Skip to main content

OpenShift

Dagger can be used to set up a Continuous Integration (CI) environment on an OpenShift cluster. This makes it possible to distribute CI workloads across multiple nodes and scale out as needed.

How it works

The architecture consists of a Dagger Engine DaemonSet which executes the pipelines and tainted nodes for dedicated workloads.

Dagger provides a Helm chart to create a Dagger Engine DaemonSet. The DaemonSet ensures that all matching nodes in the cluster run an instance of Dagger.

The Dagger DaemonSet configuration is designed to:

  • best utilize local Non-Volatile Memory Express (NVMe) hard drives of the worker nodes
  • reduce the amount of network latency and bandwidth requirements
  • simplify routing of Dagger SDK and CLI requests

Prerequisites

  • A functional OpenShift cluster.
  • The Helm package manager installed on your local machine.
  • The OpenShift CLI (oc) installed on your local machine.

Example

Create a values.yaml file to configure the Dagger Helm deployment. This includes a set of labels for the pod affinity and the taints and tolerations for the nodes.

nameOverride: ""
fullnameOverride: ""

engine:
  image:
    repository: registry.dagger.io/engine
    tag: latest
  tolerations:
    - effect: NoSchedule
      key: dagger-node
      operator: Exists
  affinity:
    nodeAffinity:
      requiredDuringSchedulingIgnoredDuringExecution:
        nodeSelectorTerms:
        - matchExpressions:
          - key: dagger-node
            operator: Exists

This configuration uses the label dagger-node=true to taint the nodes on which the Dagger Engine should be deployed.

Next, execute the following command for each node that is intended to host a Dagger Engine (replace the NODE-NAME placeholder with each node name):

oc adm taint nodes NODE-NAME dagger-node=true:NoSchedule

Install Dagger using the Dagger Helm chart and the configuration above:

helm upgrade --create-namespace --install --namespace dagger dagger oci://registry.dagger.io/dagger-helm -f values.yaml

Finally, grant the necessary permissions for the default service account in the dagger namespace:

warning

Without this step, pod creation will fail due to insufficient permissions to execute privileged containers with fixed user IDs and host path volume mounts.

oc adm policy add-scc-to-user privileged -z default -n dagger

Resources

If you have any questions about additional ways to use OpenShift with Dagger, join our Discord and ask your questions in our Kubernetes channel.

About OpenShift

OpenShift is a Kubernetes-based platform to build and deploy applications at scale.