云原生 CI/CD 实战:Tekton vs Jenkins X vs GitHub Actions,K8s 原生流水线怎么选?
Kubernetes 原生 CI/CD 怎么选?Tekton、Jenkins X、GitHub Actions 深度对比,附实战代码。
为什么需要云原生 CI/CD?
传统 CI/CD 工具(Jenkins、GitLab CI)在云原生时代越来越吃力:
云原生 CI/CD 的核心优势:
三大方案快速对比
| 维度 | Tekton | Jenkins X | GitHub Actions |
|---|---|---|---|
| —— | ——– | ———– | —————- |
| 定位 | K8s 原生 CI/CD 框架 | Jenkins 的云原生升级版 | GitHub 原生 CI/CD |
| 部署方式 | 安装在 K8s 集群内 | 需要安装到 K8s | SaaS 服务,无需部署 |
| Pipeline 定义 | CRD(自定义资源) | Jenkinsfile (Jenkins X 格式) | YAML 工作流文件 |
| 学习曲线 | 中 | 高 | 低 |
| 社区活跃度 | ⭐⭐⭐⭐ | ⭐⭐⭐ | ⭐⭐⭐⭐⭐ |
| 适合场景 | 私有云、混合云 K8s 环境 | 企业级 K8s CI/CD | GitHub 托管项目 |
Tekton 实战:K8s 原生流水线
安装 Tekton
# 安装 Tekton Pipelines(核心组件) kubectl apply --filename https://storage.googleapis.com/tekton-releases/pipeline/latest/release.yaml # 安装 Tekton CLI(可选,方便操作) # macOS: brew install tektoncd-cli # Linux: curl -LO https://github.com/tektoncd/cli/releases/download/v0.32.0/tkn_0.32.0_Linux_x86_64.tar.gz tar xvzf tkn_0.32.0_Linux_x86_64.tar.gz sudo mv tkn /usr/local/bin/
第一个 Pipeline:构建 Docker 镜像并推送
# task-build.yaml - 定义构建任务
apiVersion: tekton.dev/v1beta1
kind: Task
metadata:
name: build-and-push
spec:
params:
- name: image-name
type: string
description: 镜像名称
- name: dockerfile-path
type: string
default: ./Dockerfile
workspaces:
- name: source # 源代码工作区
- name: dockerconfig # Docker 认证配置
steps:
- name: build-and-push
image: gcr.io/kaniko-project/executor:v1.9.0
env:
- name: DOCKER_CONFIG
value: /workspace/dockerconfig
command:
- /kaniko/executor
args:
- --dockerfile=$(params.dockerfile-path)
- --context=dir:///workspace/source
- --destination=$(params.image-name):latest
- --insecure # 如果是 HTTP 私有仓库
# pipeline.yaml - 定义流水线
apiVersion: tekton.dev/v1beta1
kind: Pipeline
metadata:
name: build-pipeline
spec:
workspaces:
- name: shared-workspace
- name: dockerconfig-workspace
tasks:
- name: fetch-source
taskRef:
name: git-clone # 使用官方 catalog 中的 task
workspaces:
- name: output
workspace: shared-workspace
params:
- name: url
value: https://github.com/your-org/your-repo.git
- name: build-and-push
taskRef:
name: build-and-push
workspaces:
- name: source
workspace: shared-workspace
- name: dockerconfig
workspace: dockerconfig-workspace
params:
- name: image-name
value: registry.cn-hangzhou.aliyuncs.com/your-namespace/your-app
runAfter:
- fetch-source # 依赖上一个任务
触发 Pipeline
# 创建 PipelineRun(一次运行实例)
cat <<EOF | kubectl apply -f -
apiVersion: tekton.dev/v1beta1
kind: PipelineRun
metadata:
name: build-pipeline-run-001
spec:
pipelineRef:
name: build-pipeline
workspaces:
- name: shared-workspace
volumeClaimTemplate:
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 2Gi
- name: dockerconfig-workspace
secret:
secretName: docker-registry-secret
params: []
EOF
# 查看运行状态
tkn pipelinerun describe build-pipeline-run-001
Jenkins X 实战:自动化 GitOps
Jenkins X 是 Jenkins 的云原生升级版,核心特性是 自动化 GitOps。
安装 Jenkins X
# 安装 jx CLI curl -L https://github.com/jenkins-x/jx/releases/download/v3.10.0/jx-windows-amd64.zip -o jx.zip # 解压后添加到 PATH # 在现有 K8s 集群上安装 Jenkins X jx boot # 会交互式询问: # - Git 仓库(用于存储 GitOps 配置) # - Docker Registry # - 域名(用于暴露应用)
创建 Spring Boot 应用并自动配置 CI/CD
# 导入现有项目 jx import my-spring-app # Jenkins X 会自动: # 1. 创建 Dockerfile(如果没有) # 2. 创建 Jenkinsfile(声明式 Pipeline) # 3. 在 GitOps 仓库中创建 Helm Chart # 4. 配置 Webhook,代码推送后自动触发构建
// Jenkinsfile - Jenkins X 自动生成
pipeline {
agent {
kubernetes {
label 'jenkins-agent'
yaml """
apiVersion: v1
kind: Pod
spec:
containers:
- name: maven
image: maven:3.8.6-jdk-11
command: ['cat']
tty: true
"""
}
}
stages {
stage('Build') {
steps {
container('maven') {
sh 'mvn clean package'
}
}
}
stage('Build Image') {
steps {
sh 'make image-build'
}
}
stage('Deploy to Staging') {
steps {
sh 'jx promote --version \$(cat VERSION) --env staging'
}
}
}
}
GitHub Actions 实战:最简单上手
如果你的代码在 GitHub,Actions 是最简单的选择。
完整 CI/CD 工作流
# .github/workflows/main.yml
name: CI/CD Pipeline
on:
push:
branches: [ main, develop ]
pull_request:
branches: [ main ]
env:
REGISTRY: registry.cn-hangzhou.aliyuncs.com
IMAGE_NAME: your-namespace/your-app
jobs:
test:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version: '20'
- run: npm ci
- run: npm test
build-and-push:
needs: test
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
# 设置 QEMU(多架构构建需要)
- uses: docker/setup-qemu-action@v3
- uses: docker/setup-buildx-action@v3
# 登录镜像仓库
- uses: docker/login-action@v3
with:
registry: ${{ env.REGISTRY }}
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
# 构建并推送
- uses: docker/build-push-action@v5
with:
context: .
push: true
tags: |
${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest
${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ github.sha }}
deploy:
needs: build-and-push
runs-on: ubuntu-latest
steps:
- name: Deploy to Kubernetes
uses: appleboy/ssh-action@v1.0.0
with:
host: ${{ secrets.K8S_MASTER_IP }}
username: root
key: ${{ secrets.SSH_PRIVATE_KEY }}
script: |
kubectl set image deployment/your-app \
your-app=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ github.sha }} \
-n production
选型建议
选 Tekton,如果你:
选 Jenkins X,如果你:
选 GitHub Actions,如果你:
总结
| 方案 | 上手难度 | 功能完整性 | 私有化部署 | 推荐指数 |
|---|---|---|---|---|
| —— | ———- | ———— | ———— | ———- |
| Tekton | ⭐⭐⭐ | ⭐⭐⭐⭐ | ✅ | ⭐⭐⭐⭐ |
| Jenkins X | ⭐⭐⭐⭐ | ⭐⭐⭐⭐⭐ | ✅ | ⭐⭐⭐ |
| GitHub Actions | ⭐ | ⭐⭐⭐⭐ | ❌ | ⭐⭐⭐⭐⭐ |
我的建议:
👤 作者简介
一枚在大中原腹地(河南)卖公有云的从业者,主营腾讯云/阿里云/火山云,曾踩坑无数,现专注AI大模型应用落地。关注公众号「公有云cloud」,围观AI前沿动态~
博客:yunduancloud.icu