# Hands on Knative — Part 3

In Part 1, I talked about Knative Serving for rapid deployment and autoscaling of serverless containers. In Part 2, I talked about how to connect services in a loosely coupled way with Knative Eventing.

In third and last part of the series, I want to talk about Knative Build and show a few examples from my Knative Tutorial.

### What is Knative Build?

Knative Build basically allows you to go from source code to a container image in a registry. For example, you can write a build to obtain your source code from a repository, build a container image, push that image to a registry and then run that image, all within the Kubernetes cluster.

### Knative Build Primitives

There 4 main primitives for Knative Build:

1. Build: Represents an in-cluster build job with 1 or more steps.
2. BuildTemplate: A set of ordered and parameterized build steps.
3. Builder: A container in a Build step that performs an action (eg. build an image)
4. ServiceAccount: For authentication with DockerHub etc.

Let’s look at a concrete example.

### Hello World Build

In Hello World Build from my Knative Tutorial, we design a Build to build and push a container to Google Cloud Container Registry (GCR) with Kaniko.

Kaniko is a tool to build container images from a Dockerfile, inside a container in Kubernetes cluster. The advantage of Kaniko is that it doesn’t depend on a Docker daemon.

Create a build-helloworld-csharp-gcr.yaml build file. This uses Knative Build to download the source code in the ‘workspace’ directory and then use Kaniko as a Builder to build and push an image to GCR:

apiVersion: build.knative.dev/v1alpha1
kind: Build
name: build-helloworld-csharp-gcr
spec:
source:
git:
url: "https://github.com/knative/docs.git"
revision: "v0.1.x"
subPath: "serving/samples/helloworld-csharp/"
steps:
- name: build-and-push
image: "gcr.io/kaniko-project/executor:v0.6.0"
args:
- "--dockerfile=/workspace/Dockerfile"
# MY\_GCP\_PROJECT: Replace with the GCP Project's ID.
- "--destination=gcr.io/MY\_GCP\_PROJECT/helloworld-csharp:knativebuild"

You can kick the build by simply applying the yaml file (and see the progress as described in the tutorial):

kubectl apply -f build-helloworld-csharp-gcr.yaml

At the end of the build, you should see an image pushed to GCR:

### Secrets with ServiceAccount

The previous example did not require authentication. What if you want to push to DockerHub where authentication is not optional? My Docker Hub Build tutorial explains the steps in detail but to recap here, you need to:

1. Create a Secret in Kubernetes with Base64 encoded username and password for DockerHub.
2. Create a ServiceAccount in Kubernetes that uses that Secret.
3. Create a Build in Knative that uses that ServiceAccount.

The Build definition will be very similar to before, except it has an additional ServiceAccount section used for authentication:

apiVersion: build.knative.dev/v1alpha1
kind: Build
name: build-helloworld-csharp-docker
spec:
**serviceAccountName: build-bot**
source:
git:
url: "https://github.com/knative/docs.git"
revision: "v0.1.x"
subPath: "serving/samples/helloworld-csharp/"
steps:
- name: build-and-push
image: "gcr.io/kaniko-project/executor:v0.6.0"
args:
- "--dockerfile=/workspace/Dockerfile"
- "--destination=docker.io/{username}/helloworld-csharp:knativebuild"

### BuildTemplates and Kaniko

So far, we manually defined all the steps needed in our Build. BuildTemplate allows you to create Build steps as templates and reuse these steps from different Builds. Using Knative to deploy serverless applications to Kubernetes codelab shows how to create your own custom templates.

Knative also comes with a number of BuildTemplates that you can reuse in your Builds. One of those templates is for Kaniko. Let’s install that template to make it easier to use Kaniko in our Builds:

kubectl apply -f https://raw.githubusercontent.com/knative/build-templates/master/kaniko/kaniko.yaml

Check that the template is installed:

kubectl get buildtemplate
NAME      AGE
kaniko    24m

In the next section, we’ll use this template to run automatic builds.

### Automatic Build

In Knative, you can configure a Knative Service with a Build step. This allows Knative to build and push a container image whenever there’s a change in the service. I personally do not mixing serving and building, espeially for production, but it might be a good option for testing.

I have detailed instructions on how to set this up in Automatic Build section of my tutorial but you basically need a service definition file that looks like this:

apiVersion: serving.knative.dev/v1alpha1
kind: Service
name: helloworld-csharp-from-source
namespace: default
spec:
runLatest:
configuration:
**build**:
apiVersion: build.knative.dev/v1alpha1
kind: Build
spec:
serviceAccountName: build-bot
source:
git:
url: https://github.com/meteatamel/knative-tutorial.git
revision: master
subPath: "serving/helloworld-csharp/"
**template**:
name: kaniko
arguments:
- name: IMAGE
revisionTemplate:
spec:
container:
value: "C# Sample from-source"