使用以下这些示例代码段可以帮助你了解如何定义使用Knative构建。
首先使用kubectl apply创建该示例中使用的命名空间,如下所示:
cat <<EOF | kubectl apply -f - apiVersion: v1 kind: Namespace metadata: name: build-sample EOF
然后创建一个名为build-sample-secret.yaml的YAML文件,包含以下代码:
apiVersion: v1
kind: Secret
metadata:
name: build-sample
namespace: build-sample
annotations:
build.knative.dev/docker-0: https://index.docker.io/v1/
type: kubernetes.io/basic-auth
data:
username: <docker hub username>
password: <docker hub password>
上述示例中,在metadata中添加了如下的annotation,用于表示使用的Docker Registry注册库的访问地址,即Dockerhub的官方地址:
annotations: build.knative.dev/docker-0: https://index.docker.io/v1/
如果使用其他的Docker Registry注册库,例如阿里云镜像仓库,那么可以修改为:
annotations: build.knative.dev/docker-0: registry.cn-hangzhou.aliyuncs.com
注意,该文件包含经过base64编码处理过的Docker Registry注册库的用户名和密码。可以使用如下命令生成base64编码的字符串:
echo -n "original string" | base64
创建一个ServiceAccount资源对象,使你的构建能够使用该定义的身份验证信息运行,如下所示:
cat <<EOF | kubectl apply -f - apiVersion: v1 kind: ServiceAccount metadata: name: build-sample namespace: build-sample secrets: - name: build-sample EOF
通过运行kubectl apply命令定义一个名为build-sample的模板,执行如下命令:
cat <<EOF | kubectl apply -f -
apiVersion: build.knative.dev/v1alpha1
kind: BuildTemplate
metadata:
name: build-sample
namespace: build-sample
spec:
parameters:
- name: IMAGE
description: The name of the image to push
- name: DOCKERFILE
description: Path to the Dockerfile to build.
default: /Dockerfile
steps:
- name: build-and-push
image: registry.cn-hangzhou.aliyuncs.com/kaniko-project/executor
args:
- --dockerfile=${DOCKERFILE}
- --destination=${IMAGE}
EOF
最后,创建Knative Build资源定义文件build-sample.yaml,使用Docker Registry的用户名(注意,此处不需要经过base64编码处理),如下所示:
apiVersion: build.knative.dev/v1alpha1
kind: Build
metadata:
name: build-sample
namespace: build-sample
labels:
expect: succeeded
spec:
serviceAccountName: build-sample
source:
git:
# update this URL with your repo
url: https://github.com/osswangxining/docker-helloworld-go.git
revision: master
template:
name: build-sample
arguments:
- name: IMAGE
# update this with your docker registry image
value: docker.io/<username>/docker-helloworld-go:latest
在此Build资源定义中,可以看到使用了名为build-sample的模板,指定一个名为build-sample的ServiceAccount资源对象,这使你的构建能够使用定义的身份验证信息运行。
执行如下命令,创建Knative Build:
kubectl create -f build-sample.yaml
监视Knative Build创建过程,直到所有资源显示如下状态:
kubectl -n build-sample get pods,build,buildtemplate NAME READY STATUS RESTARTS AGE pod/build-sample-jh6ft 0/1 Completed 0 3m NAME SUCCEEDED REASON STARTTIME COMPLETIONTIME build.build.knative.dev/build-sample True 3m 3s NAME AGE buildtemplate.build.knative.dev/build-sample 3m
查看容器组build-sample-njpbs可以查看到构建的日志记录,如下所示:
kubectl -n build-sample logs -f build-sample-jh6ft -c build-step-build-and-push INFO[0000] Downloading base image registry.cn-hangzhou.aliyuncs.com/wangxining/ golang:latest 2018/12/30 03:08:33 No matching credentials were found, falling back on anonymous INFO[0000] Extracting layer 0 INFO[0006] Extracting layer 1 INFO[0007] Extracting layer 2 INFO[0008] Extracting layer 3 INFO[0011] Extracting layer 4 INFO[0016] Extracting layer 5 INFO[0025] Extracting layer 6 INFO[0025] Taking snapshot of full filesystem... INFO[0033] RUN mkdir -p /go/src/go-helloworld INFO[0033] cmd: /bin/sh INFO[0033] args: [-c mkdir -p /go/src/go-helloworld] INFO[0033] No files were changed, appending empty layer to config. No layer added to image. INFO[0033] COPY ./main.go /go/src/go-helloworld/ INFO[0033] Copying file /workspace/main.go to /go/src/go-helloworld/main.go INFO[0033] No files were changed, appending empty layer to config. No layer added to image. INFO[0033] RUN CGO_ENABLED=0 go build -a -installsuffix cgo -o /go/bin/go-helloworld ./src/go-helloworld INFO[0033] cmd: /bin/sh INFO[0033] args: [-c CGO_ENABLED=0 go build -a -installsuffix cgo -o /go/bin/go-helloworld ./src/go-helloworld] INFO[0040] Taking snapshot of full filesystem... INFO[0044] Storing source image from stage 0 at path /kaniko/stages/0 INFO[0067] trying to extract to /kaniko/0 INFO[0067] Extracting layer 0 INFO[0071] Extracting layer 1 INFO[0071] Extracting layer 2 INFO[0072] Extracting layer 3 INFO[0076] Extracting layer 4 INFO[0080] Extracting layer 5 INFO[0089] Extracting layer 6 INFO[0089] Extracting layer 7 INFO[0090] Deleting filesystem... INFO[0091] Downloading base image alpine:latest INFO[0097] Extracting layer 0 INFO[0098] Taking snapshot of full filesystem... INFO[0101] COPY --from=builder /go/bin/go-helloworld /go-helloworld INFO[0101] Copying file /kaniko/0/go/bin/go-helloworld to /go-helloworld INFO[0101] Taking snapshot of files... INFO[0101] WORKDIR / INFO[0101] cmd: workdir INFO[0101] Changed working directory to / INFO[0101] Taking snapshot of full filesystem... INFO[0101] No files were changed, appending empty layer to config. No layer added to image. INFO[0101] ENTRYPOINT ["/go-helloworld"] INFO[0101] No files changed in this command, skipping snapshotting. INFO[0101] No files were changed, appending empty layer to config. No layer added to image. 2018/12/30 03:10:17 existing blob: sha256:cd784148e3483c2c86c50a48e535302ab0288bebd587accf40b714fffd0646b3 2018/12/30 03:10:19 pushed blob sha256:e2f3e77594c0615fde79333aac78ecb177517805b9a68e4b51179cacecb3d753 2018/12/30 03:10:21 pushed blob sha256:5da4b576d770886c54149494e45b902ffb90082692b635db5792e9b97e1d1e3a 2018/12/30 03:10:21 index.docker.io/osswangxining/docker-helloworld-go:latest: digest: sha256:f77b9ab1be101d565e3642c79ed9e1a91c9cbae37d9b5d01819350d4a1d5f4e7 size: 592
通过日志记录可以看到,Knative Build会从Git中拉取源代码,并根据Dockerf ile内容构建容器镜像,最后将构建出的容器镜像推送到DockerRegistry注册库中。