行日志
kubectl logs hello-pipelinerun-001-hello-task-pod

预期成功输出:

Hello World from Tekton!

故障排查

常见问题及解决方案

1. Pod 一直处于 Pending 状态

# 检查节点资源
kubectl describe nodes

# 检查 Pod 事件
kubectl describe pod <pod-name> -n tekton-pipelines

2. 镜像拉取失败

# 检查网络连接
docker pull ubuntu

# 如果是私有镜像，配置 imagePullSecrets
kubectl create secret docker-registry regcred \
  --docker-server=<your-registry-server> \
  --docker-username=<your-name> \
  --docker-password=<your-password>

3. Dashboard 无法访问

# 检查端口转发进程
ps aux | grep "kubectl port-forward"

# 重新启动端口转发
kubectl port-forward -n tekton-pipelines service/tekton-dashboard 9097:9097

4. 权限问题

# 检查 ServiceAccount 权限
kubectl get serviceaccounts
kubectl describe serviceaccount default

# 如果需要，创建 RBAC 规则
kubectl create clusterrolebinding default-admin \
  --clusterrole=cluster-admin \
  --serviceaccount=default:default

卸载 Tekton

完全卸载步骤

# 1. 删除所有 PipelineRuns 和 TaskRuns
kubectl delete pipelineruns --all
kubectl delete taskruns --all

# 2. 删除自定义的 Tasks 和 Pipelines
kubectl delete tasks --all
kubectl delete pipelines --all

# 3. 卸载 Tekton Dashboard
kubectl delete --filename https://storage.googleapis.com/tekton-releases/dashboard/latest/release.yaml

# 4. 卸载 Tekton Pipelines
kubectl delete --filename https://storage.googleapis.com/tekton-releases/pipeline/latest/release.yaml

# 5. 验证卸载
kubectl get namespaces | grep tekton

安装验证清单

• Kubernetes 集群运行正常
• Tekton Pipelines 组件全部 Running
• Tekton Dashboard 可以访问
• 测试 Pipeline 执行成功
• CLI 工具安装成功（可选）

下一步

安装完成后，你可以：

1. 学习 Tekton 概念: Task, Pipeline, PipelineRun, TaskRun
2. 创建复杂流水线: 包含构建、测试、部署步骤
3. 集成 Git: 使用 git-clone Task 从仓库获取代码
4. 配置触发器: 使用 Tekton Triggers 实现自动化
5. 监控和日志: 通过 Dashboard 和 kubectl 监控执行状态

参考资源

• Tekton 官方文档
• Tekton GitHub
• Tekton Catalog - 预构建的 Tasks 和 Pipelines