Configure private registry and VMware Tanzu Application Catalog integration for Bitnami Services
This topic tells you how to integrate Bitnami Services with private registries or with VMware Tanzu Application Catalog. You can configure this globally for all services, or on a per-service basis.
Prerequisites
Before you integrate Bitnami Services with a private registry or VMware Tanzu Application Catalog, you must:
- Have your Helm Chart repository URL in the format
oci://REGISTRY-HOSTNAME/REPOSITORY-PATH/charts. Some VMware Tanzu Application Catalog instances append the operating system to the repository URL, in which case, use the URL formatoci://REGISTRY-HOSTNAME/REPOSITORY-PATH/charts/centos-7. - Have the credentials to access the private registry.
For how to obtain both of these prerequisites for VMware Tanzu Application Catalog integration, see Obtain credentials for VMware Tanzu Application Catalog integration.
Procedure
-
Create two Kubernetes
Secrets, one with credentials to pull Helm charts and the other with credentials to pull images. The following examples put these in thedefaultnamespace, but you can choose to place them in any namespace you prefer.$ kubectl create secret generic tac-chart-pull \ -n default \ --from-literal=username='USERNAME' \ --from-literal=password='TOKEN'$ kubectl create secret docker-registry tac-container-pull \ -n default \ --docker-server='REGISTRY-HOSTNAME' \ --docker-username='USERNAME' \ --docker-password='TOKEN' -
Apply the configuration either to all Bitnami services or to one specific service.
-
Apply configuration to all Bitnami services:
-
Add the following to your
tap-values.yamlfile:bitnami_services: globals: helm_chart: repo: oci://REGISTRY-HOSTNAME/REPOSITORY-PATH/charts # Update this value. chart_pull_secret_ref: name: tac-chart-pull namespace: default container_pull_secret_ref: name: tac-container-pull namespace: default -
Update Tanzu Application Platform by running:
tanzu package installed update tap -p tap.tanzu.vmware.com --values-file tap-values.yaml -n tap-install
-
-
Apply configuration to one specific Bitnami service:
-
Add the following to your
tap-values.yamlfile:bitnami_services: mysql: # Choose from mysql, postgresql, rabbitmq, redis, mongodb, and kafka. helm_chart: repo: oci://REGISTRY-HOSTNAME/REPOSITORY-PATH/charts # Update this value. chart_pull_secret_ref: name: tac-chart-pull namespace: default container_pull_secret_ref: name: tac-container-pull namespace: default -
Update Tanzu Application Platform by running:
tanzu package installed update tap -p tap.tanzu.vmware.com --values-file tap-values.yaml -n tap-install
-
-
-
If your VMware Tanzu Application Catalog instance does not have the default version of a given chart or you want to use a different version, configure the version for the chart by updating the
helm_chart.versionvalue for the service. For example:bitnami_services: mysql: # Choose from mysql, postgresql, rabbitmq, redis, mongodb, and kafka. helm_chart: version: VERSION
Known issue
As of Tanzu Application Platform v1.5.0 there is a known issue that occurs if you try to configure private registry integration for the Bitnami services after having already created a claim for one or more of the Bitnami services using the default configuration. The issue is that the updated private registry configuration does not appear to take effect. This is due to caching behavior in the system which is not currently accounted for during configuration updates.
Workaround
There is a temporary workaround to this issue, which is to delete the provider-helm-* pods in the crossplane-system namespace and wait for new pods to come back online after having applied updated registry configuration.
