Skip to Content

Changes for page Rancher 2

Last modified by Diana Strebkova on 2025/12/12 14:23
From version 1.1
edited by DOaaS Operator
on 2025/02/05 11:33
Change comment: Imported from XAR
To version 12.5
edited by Diana Strebkova
on 2025/12/12 12:29
Change comment: There is no comment for this version

Summary

Details

Page properties
Author
... ... @@ -1,1 +1,1 @@
1 -xwiki:XWiki.sdcloud-admin-0
1 +xwiki:XWiki.dianastrebkovat-systemscom
Content
... ... @@ -156,8 +156,12 @@
156 156  
157 157  = Helm charts =
158 158  
159 -== Add public helm charts ==
159 +== Add public helm chart ==
160 160  
161 +{{warning width="70" title="Chartmuseum Deprecation"}}
162 +Chartmuseum is deprecated in new Harbor versions, we are migrating all helm charts to oci-compatible repositories in Harbor with "PKEY-helm" naming convention. For internal harbor repos, use new approach to add OCI chart repositories in rancher.
163 +{{/warning}}
164 +
161 161  In this section, we describe (% style="color:#172b4d" %)how to add public helm charts like the one of DevOps-as-a-Service to a cluster to allow manual deployments.
162 162  
163 163  (% id="HCreateAppRepositoryinRancher" class="p1" %)
... ... @@ -173,6 +173,13 @@
173 173  (% class="p1" %)
174 174  [[image:attach:Screenshot 2023-04-25 at 13.30.33.png||data-xwiki-image-style-border="true" queryparams="effects=drop-shadow" height="127" width="1100"]]
175 175  
180 +(% id="H" class="p1" %)
181 +==== Target: http(s) URL ====
182 +
183 +{{warning}}
184 +This example is being deprecated, you can still add other external repositories in that way, but all internal harbor-hosted repositories should be added as Target: OCI Repository
185 +{{/warning}}
186 +
176 176  (% class="p1" %)
177 177  In the "Repository: Create" dialog, simply fill in the following fields. Authentication is not required.
178 178  
... ... @@ -207,6 +207,46 @@
207 207  
208 208  [[image:Screenshot 2024-07-03 at 15.13.55.png||data-xwiki-image-style-border="true" height="149" width="785"]]
209 209  
221 +==== Target: OCI Repository ====
222 +
223 +To add public oci-repository, navigate to repository create button and click it. For target, use OCI Repository like shown below:
224 +
225 +[[image:1765207154466-828.png||height="298" width="821"]]
226 +
227 +In the "Repository: Create" dialog, simply fill in the following fields. Authentication is not required.
228 +
229 +(% class="wrapped" %)
230 +|=(((
231 +Field
232 +)))|=(((
233 +Value
234 +)))
235 +|=(((
236 +Name
237 +)))|(((
238 +devopsaas-jenkins-auto-agent
239 +)))
240 +|=(((
241 +Description
242 +)))|(((
243 +Public Helm charts as documented at [[https:~~/~~/docs.devops.t-systems.net>>url:https://docs.devops.t-systems.net||shape="rect"]]
244 +)))
245 +|=(((
246 +Index URL
247 +)))|(((
248 +oci:~/~/registry.sdc.t-systems.net/devopsaas-helm/**<chartname>**, for example:
249 +
250 +oci:~/~/registry.sdc.t-systems.net/devopsaas-helm/jenkins-lib
251 +
252 +{{info}}
253 +Take into account, that all internal harbor repositories with helm charts have PKEY-helm naming convention, adding repo with both docker images and helm charts may not be supported in rancher.
254 +{{/info}}
255 +)))
256 +
257 +{{info}}
258 +Now all internal helm charts are stored in harbor folders with -helm suffix. Adding the whole public project doesn't work natively anymore, so each separate chart should be added as a separate repo. //**If you have a need in adding the whole project with many repositories, please contact support for finding a possible solution.**//
259 +{{/info}}
260 +
210 210  === Deploy Helm charts ===
211 211  
212 212  Now go to Apps>Charts and filter if necessary for the devops-as-a-service Helm chart repository. Like shown below, a list of available charts is displayed. Simply click on one of the tiles to deploy them to your cluster.
... ... @@ -217,7 +217,6 @@
217 217  
218 218  == Add private chart repository ==
219 219  
220 -
221 221  === Create a robot account in Harbor ===
222 222  
223 223  To add project specific helm charts to Rancher, a Harbor robot account is needed, that is able to read helm charts and pull repositories. If you don't have such an account yet, please follow the instructions given in the [[Create Robot Account section of the Harbor documentation>>doc:Harbor.Harbor 2\.7 Robot Accounts.WebHome||anchor="create_robot_account"]] and make sure to grant at least the following permissions:
... ... @@ -230,14 +230,25 @@
230 230  
231 231  (% class="p1" %)
232 232  In Rancher UI, switch to the intended cluster and go to Apps/Repositories using the left side menu.
283 +
284 +
233 233  [[image:attach:Screenshot 2023-04-25 at 13.11.48.png||data-xwiki-image-style-border="true" queryparams="effects=drop-shadow" height="400" width="209"]]
234 234  
235 235  (% class="p1" %)
236 236  Create a new Repository by pressing the Create button.
237 237  
290 +(% id="HTarget:http28s29URL-1" class="p1" %)
291 +==== [[image:attach:Screenshot 2023-04-25 at 13.30.33.png||data-xwiki-image-style-border="true" queryparams="effects=drop-shadow" height="127" width="1100"]] ====
292 +
293 +(% id="HTarget:http28s29URL-1" class="p1" %)
294 +==== Target: http(s) URL ====
295 +
296 +{{warning title="Chartmuseum Deprecation"}}
297 +Chartmuseum in Harbor is deprecated, meaning we won't be able to add internal harbor repositories to Rancher that way anymore. Instead use Target: OCI repository.
298 +{{/warning}}
299 +
238 238  (% class="p1" %)
239 -[[image:attach:Screenshot 2023-04-25 at 13.30.33.png||data-xwiki-image-style-border="true" queryparams="effects=drop-shadow" height="127" width="1100"]]
240 -\\A name for the Repository has to be set. In the screenshot, the project name CITEST is used, which corresponds to our example from above.
301 +A name for the Repository has to be set. In the screenshot, the project name CITEST is used, which corresponds to our example from above.
241 241  Choose http(s) URL to an index generated by Helm and provide the Index URL ##https:~/~/registry-<domain>.devops.t-systems.net/chartrepo/<project>/##
242 242  
243 243  (% class="p1" %)
... ... @@ -250,9 +250,120 @@
250 250  (% class="p1" %)
251 251  Click Create.
252 252  
314 +(% id="HTarget:OCIRepository-1" class="p1" %)
315 +==== Target: OCI Repository ====
253 253  
254 -= Automated deployments with Jenkins =
317 +{{info}}
318 +Now all internal helm charts are stored in harbor folders with -helm suffix. Adding the whole public project doesn't work natively anymore, so each separate chart should be added as a separate repo.//** If you have a real need to add the whole project, please contact support for finding a possible solution.**//
319 +{{/info}}
255 255  
321 +(% class="p1" %)
322 +Choose OCI repository in Target and for url, use  ##oci:~/~/registry-<domain>.devops.t-systems.net/<project>-helm/<chartname>##
323 +
324 +(% class="box" %)
325 +(((
326 +Replace ##<domain>## , ##<project>##  and ##<chartname> ##as necessary to match your set-up. Your charts should be stored in ##<project>-helm ##repository in Harbor, which is created by default when project is created in portal.
327 +)))
328 +
329 +(% class="p1" %)
330 +For Authentication, select "Create a HTTP Basic Auth Secret" and provide the Username and Password of the Harbor robot account from the previous section.
331 +
332 +(% class="wikigeneratedid" %)
333 +[[image:1765208347952-345.36.18.png||height="449" width="849"]]
334 +
335 +(% class="wikigeneratedid" %)
336 +Click Create.
337 +
338 +(% class="wrapped" %)
339 +|=(((
340 +Field
341 +)))|=(((
342 +Value
343 +)))
344 +|=(((
345 +Name
346 +)))|(((
347 +sdcloud-sdportal
348 +)))
349 +|=(((
350 +Description
351 +)))|(((
352 +Sdportal charts of sdcloud project
353 +)))
354 +|=(((
355 +Index URL
356 +)))|(((
357 +oci:~/~/registry.sdc.t-systems.net/sdcloud-helm/sdportal
358 +
359 +{{info}}
360 +Now we should target a chart repo directly, not the whole project. In you need to reference the whole project with a lot of repos, please contact support to find a possible solution.
361 +{{/info}}
362 +)))
363 +
364 +=== Migrating chart repositories in rancher to new OCI Repository format ===
365 +
366 +(% class="box warningmessage" %)
367 +(((
368 +ChartMuseum is being deprecated. After the migration is complete, **all harbor charts will be removed from ChartMuseum**, and **old HTTP(S)-based chart repositories will no longer work in Rancher (for internal harbor charts)**.
369 +)))
370 +
371 +To ensure a smooth transition, we recommend to **add an OCI-based repository alongside the existing ChartMuseum repository** during the migration phase. If you don't w
372 +
373 +(% class="box" %)
374 +(((
375 +**We will make your charts available in the corresponding new `<pkey>-helm` OCI projects.**
376 +)))
377 +
378 +| Term | Meaning
379 +| **Old Repository** | The existing HTTP/HTTPS Harbor ChartMuseum repository.
380 +| **New Repository** | The new OCI-based Helm chart repository created for your project (e.g. `<chart-repo-name>` in `<pkey>-helm`).
381 +
382 +##__**Why This Migration Is Required:**__##
383 +
384 +* ##ChartMuseum is deprecated and will be removed.##
385 +* ##Applications deployed from old repos keep a reference to that repo inside their labels.##
386 +* ##Without updating the application to point to the new OCI repo, **Rancher will not detect new chart versions from new repository**.##
387 +
388 +## Migration Steps:##
389 +
390 +1. ##Create the New OCI Repository in Rancher##
391 +11. Go to **Apps → Repositories**.
392 +11. Add a new repository of type **OCI**.
393 +11. Name it similarly to your old repo name (e.g. `<chart-repo-name>-oci`). You can't name it the same.
394 +11. Point it to the new OCI endpoint.
395 +1. ##Disable the Old ChartMuseum Repository Temporarily## 
396 +##This step ensures that Rancher resolves charts from the new OCI repo.##
397 +11. Go to **Apps → Repositories**.
398 +11. Disable the old HTTP(S)-based repository.
399 +11. Keep it disabled until the migration is done.
400 +1. ##Update Existing Applications to Use the New OCI Repo##
401 +Applications deployed with the old repository still contain the old repo name in their metadata. You must upgrade them once to transition.
402 +11. Go to **Apps → Installed Apps**.
403 +11. Open the application that was deployed using the old repo.
404 +11. Click **Upgrade**.
405 +11. In the list of available chart repositories (scroll to the bottom), select the **new OCI repository**.
406 +11. Choose the chart version you want to deploy (same or newer).
407 +11. Click **Upgrade**.
408 +1. ##Re-enable the Old Repository (Optional) ##
409 +If you still need the old repo for other apps, re-enable it after the migration steps above.
410 +**Note:** Even if a newer chart version exists in the old repository, your migrated app **will not see it**, because it is no longer connected to that repo
411 +
412 +----
413 +
414 +## Reverting the Migration (If Needed)
415 +If you want to move an app back to the old repository:##
416 +
417 +1. Temporarily disable the new OCI repo.
418 +1. Enable the old ChartMuseum repo.
419 +1. Open the application → **Upgrade**.
420 +1. Select the chart from the old repo.
421 +1. Save.
422 +
423 +This will reconnect the app to the old repository.
424 +
425 +=
426 +Automated deployments with Jenkins =
427 +
256 256  In this section, we describe(% style="color:#172b4d" %) how to set-up **automated builds, tests and deployments** for Jenkins.
257 257  
258 258  == Prerequisites ==
1765206888644-487.png
Author
... ... @@ -1,0 +1,1 @@
1 +xwiki:XWiki.dianastrebkovat-systemscom
Size
... ... @@ -1,0 +1,1 @@
1 +142.4 KB
Content
1765207032873-684.png
Author
... ... @@ -1,0 +1,1 @@
1 +xwiki:XWiki.dianastrebkovat-systemscom
Size
... ... @@ -1,0 +1,1 @@
1 +142.1 KB
Content
1765207154466-828.png
Author
... ... @@ -1,0 +1,1 @@
1 +xwiki:XWiki.dianastrebkovat-systemscom
Size
... ... @@ -1,0 +1,1 @@
1 +143.6 KB
Content
1765208347952-345.36.18.png
Author
... ... @@ -1,0 +1,1 @@
1 +xwiki:XWiki.dianastrebkovat-systemscom
Size
... ... @@ -1,0 +1,1 @@
1 +199.3 KB
Content
© 2018-2025 T-Systems International GmbH