定时清理tekton创建的pipelinerun
Word Count: 542(words)
Read Count: 3(minutes)
k8s版本是1.20.2,tekton pipeline的版本是0.26.0。目前它无法自动进行清理,每次手动清理很麻烦,所以需要搞一个定时清理。
参考了这个人的,但是它只能清理default命名空间下的,并且会删除掉正在运行中的pipelinerun,所以这里优化了下。
需求如下:
每30分钟清理一次已经跑完了的pipelinerun,每条pipeline只保留3个pipelinerun:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
| apiVersion: v1
kind: ServiceAccount
metadata:
namespace: tekton-pipelines
name: tekton-pipelinerun-cleaner
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: tekton-pipelinerun-cleaner-clusterrole
rules:
- apiGroups:
- "tekton.dev"
resources:
- pipelineruns
- pipelines
verbs:
- get
- list
- watch
- delete
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: tekton-pipelinerun-cleaner-clusterrolebinding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: tekton-pipelinerun-cleaner-clusterrole
subjects:
- kind: ServiceAccount
name: tekton-pipelinerun-cleaner
namespace: tekton-pipelines
---
apiVersion: batch/v1beta1
kind: CronJob
metadata:
namespace: tekton-pipelines
name: tekton-pipelinerun-cleaner
labels:
app: tekton-pipelinerun-cleaner
spec:
schedule: "*/30 * * * *"
concurrencyPolicy: Forbid
jobTemplate:
spec:
template:
spec:
restartPolicy: OnFailure
serviceAccount: tekton-pipelinerun-cleaner
containers:
- name: kubectl
image: hub.code-galaxy.net/bitnami/kubectl:1.20.15
env:
- name: NUM_TO_KEEP
value: "3"
command:
- /bin/bash
- -c
- >
while read -r PIPELINE; do
while read -r NAMESPACE; do
PIPELINERUN_NUM=$(kubectl -n ${NAMESPACE} get pipelinerun -l tekton.dev/pipeline=${PIPELINE} -o name | wc -l)
REMOVED_NUM=$(expr ${PIPELINERUN_NUM} - ${NUM_TO_KEEP})
if [ ${REMOVED_NUM} -le 0 ]
then
echo "$(date -Is) NAMESPACE=${NAMESPACE} PIPELINE=${PIPELINE} has ${PIPELINERUN_NUM} pipelineruns, le ${NUM_TO_KEEP}, skip"
continue
else
echo "$(date -Is) NAMESPACE=${NAMESPACE} PIPELINE=${PIPELINE} has ${PIPELINERUN_NUM} pipelineruns, gt ${NUM_TO_KEEP}, delete ${REMOVED_NUM}"
fi
while read -r PIPELINERUN_TO_REMOVE; do
test -n "${PIPELINERUN_TO_REMOVE}" || continue;
kubectl -n ${NAMESPACE} delete pipelinerun ${PIPELINERUN_TO_REMOVE} \
&& echo "$(date -Is) PipelineRun ${PIPELINERUN_TO_REMOVE} deleted." \
|| echo "$(date -Is) Unable to delete PipelineRun ${PIPELINERUN_TO_REMOVE}.";
done < <(kubectl -n ${NAMESPACE} get pipelinerun -l tekton.dev/pipeline=${PIPELINE} --sort-by=.status.startTime -o go-template='{{range .items}}{{if .status.completionTime}}{{.metadata.name}}{{"\n"}}{{end}}{{end}}' | head -n ${REMOVED_NUM})
echo -e "\n"
done < <(kubectl get pipeline -A --field-selector=metadata.name=${PIPELINE} -o go-template='{{range .items}}{{.metadata.namespace}}{{"\n"}}{{end}}')
done < <(kubectl get pipeline -A -o go-template='{{range .items}}{{.metadata.name}}{{"\n"}}{{end}}')
resources:
requests:
cpu: 50m
memory: 32Mi
limits:
cpu: 100m
memory: 64Mi
|
