Chapter 1. Installing OpenShift Pipelines
This guide walks cluster administrators through the process of installing the Red Hat OpenShift Pipelines Operator to an OpenShift Container Platform cluster.
Prerequisites
-
You have access to an OpenShift Container Platform cluster using an account with
cluster-admin
permissions. -
You have installed
oc
CLI. -
You have installed OpenShift Pipelines (
tkn
) CLI on your local system. - Your cluster has the Marketplace capability enabled or the Red Hat Operator catalog source configured manually.
In a cluster with both Windows and Linux nodes, Red Hat OpenShift Pipelines can run on only Linux nodes.
1.1. Installing the Red Hat OpenShift Pipelines Operator in web console
You can install Red Hat OpenShift Pipelines using the Operator listed in the OpenShift Container Platform OperatorHub. When you install the Red Hat OpenShift Pipelines Operator, the custom resources (CRs) required for the pipelines configuration are automatically installed along with the Operator.
The default Operator custom resource definition (CRD) config.operator.tekton.dev
is now replaced by tektonconfigs.operator.tekton.dev
. In addition, the Operator provides the following additional CRDs to individually manage OpenShift Pipelines components: tektonpipelines.operator.tekton.dev
, tektontriggers.operator.tekton.dev
and tektonaddons.operator.tekton.dev
.
If you have OpenShift Pipelines already installed on your cluster, the existing installation is seamlessly upgraded. The Operator will replace the instance of config.operator.tekton.dev
on your cluster with an instance of tektonconfigs.operator.tekton.dev
and additional objects of the other CRDs as necessary.
If you manually changed your existing installation, such as, changing the target namespace in the config.operator.tekton.dev
CRD instance by making changes to the resource name - cluster
field, then the upgrade path is not smooth. In such cases, the recommended workflow is to uninstall your installation and reinstall the Red Hat OpenShift Pipelines Operator.
The Red Hat OpenShift Pipelines Operator now provides the option to choose the components that you want to install by specifying profiles as part of the TektonConfig
custom resource (CR). The TektonConfig
CR is automatically installed when the Operator is installed. The supported profiles are:
- Lite: This installs only Tekton Pipelines.
- Basic: This installs Tekton Pipelines, Tekton Triggers, and Tekton Chains.
-
All: This is the default profile used when the
TektonConfig
CR is installed. This profile installs all of the Tekton components, including Tekton Pipelines, Tekton Triggers, Tekton Chains, Pipelines as Code, and Tekton Addons. Tekton Addons includes theClusterTasks
,ClusterTriggerBindings
,ConsoleCLIDownload
,ConsoleQuickStart
, andConsoleYAMLSample
resources, as well as the tasks available using the cluster resolver from theopenshift-pipelines
namespace.
Procedure
-
In the Administrator perspective of the web console, navigate to Operators
OperatorHub. -
Use the Filter by keyword box to search for
Red Hat OpenShift Pipelines
Operator in the catalog. Click the Red Hat OpenShift Pipelines Operator tile. - Read the brief description about the Operator on the Red Hat OpenShift Pipelines Operator page. Click Install.
On the Install Operator page:
-
Select All namespaces on the cluster (default) for the Installation Mode. This mode installs the Operator in the default
openshift-operators
namespace, which enables the Operator to watch and be made available to all namespaces in the cluster. - Select Automatic for the Approval Strategy. This ensures that the future upgrades to the Operator are handled automatically by the Operator Lifecycle Manager (OLM). If you select the Manual approval strategy, OLM creates an update request. As a cluster administrator, you must then manually approve the OLM update request to update the Operator to the new version.
Select an Update Channel.
-
The
latest
channel enables installation of the most recent stable version of the Red Hat OpenShift Pipelines Operator. Currently, it is the default channel for installing the Red Hat OpenShift Pipelines Operator. To install a specific version of the Red Hat OpenShift Pipelines Operator, cluster administrators can use the corresponding
pipelines-<version>
channel. For example, to install the Red Hat OpenShift Pipelines Operator version1.8.x
, you can use thepipelines-1.8
channel.NoteStarting with OpenShift Container Platform 4.11, the
preview
andstable
channels for installing and upgrading the Red Hat OpenShift Pipelines Operator are not available. However, in OpenShift Container Platform 4.10 and earlier versions, you can use thepreview
andstable
channels for installing and upgrading the Operator.
-
The
-
Select All namespaces on the cluster (default) for the Installation Mode. This mode installs the Operator in the default
Click Install. You will see the Operator listed on the Installed Operators page.
NoteThe Operator is installed automatically into the
openshift-operators
namespace.Verify that the Status is set to Succeeded Up to date to confirm successful installation of Red Hat OpenShift Pipelines Operator.
WarningThe success status may show as Succeeded Up to date even if installation of other components is in-progress. Therefore, it is important to verify the installation manually in the terminal.
Verify that all components of the Red Hat OpenShift Pipelines Operator were installed successfully. Login to the cluster on the terminal, and run the following command:
$ oc get tektonconfig config
Example output
NAME VERSION READY REASON config 1.15.0 True
If the READY condition is True, the Operator and its components have been installed successfully.
Additonally, check the components' versions by running the following command:
$ oc get tektonpipeline,tektontrigger,tektonchain,tektonaddon,pac
Example output
NAME VERSION READY REASON tektonpipeline.operator.tekton.dev/pipeline v0.47.0 True NAME VERSION READY REASON tektontrigger.operator.tekton.dev/trigger v0.23.1 True NAME VERSION READY REASON tektonchain.operator.tekton.dev/chain v0.16.0 True NAME VERSION READY REASON tektonaddon.operator.tekton.dev/addon 1.11.0 True NAME VERSION READY REASON openshiftpipelinesascode.operator.tekton.dev/pipelines-as-code v0.19.0 True
1.2. Installing the OpenShift Pipelines Operator using the CLI
You can install Red Hat OpenShift Pipelines Operator from the OperatorHub using the CLI.
Procedure
Create a Subscription object YAML file to subscribe a namespace to the Red Hat OpenShift Pipelines Operator, for example,
sub.yaml
:Example Subscription
apiVersion: operators.coreos.com/v1alpha1 kind: Subscription metadata: name: openshift-pipelines-operator namespace: openshift-operators spec: channel: <channel name> 1 name: openshift-pipelines-operator-rh 2 source: redhat-operators 3 sourceNamespace: openshift-marketplace 4
- 1
- The channel name of the Operator. The
pipelines-<version>
channel is the default channel. For example, the default channel for Red Hat OpenShift Pipelines Operator version1.7
ispipelines-1.7
. Thelatest
channel enables installation of the most recent stable version of the Red Hat OpenShift Pipelines Operator. - 2
- Name of the Operator to subscribe to.
- 3
- Name of the CatalogSource that provides the Operator.
- 4
- Namespace of the CatalogSource. Use
openshift-marketplace
for the default OperatorHub CatalogSources.
Create the Subscription object:
$ oc apply -f sub.yaml
The subscription installs the Red Hat OpenShift Pipelines Operator into the
openshift-operators
namespace. The Operator automatically installs OpenShift Pipelines into the defaultopenshift-pipelines
target namespace.
1.3. Red Hat OpenShift Pipelines Operator in a restricted environment
The Red Hat OpenShift Pipelines Operator enables support for installation of pipelines in a restricted network environment.
The Operator installs a proxy webhook that sets the proxy environment variables in the containers of the pod created by tekton-controllers based on the cluster
proxy object. It also sets the proxy environment variables in the TektonPipelines
, TektonTriggers
, Controllers
, Webhooks
, and Operator Proxy Webhook
resources.
By default, the proxy webhook is disabled for the openshift-pipelines
namespace. To disable it for any other namespace, you can add the operator.tekton.dev/disable-proxy: true
label to the namespace
object.
1.4. Additional resources
- You can learn more about installing Operators on OpenShift Container Platform in the adding Operators to a cluster section.
- To install Tekton Chains using the Red Hat OpenShift Pipelines Operator, see Using Tekton Chains for Red Hat OpenShift Pipelines supply chain security.
- To install and deploy in-cluster Tekton Hub, see Using Tekton Hub with Red Hat OpenShift Pipelines.
For more information on using pipelines in a restricted environment, see: