Install Tekton Pipelines

Install Tekton Pipelines on your cluster

This page includes content about running Tekton with specific platforms and cloud providers. The accuracy and freshness of this vendor documentation varies by vendor.

If you want to contribute with platform-specific documentation, follow the vendor contributions guidelines.

This guide explains how to install Tekton Pipelines.

Prerequisites

  • A [Kubernetes cluster][k8s] running version 1.23 or later.
  • If you are running on macOS, make sure Docker is running
  • [Kubectl][].
  • Grant cluster-admin privileges to the current user. See the [Kubernetes role-based access control (RBAC) docs][rbac] for more information.
  • (Optional) Install a [Metrics Server][metrics] if you need support for high availability use cases.

See the [local installation guide][local-install] if you want to test Tekton on your computer.

Installation

To install Tekton Pipelines on a Kubernetes cluster:

  1. Run one of the following commands depending on which version of Tekton Pipelines you want to install:

    • Latest official release:

      kubectl apply --filename https://storage.googleapis.com/tekton-releases/pipeline/latest/release.yaml
      
    • Nightly release:

      kubectl apply --filename https://storage.googleapis.com/tekton-releases-nightly/pipeline/latest/release.yaml
      
    • Specific release:

       kubectl apply --filename https://storage.googleapis.com/tekton-releases/pipeline/previous/<version_number>/release.yaml
      

      Replace <version_number> with the numbered version you want to install. For example, v0.26.0.

    • Untagged release:

      If your container runtime does not support image-reference:tag@digest:

      kubectl apply --filename https://storage.googleapis.com/tekton-releases/pipeline/latest/release.notags.yaml
      
  2. Monitor the installation:

    kubectl get pods --namespace tekton-pipelines --watch
    

    When all components show 1/1 under the READY column, the installation is complete. Hit Ctrl + C to stop monitoring.

Congratulations! You have successfully installed Tekton Pipelines on your Kubernetes cluster.

Before you proceed, create or select a project on Google Cloud and install the gcloud CLI on your computer.

To install Tekton Pipelines:

  1. Enable the Google Kubernetes Engine (GKE) API:

    gcloud services enable container.googleapis.com
    
  2. Create a cluster with Workload Identity enabled. For example:

    gcloud container clusters create tekton-cluster \
      --num-nodes=<nodes> \
      --region=<location> \
      --workload-pool=<project-id>.svc.id.goog
    

    Where:

    • <location> is the cluster location. For example, us-central1. See the documentation about regional and zonal clusters for more information.

    • <project-id> is the project ID.

    • <nodes> is the number of nodes.

    Workload Identity allows your GKE cluster to access Google Cloud services using an Identity Access Management (IAM) service account. For example, the Tekton build and push guide explains how to authenticate to Artifact Registry on a cluster with Workload Identity enabled.

    You can also enable Workload Idenitity on an existing cluster.

  3. Follow the regular Kubernetes installation steps.

Private clusters

If you are running a private cluster and experience problems with GKE DNS resolution, allow the port 8443 in your firewall rules.

gcloud compute firewall-rules update <firewall_rule_name> --allow tcp:8443

See the documentation about firewall rules for private clusters for more information.

Autopilot

If you are using Autopilot mode on your GKE cluster and experience some problems, try the following:

  1. Allow port 8443 in your firewall rules.

    gcloud compute firewall-rules update <firewall_rule_name> --allow tcp:8443
    
  2. Disable the affinity assistant.

    kubectl patch cm feature-flags -n tekton-pipelines \
      -p '{"data":{"disable-affinity-assistant":"true"}}'
    
  3. Increase the ephemeral storage.

To install Tekton Pipelines on OpenShift, you must first apply the anyuid security context constraint to the tekton-pipelines-controller service account. This is required to run the webhook Pod. See Security Context Constraints for more information.

  1. Log on as a user with cluster-admin privileges. The following example uses the default system:admin user:

    oc login -u system:admin
    
  2. Set up the namespace (project) and configure the service account:

    oc new-project tekton-pipelines
    oc adm policy add-scc-to-user anyuid -z tekton-pipelines-controller
    oc adm policy add-scc-to-user anyuid -z tekton-pipelines-webhook
    
  3. Install Tekton Pipelines:

    oc apply --filename https://storage.googleapis.com/tekton-releases/pipeline/latest/release.notags.yaml
    

    See the OpenShift CLI documentation for more information on the oc command.

  4. Monitor the installation using the following command until all components show a Running status:

    oc get pods --namespace tekton-pipelines --watch
    

    Note: Hit CTRL + C to stop monitoring.

Congratulations! You have successfully installed Tekton Pipelines on your OpenShift environment.

To run OpenShift 4.x on your laptop (or desktop), take a look at Red Hat CodeReady Containers.

Additional configuration options

You can enable additional alpha and beta features, customize execution parameters, configure availability, and many more options. See the addition configurations options for more information.

Next steps

To get started with Tekton check the Introductory tutorials, the how-to guides, and the examples folder.


Troubleshooting

  1. If kind create cluster fails to create cluster with below message. Please check if Docker is running on the machine.
  $ kind create cluster
  ERROR: failed to create cluster: failed to list nodes: command "docker ps -a --filter label=io.x-k8s.kind.cluster=kind --format '{{.Names}}'" failed with error: exit status 1
  Command Output: Cannot connect to the Docker daemon at unix:///Users/USER/.docker/run/docker.sock. Is the docker daemon running?
  Ms-MacBook-Pro:~$ docker ps
  Cannot connect to the Docker daemon at unix:///Users/USER/.docker/run/docker.sock. Is the docker daemon running?

After starting docker

Ms-MacBook-Pro:~$ kind create cluster
Creating cluster "kind" ...
✓ Ensuring node image (kindest/node:v1.25.3) 🖼 
✓ Preparing nodes 📦  
✓ Writing configuration 📜 
✓ Starting control-plane 🕹️ 
✓ Installing CNI 🔌 
✓ Installing StorageClass 💾 
Set kubectl context to "kind-kind"
You can now use your cluster with:

kubectl cluster-info --context kind-kind

Have a question, bug, or feature request? Let us know! https://kind.sigs.k8s.io/#community 🙂

Source for this document available on GitHub.


Last modified February 15, 2023: Add release selector to docs (54f0a72)