Container Image Registry

The image section of the values.yaml configures the access to the container image registry having the Denodo Embedded MPP images: Presto, Hive Metastore and PostgreSQL.

With the information in this section the container images can be downloaded during the Denodo Embedded MPP deployment process.

  repository: ""
  pullPolicy: IfNotPresent
  pullSecret: ""

    enabled: false
    name: "registry-secret"
    registry: ""
    username: ""
    pwd: ""


The Denodo’s Harbor Registry is configured by default, but its credentials expire every 6 months. This implies log in to Denodo Harbor every 6 months so that Kubernetes can pull images from the Denodo’s Harbor Registry.

While this option is suitable for testing and proof-of-concept (POC) purposes, please consider a Private Container Image Registry for production scenarios as a best practice.

Container Image Registry Credentials

To configure the container image registry credentials, you can fill in the pullCredentials section. For this you have to set pullCredentials.enabled to true:

    enabled: true
    name: "registry-secret"
    registry: ""
    username: "username"
    pwd: "clisecret"
  • enabled: Whether to use the credentials in this section to download the container images.

  • registry: The container image registry. The Denodo’s Harbor Registry is configured by default: “”

  • username: User to access the container image registry.

  • pwd: Credentials to access the container image registry.

In case you are using the Denodo’s Harbor Registry, you can find your username and pwd at the Denodo’s Harbor User Profile menu and click on Generate Secret.

Denodo's Harbor User Profile

Denodo’s Harbor User Profile

The Username is the pullCredentials.username and the CLI secret is the pullCredentials.pwd.

There is an alternative to using pullCredentials that is to create a Kubernetes secret with the container image registry credentials this way:

kubectl create secret docker-registry denodo-registry-secret \ \
    --docker-username=<denodo_account_username> \

Once the secret is created you need to include the name denodo-registry-secret in the image.pullSecret key:

  pullSecret: "denodo-registry-secret"

If your container image registry does not need one, leave it empty:

   pullSecret: ""

Private Container Image Registry

In case you consider using a private container registry of your own, you will have to:

# Option 1: Pull images from Denodo's Harbor registry
docker pull<version>
docker pull<version>
docker pull<version>

# Option 2: Load images from Denodo Embedded MPP distribution.
docker load < prestocluster-presto-image-<version>.tar.gz
docker load < prestocluster-postgresql-image-<version>.tar.gz
docker load < prestocluster-hive-metastore-image-<version>.tar.gz

# Tag images
docker tag prestocluster-presto:<version> <private_registry>/prestocluster-presto:<version>
docker tag prestocluster-hive-metastore:<version> <private_registry>/prestocluster-hive-metastore:<version>
docker tag prestocluster-postgresql:<version> <private_registry>/prestocluster-postgresql:<version>

# Push images
docker push <private_registry>/prestocluster-presto:<version>
docker push <private_registry>/prestocluster-hive-metastore:<version>
docker push <private_registry>/prestocluster-postgresql:<version>
Add feedback