Skip to main content

OpenShift

Dagger provides a Helm chart to create a Dagger Engine DaemonSet on an OpenShift cluster. A DaemonSet ensures that all matching nodes run an instance of Dagger Engine.

First, create a values.yaml file to configure the Dagger Helm deployment. This includes a set of labels for the pod affinity and the taints and tolerations for the nodes.

nameOverride: ""
fullnameOverride: ""

engine:
image:
repository: registry.dagger.io/engine
tag: v0.10.2
tolerations:
- effect: NoSchedule
key: builder-node
operator: Exists
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: builder-node
operator: Exists

This configuration uses the label builder-node=true to taint the nodes on which the Dagger Engine should be deployed.

Next, execute the following command for each node that is intended to host a Dagger Engine (replace the NODE-NAME placeholder with each node name):

oc adm taint nodes NODE-NAME builder-node=true:NoSchedule

Install the Dagger Engine using the Dagger Helm chart and the configuration above:

helm upgrade --create-namespace --install --namespace dagger dagger oci://registry.dagger.io/dagger-helm -f values.yaml

The Dagger Engine DaemonSet configuration is designed to:

  • best utilize local Non-Volatile Memory Express (NVMe) hard drives of the worker nodes
  • reduce the amount of network latency and bandwidth requirements
  • simplify routing of Dagger SDK and CLI requests

Finally, grant the necessary permissions for the default service account in the dagger namespace:

warning

Without this step, pod creation will fail due to insufficient permissions to execute privileged containers with fixed user IDs and host path volume mounts.

oc adm policy add-scc-to-user privileged -z default -n dagger