This topic tells you how to integrate Bitnami Services with private registries or with VMware Tanzu Application Catalog. You can configure this globally for all services, or on a per-service basis.
Before you integrate Bitnami Services with a private registry or VMware Tanzu Application Catalog, you must:
oci://REGISTRY-HOSTNAME/REPOSITORY-PATH/charts
. Some VMware Tanzu Application Catalog instances append the operating system to the repository URL, in which case, use the URL format oci://REGISTRY-HOSTNAME/REPOSITORY-PATH/charts/centos-7
.For how to obtain both of these prerequisites for VMware Tanzu Application Catalog integration, see Obtain credentials for VMware Tanzu Application Catalog integration.
Create two Kubernetes Secrets
, one with credentials to pull Helm charts and the other with credentials to pull images. The following examples put these in the default
namespace, but you can choose to place them in any namespace you prefer.
$ kubectl create secret generic tac-chart-pull \
-n default \
--from-literal=username='USERNAME' \
--from-literal=password='TOKEN'
$ kubectl create secret docker-registry tac-container-pull \
-n default \
--docker-server='REGISTRY-HOSTNAME' \
--docker-username='USERNAME' \
--docker-password='TOKEN'
Apply the configuration either to all Bitnami services or to one specific service.
Apply configuration to all Bitnami services:
Add the following to your tap-values.yaml
file:
bitnami_services:
globals:
helm_chart:
repo: oci://REGISTRY-HOSTNAME/REPOSITORY-PATH/charts # Update this value.
chart_pull_secret_ref:
name: tac-chart-pull
namespace: default
container_pull_secret_ref:
name: tac-container-pull
namespace: default
Update Tanzu Application Platform by running:
tanzu package installed update tap -p tap.tanzu.vmware.com --values-file tap-values.yaml -n tap-install
Apply configuration to one specific Bitnami service:
Add the following to your tap-values.yaml
file:
bitnami_services:
mysql: # Choose from mysql, postgresql, rabbitmq, redis, mongodb, and kafka.
helm_chart:
repo: oci://REGISTRY-HOSTNAME/REPOSITORY-PATH/charts # Update this value.
chart_pull_secret_ref:
name: tac-chart-pull
namespace: default
container_pull_secret_ref:
name: tac-container-pull
namespace: default
Update Tanzu Application Platform by running:
tanzu package installed update tap -p tap.tanzu.vmware.com --values-file tap-values.yaml -n tap-install
If your VMware Tanzu Application Catalog instance does not have the default version of a given chart or you want to use a different version, configure the version for the chart by updating the helm_chart.version
value for the service. For example:
bitnami_services:
mysql: # Choose from mysql, postgresql, rabbitmq, redis, mongodb, and kafka.
helm_chart:
version: VERSION
As of Tanzu Application Platform v1.5.0 there is a known issue that occurs if you try to configure private registry integration for the Bitnami services after having already created a claim for one or more of the Bitnami services using the default configuration. The issue is that the updated private registry configuration does not appear to take effect. This is due to caching behavior in the system which is not currently accounted for during configuration updates.
There is a temporary workaround to this issue, which is to delete the provider-helm-*
pods in the crossplane-system
namespace and wait for new pods to come back online after having applied updated registry configuration.