Prerequisites
- A Kubernetes cluster running version 1.24 or later.
- Kubectl.
- Grant cluster-admin privileges to the current user.
- Install a Metrics Server if you need support for high-availability use cases.
Installation
To install Tekton Pipelines on OpenShift, you must first apply the anyuid
security context constraint to the tekton-pipelines-controller
service account. This is required to run the webhook Pod.
Log on as a user with cluster-admin privileges.
oc login -u system:admin
Set up the namespace (project) and configure the service account:
oc new-project tekton-pipelines
oc adm policy add-scc-to-user anyuid -z tekton-pipelines-controller
oc adm policy add-scc-to-user anyuid -z tekton-pipelines-webhook
Install Tekton Pipelines
Because OpenShift uses a random user ID for pods, we need to remove the securityContext.runAsUser
and securityContext.runAsGroup
from any container from the release.yaml
.
You will need to have yq
installed for this to work. Another way would be to download the yaml
, search and replace it in your favorite editor.
curl https://storage.googleapis.com/tekton-releases/pipeline/latest/release.notags.yaml | yq 'del(.spec.template.spec.containers[].securityContext.runAsUser, .spec.template.spec.containers[].securityContext.runAsGroup)' | oc apply -f -
Monitor the installation using the following command until all components show a Running status:
oc get pods --namespace tekton-pipelines --watch
Congratulations! ππ₯πΆπ
You have successfully installed Tekton Pipelines on your OpenShift environment.
Top comments (0)