Skip to main content

OpenShift

Dagger can be used to set up a Continuous Integration (CI) environment on an OpenShift cluster. This makes it possible to distribute CI workloads across multiple nodes and scale out as needed.

How it works​

The architecture consists of a Dagger Engine DaemonSet which executes the pipelines and tainted nodes for dedicated workloads.

Dagger provides a Helm chart to create a Dagger Engine DaemonSet. The DaemonSet ensures that all matching nodes in the cluster run an instance of Dagger.

The Dagger DaemonSet configuration is designed to:

  • best utilize local Non-Volatile Memory Express (NVMe) hard drives of the worker nodes
  • reduce the amount of network latency and bandwidth requirements
  • simplify routing of Dagger SDK and CLI requests

Prerequisites​

  • A functional OpenShift cluster.
  • The Helm package manager installed on your local machine.
  • The OpenShift CLI (oc) installed on your local machine.

Example​

Create a values.yaml file to configure the Dagger Helm deployment. This includes a set of labels for the pod affinity and the taints and tolerations for the nodes.

nameOverride: ""
fullnameOverride: ""

engine:
  image:
    repository: registry.dagger.io/engine
    tag: latest
  tolerations:
    - effect: NoSchedule
      key: dagger-node
      operator: Exists
  affinity:
    nodeAffinity:
      requiredDuringSchedulingIgnoredDuringExecution:
        nodeSelectorTerms:
        - matchExpressions:
          - key: dagger-node
            operator: Exists

This configuration uses the label dagger-node=true to taint the nodes on which the Dagger Engine should be deployed.

Next, execute the following command for each node that is intended to host a Dagger Engine (replace the NODE-NAME placeholder with each node name):

oc adm taint nodes NODE-NAME dagger-node=true:NoSchedule

Install Dagger using the Dagger Helm chart and the configuration above:

helm upgrade --create-namespace --install --namespace dagger dagger oci://registry.dagger.io/dagger-helm -f values.yaml

Finally, grant the necessary permissions for the default service account in the dagger namespace:

warning

Without this step, pod creation will fail due to insufficient permissions to execute privileged containers with fixed user IDs and host path volume mounts.

oc adm policy add-scc-to-user privileged -z default -n dagger

Resources​

If you have any questions about additional ways to use OpenShift with Dagger, join our Discord and ask your questions in our Kubernetes channel.

About OpenShift​

OpenShift is a Kubernetes-based platform to build and deploy applications at scale.