Container Image Registry¶
The image
section of the values.yaml
configures the access to the container image registry having the Denodo Embedded MPP images:
Presto, Hive Metastore and PostgreSQL.
With the information in this section the container images can be downloaded during the Denodo Embedded MPP deployment process.
image:
repository: "harbor.open.denodo.com/denodo-connects-9/images"
pullPolicy: IfNotPresent
pullSecret: ""
pullCredentials:
enabled: false
name: "registry-secret"
registry: "harbor.open.denodo.com"
username: ""
pwd: ""
Important
The Denodo’s Harbor Registry is configured by default, but its credentials expire every 6 months. This implies log in to Denodo Harbor every 6 months so that Kubernetes can pull images from the Denodo’s Harbor Registry.
While this option is suitable for testing and proof-of-concept (POC) purposes, please consider a Private Container Image Registry for production scenarios as a best practice.
Container Image Registry Credentials¶
To configure the container image registry credentials, you can fill in the pullCredentials
section. For this you have to set pullCredentials.enabled
to true
:
image:
pullCredentials:
enabled: true
name: "registry-secret"
registry: "harbor.open.denodo.com"
username: "username"
pwd: "clisecret"
enabled: Whether to use the credentials in this section to download the container images.
registry: The container image registry. The Denodo’s Harbor Registry is configured by default: “harbor.open.denodo.com”
username: User to access the container image registry.
pwd: Credentials to access the container image registry.
In case you are using the Denodo’s Harbor Registry, you can find your username
and pwd
at
the Denodo’s Harbor User Profile menu and click Generate Secret.
The Username
is the pullCredentials.username
and the CLI secret
is the pullCredentials.pwd
.
There is an alternative to using pullCredentials
that is to create a Kubernetes secret with the container image
registry credentials this way:
kubectl create secret docker-registry denodo-registry-secret \
--docker-server=harbor.open.denodo.com \
--docker-username=<denodo_account_username> \
--docker-password=<cli_secret>
Once the secret is created you need to include the name denodo-registry-secret
in the image.pullSecret
key:
image:
pullSecret: "denodo-registry-secret"
If your container image registry does not need one, leave it empty:
image:
pullSecret: ""
Private Container Image Registry¶
In case you consider using a private container registry of your own, you will have to:
pull the Embedded MPP images from the Denodo’s Harbor Registry or load them from the Denodo Embedded MPP distribution
tag them appropriately
push them to your private container image registry:
# Option 1: Pull images from Denodo's Harbor registry
docker pull harbor.open.denodo.com/denodo-connects-9/images/prestocluster-presto:<version>
docker pull harbor.open.denodo.com/denodo-connects-9/images/prestocluster-postgresql:<version>
docker pull harbor.open.denodo.com/denodo-connects-9/images/prestocluster-hive-metastore:<version>
# Option 2: Load images from Denodo Embedded MPP distribution.
docker load < prestocluster-presto-image-<version>.tar.gz
docker load < prestocluster-postgresql-image-<version>.tar.gz
docker load < prestocluster-hive-metastore-image-<version>.tar.gz
# Tag images
docker tag prestocluster-presto:<version> <private_registry>/prestocluster-presto:<version>
docker tag prestocluster-hive-metastore:<version> <private_registry>/prestocluster-hive-metastore:<version>
docker tag prestocluster-postgresql:<version> <private_registry>/prestocluster-postgresql:<version>
# Push images
docker push <private_registry>/prestocluster-presto:<version>
docker push <private_registry>/prestocluster-hive-metastore:<version>
docker push <private_registry>/prestocluster-postgresql:<version>