kubernetes pipeline executes pipeline steps as containers inside Kubernetes pods. Containers provide isolation allowing safe execution of concurrent pipelines on the same machine.
A major benefit of container-based pipelines is the ability to bring your own build environment, in the form of a Docker image. Drone automatically downloads docker images at runtime.
Example pipeline configuration:
The kind and type attributes define a Kubernetes pipeline.
steps section defines a series of shell commands. These commands are executed inside the Docker container as the
Entrypoint. If any command returns a non-zero exit code, the pipeline fails and exits.
Kubernetes vs Docker Pipelines
A Kubernetes pipeline and Docker pipeline share many similarities, but they should not be considered drop-in replacements for one another. There are a few notable differences in the configuration syntax and runtime behavior.
- Kubernetes pipelines are scheduled to execute in the same Pod and therefore share the same network. This means services are accessible at a
localhostaddress vs a custom hostname.
- Kubernetes pipelines are scheduled by Kubernetes which provides advanced affinity options. The Kubernetes runner exposes Node Selector capabilities to the pipeline using the
- Kubernetes containers automatically mount service account credentials to
/var/run/secrets/kubernetes.io/serviceaccount. This may have security implications and may impact plugins that integrate with Kubernetes.
Kubernetes pipelines are considered experimental and may not be suitable for production use yet. You may experience unexpected issues, some of which are detailed below.
- The pipeline status is not correctly passed to containers, impacting plugins that rely on this value. This primarily impacts notification plugins, such as Slack, which will always report the pipeline status as success.
- The command line utility does not support linting, formatting or exection of Kubernetes pipelines.