A Spotlight on Tekton

By Agustin Romano
Google Cloud Platform's #Tekton

Until very recently, developers relied on third-party tools like Jenkins X to automate continuous integration and delivery pipelines. Jenkins X is a very capable CI/CD framework indeed, and it really simplifies the tasks associated with maintaining an efficient CI/CD pipeline.

The only real challenge when using Jenkins X or other similar tools is integrating the framework with Kubernetes natively. While it is easy to manage pipelines using external tools, managing them natively from within Kubernetes has always been a challenge.

That’s where Tekton comes in. In simple terms, Tekton is designed to make k8s-style resources for declaring CI/CD-style pipelines available natively, making the whole process of managing and automating CI/CD pipelines easier.

More About Tekton

Being a product of Google Cloud Platform⁠—and backed by a community of developers⁠—Tekton is quickly becoming the go-to framework for creating CI/CD pipelines. Since it is designed to handle CI/CD workflows, Tekton is more than capable of building, testing, and deploying your codes.

It natively supports multiple cloud providers; Tekton will even work with on-premise clusters. However, Tekton integrates with GCP seamlessly and offers the easiest way to utilize tools such as Container Registry for end-to-end pipeline management.

Tekton also supports complex workflows. No matter what kind of deployment approach you use, Tekton can automate most⁠—if not all⁠—of the tasks in hand for you. When doing a canary rollout, for instance, Tekton automatically compartmentalize your production traffic for maximum reliability.

Integrating tools such as early warning systems and generating insights from the pipelines you maintain are also very easy to do. Once again, you get easier integration features with other Google Cloud Platform products, but Tekton is basically designed to work with multiple cloud platforms and tools.

Key Characteristics of Tekton

Tekton is very interesting as a framework for a number of reasons. It has some key characteristics that make Tekton very robust and flexible, starting with the fact that it completely decouples your CI/CD pipelines from implementation details.

Being decoupled, you can use a single CI/CD pipeline to deploy to any Kubernetes cluster. Deploying to multiple clusters or integrating a multi-cloud environment is just as easy, especially now that the pipeline is no longer dependent on these details.

Taking it a step further, Tekton also allows for repos and other resources to be switched between cycles. This, once again, saves a lot of time and resources since it means you can deploy from different Git repos without having to reconfigure the entire pipeline.

There is also the fact that tasks inside the pipeline can be isolated from each other. You can construct a complex pipeline with multiple building blocks, and then isolate each block whenever necessary, all for a truly robust CI/CD workflow.

That last part is due to the fact that Tekton resources are typed. You can have resources labeled as Image or Tooling and make them completely swappable. Instead of sticking with a single artefact building tool, for instance, you can swap the tools you use at any point.

Cloud-Native Pipelines

The isolation we discussed earlier also comes with tasks and runtimes being placed inside containers. Tekton treats Kubernetes clusters as a first class type. You can use a persistent volume as artifact storage, and everything can be configured using a simple ConfigMap.

Notifications and Controller Behavior

CloudEvent notifications are natively supported. There is no need to go through the trouble of manually configuring triggers. Simply set the URL of the sink, and TaskRun and PipelineRun runtime events will automatically generate notifications.

There is a lot of room for customizing the basic execution parameters, and everything is done from your ConfigMap. The first thing you want to do after installing and configuring Tekton is changing the default-service-account from default to tekton. You can then set the default-pod-template as well as configure the default-timeout-minutes to suit your specific needs.

Other pipeline behavior can be further customized. Tekton does offer some parameters to help refine the pipelines you run to a certain degree. You can, for example, disable Affinity Assistant by simply adding disable-affinity-assistant = true to the ConfigMap. Since Affinity Assistant uses a lot of cluster resources, disabling it can significantly optimize your pipeline.

Another handy feature is the disable-home-env-overwrite flag. It prevents Tekton to overwrite the $HOME parameters; this used to be the default setting, but the latest version of Tekton now defaults to false to prevent accidental parameter changes.

Naturally, you also need to add your gcs-config⁠—or the config for your cloud service provider⁠—to get Tekton to work properly. Tekton requires a service account and a project ID, along with tokens and auth details as usual.

So, Why Tekton?

That brings us to the most significant question: why use Tekton? From the features and capabilities that we have discussed so far, it is easy to see how Tekton can be used to completely abstract implementation details, making CI/CD pipelines more universal and less dependent.

Tekton also pushes for standardization of CI/CD processes, which means you can use tools like Jenkins X and Skaffold without veering away from CI/CD best practices. The entire pipeline can be made to strict standards regardless of the tools and resources you use.

Compliance with best practices is another reason why Tekton is incredibly handy. Rollbacks are certainly easy. You have access to more deployment patterns too⁠—including canary rollout and blue/green rollout. You even have the ability to adopt GitOps and integrate version control with your infrastructure management workflows.

All things considered, Tekton gives you the maximum flexibility when creating pipelines. It allows you to be more agile with integration and deployment. It also simplifies requirements and prerequisites, automating the pipeline more than ever. Regardless of how your teams want to build, test, and deploy new codes, Tekton is the perfect tool for the job.

Caylent provides a critical DevOps-as-a-Service function to high growth companies looking for expert support with Kubernetes, cloud security, cloud infrastructure, and CI/CD pipelines. Our managed and consulting services are a more cost-effective option than hiring in-house, and we scale as your team and company grow. Check out some of the use cases, learn how we work with clients, and read more about our DevOps-as-a-Service offering.