helm chart tenant deployment v7.0.0 doesn't work for private images registry #2396
Comments
|
The error message clearly states that it's trying to pull the image from your private repository: It looks like Kubernetes is trying to pull the image from the correct repository, but it either doesn't exist or you didn't supply the correct image pull secret to access it. |
|
Please note that image pull secrets should be specified using the following syntax: - name: <secret-name>Image pull secrets are described here. You may want to post your |
Thank you for your response. You can check in file tenant values file in line 39 there is no imagePullSecrets: [] in values.yaml file so the link is irrelevant here. It refers to a vector [] not a scalar {}. Error: INSTALLATION FAILED: template: tenant/templates/tenant.yaml:24:9: executing "tenant/templates/tenant.yaml" at <dig "imagePullSecret" "name" "" .>: error calling dig: interface conversion: interface {} is []interface {}, not map[string]interface {} For minio tenant values.yaml file in line 39 we have imagePullSecret: {} and this is what I am looking for. To be honest it is misterious for me what it accepts. The question is: how to supply the correct image pull secret and what type of secret it should be ? |
|
Ah, you're right. As you can see here in the chart it should be specified like a scalar with just the tenant:
imagePullSecret:
name: <secret-name-here>Sorry for the confusion. It would have been more logical if the PS: Not it is called |
minio-operator/minio-operator 4.3.7 v4.3.7 A Helm chart for MinIO Operator
Helm chart values located here:
https://github.com/minio/operator/blob/master/helm/tenant/values.yaml
doesn't take under consideration parameter imagePullSecret: { } from line 39.
Expected Behavior
It is possible to create tenant from image stored in private registry.
Current Behavior
Tenant deployment constantly reports deployment errors:
Back-off pulling image "registry.home.lab/registry/minio:RELEASE.2024-11-07T00-52-20Z"
Error: ImagePullBackOff
Failed to pull image "registry.home.lab/registry/minio:RELEASE.2024-11-07T00-52-20Z": failed to pull and unpack image "registry.home.lab/registry/minio:RELEASE.2024-11-07T00-52-20Z": failed to resolve reference "registry.home.lab/registry/minio:RELEASE.2024-11-07T00-52-20Z": pull access denied, repository does not exist or may require authorization: authorization failed: no basic auth credentials
Readiness probe failed: HTTP probe failed with statuscode: 500
The same configuration for minio operator works perfectly fine (the values file contains imagePullSecrets parameter - be cautious the name differs from the tenant values imagePullSecret and the type is not a vector but a scalar)
Possible Solution
Clear documentation of usage.
imagePullSecret scalar parameter taken under consideration by Tenant helm chart
Steps to Reproduce (for bugs)
Context
High risk of usage images directly from public registry
Much longer deployment times
Regression
No idea
Your Environment
minio-operator/minio-operator 4.3.7 v4.3.7 A Helm chart for MinIO Operator
k3s: (1 control plane, 3 agents)
Client Version: v1.31.4+k3s1
Kustomize Version: v5.4.2
Server Version: v1.31.4+k3s1
cilium CNI: cilium image (running): 1.16.5
on-premis servers, Xen (xcp-ng 8.3)
Linux k3s-node-01 6.1.0-28-amd64 #1 SMP PREEMPT_DYNAMIC Debian 6.1.119-1 (2024-11-22) x86_64 GNU/Linux
Deployment file: https://github.com/minio/operator/blob/master/helm/tenant/values.yaml
The text was updated successfully, but these errors were encountered: