A pod template specifies a subset of
PodSpec
configuration that will be used as the basis for the Task
pod.
This allows for customizing some Pod
specific field per Task
execution, TaskRun
or for all Task
executions part of a PipelineRun
.
Alternatively, you can also define a default pod template in Tekton config, see Customizing basic execution parameters
When a pod template is specified for a PipelineRun
or TaskRun
, the default pod template is ignored, i.e.
both templates are NOT merged, it's always one or the other.
The current fields supported are:
nodeSelector
: a selector which must be true for the pod to fit on a node, see Assigning pods to Nodes.tolerations
: allow (but do not require) the pods to schedule onto nodes with matching taints.affinity
: allow to constrain which nodes your pod is eligible to be scheduled on, based on labels on the node.securityContext
: pod-level security attributes and common container settings, likerunAsUser
orselinux
.volumes
: list of volumes that can be mounted by containers belonging to the pod. This lets the user of a Task define which type of volume to use for a TaskvolumeMount
runtimeClassName
: the name of a runtime class to use to run the pod.automountServiceAccountToken
: whether the token for the service account being used by the pod should be automatically provided inside containers at a predefined path. Defaults totrue
.dnsPolicy
: the DNS policy for the pod, one ofClusterFirst
,Default
, orNone
. Defaults toClusterFirst
. Note thatClusterFirstWithHostNet
is not supported by Tekton as Tekton pods cannot run with host networking.dnsConfig
: additional DNS configuration for the pod, such as nameservers and search domains.enableServiceLinks
: whether services in the same namespace as the pod will be exposed as environment variables to the pod, similar to Docker service links. Defaults totrue
.priorityClassName
: the name of the priority class to use when running the pod. Use this, for example, to selectively enable preemption on lower priority workloads.schedulerName
the name of the scheduler to use when dispatching the Pod. This can be used when workloads of specific types need specific schedulers, e.g.: If you are using volcano.sh for Machine Learning Workloads, you can pass the schedulerName and have Tasks be dispatched by the volcano.sh scheduler.imagePullSecret
the name of thesecret
used when pulling the image if specified.hostNetwork
: set this totrue
if the host network namespace should be used. Defaults tofalse
.
A Pod
template can be specified for TaskRun
or PipelineRun
resources.
See Specifying a Pod template for a TaskRun
example or
Specifying a Pod template for a PipelineRun
example using Pod templates.
Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License.