• User Manuals /
  • Denodo Platform 9 Container Registry Quick Start Guide

Denodo Platform 9 Container Registry Quick Start Guide

Download original document


You can translate the document:

Overview

Denodo offers an artifact registry service with repositories for Denodo Platform container images and Denodo Helm Charts.

This registry service is based on Harbor.

Artifacts on this registry are accessible for people with a Denodo Support Site Account.

Registries and Repositories

The name of the registry server is harbor.open.denodo.com

There are several project registries based on Denodo Platform versions:

harbor.open.denodo.com/denodo-9/

And there can be several image repositories for each project registry, one per containerized application.

harbor.open.denodo.com/denodo-9/images/solution-manager

harbor.open.denodo.com/denodo-9/images/denodo-platform

Artifact tag names are following Semantic Versioning (SemVer 2) patterns but adapted to the limitations imposed by the Docker specifications for image tags. For example, “+” is not allowed and “-” is used instead.

Image examples:

harbor.open.denodo.com/denodo-9/images/solution-manager:9.X.Y

harbor.open.denodo.com/denodo-9/images/solution-manager-openshift:9.X.Y-<build_date>

harbor.open.denodo.com/denodo-9/images/denodo-platform-openshift:9.X-latest

harbor.open.denodo.com/denodo-9/images/denodo-platform:9.X.Y-emergencyfix.<date>-<build_date>

harbor.open.denodo.com/denodo-8.0/images/denodo-platform:9.X.Y-Beta-<build_date>

We also have some special tags latest and lts.

  • latest: points to the latest stable release.
  • lts: points to the latest long term support release.

Finally, the container registry will also host Helm charts as OCI artifacts, so naming policies for chart repositories and version tags will be the same used for container images.

Helm Charts examples:

harbor.open.denodo.com/denodo-9/charts/denodo-platform:<semver_tag>

harbor.open.denodo.com/denodo-9/charts/solution-manager:<semver_tag>

Denodo Bugfixes and Extra Features

If you are a customer with a Denodo Support Plan and Denodo Support generates a custom image with a Denodo Hotfix, you will have access to that image through a specific repository that Denodo Support will reference to you.

There are two types of containers, ef and bf:

  • ef: refers to an Extra Feature
  • bf: refers to a Bug Fix.

Container examples:

harbor.open.denodo.com/c-<customer_id>/images/denodo-platform:9.X.Y-ef-<date>

harbor.open.denodo.com/c-<customer_id>/images/solution-manager:9.X.Y-bf-<date>

Working with Web Interface

Sign In

With your Denodo Account you can sign in https://harbor.open.denodo.com to navigate the repositories available to you and to download the artifacts there.

Use the Login via OIDC Provider button that appears on the Harbor login page.

Browsing Registries and Repositories

After logging in, you enter in the Projects page where you can browse the list of registries of images and charts available according to your permissions (each project is equivalent to a registry).

Then you can click on one of the projects available to see the list of repositories available there.

Browsing Images and Helm Charts

Once you select a project (registry), you can click on Repositories to browse the different folders with images or charts. Click on one of these repositories to get access to the list of artifacts for that repository (the different container or chart versions).

If you click on a specific Artifact you will be able to see detailed information about it. In the case that the artifact that you are examining is a Helm Chart you will be able to see the contents of the README.md file for that Chart.

Working with Docker, Kubernetes and Helm CLIs

Create a CLI Secret

After you have authenticated via Denodo Account and logged into the web interface for the first time, you can use the Docker CLI or Helm CLI to access the registry and artifacts.

To be able to do so, the registry provides a CLI secret for use when logging in from Docker or Helm.

To create the secret click your username at the top of the screen and select User Profile.

Then generate (click on the ... icon) and/or copy your CLI secret.

NOTICE: A user can only have one CLI secret, so when a new secret is generated or created, the old one becomes invalid.

NOTICE: the user profile fields cannot be updated because users are automatically provisioned to use Denodo Community Account Single Sign On (SSO).

Authenticate in Docker CLI with the CLI Secret

Use docker login and provide the credentials.

docker login harbor.open.denodo.com

Username: <denodo_account_username>

Password: <registry_profile_secret>

Authenticate in Kubernetes CLI with the CLI Secret

First you need to create a secret with the provided credentials.

kubectl create secret docker-registry harbor-registry-secret \

--docker-server=harbor.open.denodo.com \

--docker-username=<denodo_account_username> \

--docker-password=<registry_profile_secret>

After the secret has been created you need to include the harbor-registry-secret name on the imagePullSecrets property of the Pod spec following standard Kubernetes documentation.

Authenticate in Helm CLI with the CLI Secret

The Denodo container registry stores Helm charts as OCI artifacts, so you need to use the command helm registry login and provide the credentials.

helm registry login harbor.open.denodo.com

Username: <denodo_account_username>

Password: <registry_profile_secret>

CLI Secret Expiration

Take into account that the CLI secret is associated with the session token of your Denodo Account. The registry will try to refresh the token, so the CLI secret will be valid after the token expires.

However, if the Denodo Account service does not provide a refresh token or the refresh fails, the CLI secret becomes invalid. In this case, log out and log back in to the registry via your Denodo Account so that the registry can get a new token. The CLI secret will then work again.