Changes for page Rancher 2

Last modified by Diana Strebkova on 2026/04/20 09:21

Manage
- Copy
Actions
- Export
- Print Preview
Viewers
- Source
- Children
- Content
- Comments
- Likes

From 10.2 to 10.3 From 24.3 to 24.4

From version 10.3

edited by Diana Strebkova
on 2025/12/12 11:43

Change comment: There is no comment for this version

To version 24.3

edited by Diana Strebkova
on 2026/04/20 09:14

Change comment: There is no comment for this version

Raw
Rendered

Summary

Page properties (1 modified, 0 added, 0 removed)
Attachments (0 modified, 3 added, 0 removed)

Details

Page properties

Content

@@ -177,49 +177,6 @@
  (% class="p1" %)
  [[image:attach:Screenshot 2023-04-25 at 13.30.33.png||data-xwiki-image-style-border="true" queryparams="effects=drop-shadow" height="127" width="1100"]]
--(% id="H" class="p1" %)
--==== Target: http(s) URL ====
--
--{{warning}}
--This example is being deprecated, you can still add other external repositories in that way, but all internal harbor-hosted repositories should be added as Target: OCI Repository
--{{/warning}}
--
--(% class="p1" %)
--In the "Repository: Create" dialog, simply fill in the following fields. Authentication is not required.
--
--(% class="wrapped" %)
--|=(((
--Field
--)))|=(((
--Value
--)))
--|=(((
--Name
--)))|(((
--devops-as-a-service
--)))
--|=(((
--Description
--)))|(((
--Public Helm charts as documented at [[https:~~/~~/docs.devops.t-systems.net>>url:https://docs.devops.t-systems.net||shape="rect"]]
--)))
--|=(((
--Index URL
--)))|(((
--[[https:~~/~~/registry.sdc.t-systems.net/chartrepo/devopsaas/>>url:https://registry.sdc.t-systems.net/chartrepo/devopsaas/||shape="rect"]]
--)))
--
--[[image:attach:image-2024-2-27_14-29-17.png||data-xwiki-image-style-border="true" queryparams="effects=drop-shadow" width="540"]]
--
--(% class="p1" %)
--Finally, click Create.
--
--The repository is now listed:
--
--[[image:Screenshot 2024-07-03 at 15.13.55.png||data-xwiki-image-style-border="true" height="149" width="785"]]
--
--==== Target: OCI Repository ====
--
  To add public oci-repository, navigate to repository create button and click it. For target, use OCI Repository like shown below:
  [[image:1765207154466-828.png||height="298" width="821"]]
@@ -245,15 +245,17 @@
  |=(((
  Index URL
  )))|(((
--oci:[[~~/~~/registry.sdc.t-systems.net/chartrepo/devopsaas-helm/>>url:https://registry.sdc.t-systems.net/chartrepo/devopsaas/||shape="rect"]]chartname, for example:
++oci:~/~/registry.sdc.t-systems.net/devopsaas-helm/**<chartname>**, for example:
--oci:~/~/registry.sdc.t-systems.net/chartrepo/devopsaas-helm/chartname
++oci:~/~/registry.sdc.t-systems.net/devopsaas-helm/jenkins-auto-agent
--oci:[[~~/~~/registry.sdc.t-systems.net/>>url:https://registry.sdc.t-systems.net/chartrepo/devopsaas/||shape="rect"]][[devopsaas-helm/jenkins-lib>>url:https://registry-manoni.devops.t-systems.net/harbor/projects/139/repositories/jenkins-lib]]
++{{box}}
++Take into account, that all internal harbor repositories with helm charts have PKEY-helm naming convention, adding repo with both docker images and helm charts is not supported in rancher.
++{{/box}}
  )))
  {{info}}
--Now all internal helm charts are stored in harbor folders with -helm suffix. Adding the whole public project doesn't work natively anymore, so each separate chart should be added as a separate repo.
++Now all internal helm charts are stored in harbor folders with -helm suffix. Adding the whole public project doesn't work natively anymore, so each separate chart should be added as a separate repo. //**If you have a need in adding the whole project with many repositories, please contact support for finding a possible solution.**//
  {{/info}}
  === Deploy Helm charts ===
@@ -266,12 +266,11 @@
  == Add private chart repository ==
--
  === Create a robot account in Harbor ===
  To add project specific helm charts to Rancher, a Harbor robot account is needed, that is able to read helm charts and pull repositories. If you don't have such an account yet, please follow the instructions given in the [[Create Robot Account section of the Harbor documentation>>doc:Harbor.Harbor 2\.7 Robot Accounts.WebHome||anchor="create_robot_account"]] and make sure to grant at least the following permissions:
--* Read Helm Chart
++* Read Artifact
  * Pull Repository
  (% id="HCreateAppRepositoryinRancher-1" class="p1" %)
@@ -279,57 +279,147 @@
  (% class="p1" %)
  In Rancher UI, switch to the intended cluster and go to Apps/Repositories using the left side menu.
++
  [[image:attach:Screenshot 2023-04-25 at 13.11.48.png||data-xwiki-image-style-border="true" queryparams="effects=drop-shadow" height="400" width="209"]]
  (% class="p1" %)
  Create a new Repository by pressing the Create button.
--(% id="HTarget:http28s29URL-1" class="p1" %)
--==== [[image:attach:Screenshot 2023-04-25 at 13.30.33.png||data-xwiki-image-style-border="true" queryparams="effects=drop-shadow" height="127" width="1100"]] ====
++(% class="p1" id="HTarget:http28s29URL-1" %)
++[[image:attach:Screenshot 2023-04-25 at 13.30.33.png||data-xwiki-image-style-border="true" queryparams="effects=drop-shadow" height="127" width="1100"]]
  (% id="HTarget:http28s29URL-1" class="p1" %)
--==== Target: http(s) URL ====
++====   ====
--{{warning title="Chartmuseum Deprecation"}}
--Chartmuseum in Harbor is deprecated, meaning we won't be able to add repositories to Rancher that way anymore. Instead use Target: OCI repository.
--{{/warning}}
++{{info}}
++Now all internal helm charts are stored in harbor folders with -helm suffix. Adding the whole public project doesn't work natively anymore, so each separate chart should be added as a separate repo.//** If you have a real need to add the whole project, please contact support for finding a possible solution.**//
++{{/info}}
  (% class="p1" %)
--A name for the Repository has to be set. In the screenshot, the project name CITEST is used, which corresponds to our example from above.
--Choose http(s) URL to an index generated by Helm and provide the Index URL ##https:~/~/registry-<domain>.devops.t-systems.net/chartrepo/<project>/##
++Choose OCI repository in Target and for url, use  ##oci:~/~/registry-<domain>.devops.t-systems.net/<project>-helm/<chartname>##
--(% class="p1" %)
--Replace ##<domain>## and ##<project>## as necessary to match your set-up.
++(% class="box" %)
++(((
++Replace ##<domain>## , ##<project>##  and ##<chartname> ##as necessary to match your set-up. Your charts should be stored in ##<project>-helm ##repository in Harbor, which is created by default when project is created in portal.
++)))
  (% class="p1" %)
  For Authentication, select "Create a HTTP Basic Auth Secret" and provide the Username and Password of the Harbor robot account from the previous section.
--[[image:attach:Screenshot 2023-04-26 at 18.10.15.png||data-xwiki-image-style-border="true" queryparams="effects=drop-shadow" height="468" width="1100"]]
--(% class="p1" %)
++(% class="wikigeneratedid" %)
++[[image:1765208347952-345.36.18.png||height="449" width="849"]]
++
++(% class="wikigeneratedid" %)
  Click Create.
--(% id="HTarget:OCIRepository-1" class="p1" %)
--==== Target: OCI Repository ====
++(% class="wrapped" %)
++|=(((
++Field
++)))|=(((
++Value
++)))
++|=(((
++Name
++)))|(((
++sdcloud-sdportal
++)))
++|=(((
++Description
++)))|(((
++Sdportal charts of sdcloud project
++)))
++|=(((
++Index URL
++)))|(((
++oci:~/~/registry.sdc.t-systems.net/sdcloud-helm/sdportal
  {{info}}
--Now all internal helm charts are stored in harbor folders with -helm suffix. Adding the whole public project doesn't work natively anymore, so each separate chart should be added as a separate repo.
++Now we should target a chart repo directly, not the whole project. In you need to reference the whole project with a lot of repos, please contact support to find a possible solution.
  {{/info}}
++)))
--(% class="p1" %)
--Choose OCI repository in Target and for url, use  ##oci:~/~/registry-<domain>.devops.t-systems.net/<project>-helm/<chatname>##
++== Migrating chart repositories in rancher to new OCI Repository format ==
--(% class="p1" %)
--Replace ##<domain>## , ##<project>##  and ##<chatname> ##as necessary to match your set-up.
++(% class="box warningmessage" %)
++(((
++ChartMuseum is being deprecated. After the migration is complete, **all harbor charts will be removed from ChartMuseum**, and **old HTTP(S)-based chart repositories will no longer work in Rancher (for internal harbor charts)**.
++)))
--(% class="p1" %)
--For Authentication, select "Create a HTTP Basic Auth Secret" and provide the Username and Password of the Harbor robot account from the previous section.
++(% class="box" %)
++(((
++**All ycharts available in the corresponding new `<pkey>-helm` OCI projects. During migration, please adapt your helm push commands and url's for new oci-compatible repository.**
++)))
--(% class="wikigeneratedid" %)
--[[image:1765208347952-345.36.18.png||height="449" width="849"]]
++There are two ways to migrate your repositories:
--(% class="wikigeneratedid" %)
--Click Create.
++1. ##Direct Transition (Editing the Existing Repository)##
++1*. Change the target to “OCI Repository”.
++1*. Update the URL as required (the repository name cannot be changed), check **Target: OCI Repository** documentation above
++1*. After saving, installed apps will automatically start using the updated repository.
++1*. (% class="box" %)
++(((
++Important limitation: OCI repositories must point directly to a single chart repository, not to a parent folder.
++If your old repository included several charts (for example “bitbucket” and “jira”), then after switching to OCI you can only target one chart (e.g. “bitbucket”).
++The other charts will no longer receive updates through this repo, and you will still need to create additional repositories for each individual chart.
++)))
++1. Add New Repositories One by One (Recommended), preserve the old one till the end. This approach allows a smooth transition while the old ChartMuseum repository continues to function. You can:
++1*. Create a new OCI repository for each chart,
++1*. Keep the old ChartMuseum repo enabled during the migration,
++1*. Migrate applications gradually following the steps described here.
++1*. This avoids disruptions and allows controlled migration.
++
++1. //Special Case: Old Repo Targeting Multiple Chart Repos//
++If your existing repository targets multiple chart repositories and you need the new OCI setup to behave the same way, please **contact support.**
++To ensure a smooth transition, we recommend to **add an OCI-based repository alongside the existing ChartMuseum repository** during the migration phase. If you don't w
++
++| Term | Meaning
++| **Old Repository** | The existing HTTP/HTTPS Harbor ChartMuseum repository.
++| **New Repository** | The new OCI-based Helm chart repository created for your project (e.g. `<chart-repo-name>` in `<pkey>-helm`).
++
++##__**Why This Migration Is Required:**__##
++
++* ##ChartMuseum is deprecated and will be removed.##
++* ##Applications deployed from old repos keep a reference to that repo inside their labels.##
++* ##Without updating the application to point to the new OCI repo, **Rancher will not detect new chart versions from new repository**.##
++
++## Migration Steps:##
++
++1. ##Create the New OCI Repository in Rancher##
++11. Go to **Apps → Repositories**.
++11. Add a new repository of type **OCI**.
++11. Name it similarly to your old repo name (e.g. `<chart-repo-name>-oci`). __**You can't name it the same and can't rename it later.**__
++11. Point it to the new OCI endpoint.
++1. ##Disable the Old ChartMuseum Repository Temporarily##
++##This step ensures that Rancher resolves charts from the new OCI repo.##
++11. Go to **Apps → Repositories**.
++11. Disable the old HTTP(S)-based repository.
++11. Keep it disabled until the migration is done.
++[[image:1765548124989-482.59.06.png||height="152" width="485"]]
++1. ##Update Existing Applications to Use the New OCI Repo##
++Applications deployed with the old repository still contain the old repo name in their metadata. You must upgrade them once to transition.
++11. Go to **Apps → Installed Apps**.
++11. Open the application that was deployed using the old repo.
++11. Click **Edit/Upgrade**.
++[[image:1765548598644-830.png||height="138" width="811"]]
++11. In the list of available chart repositories (scroll to the bottom), select the **new OCI repository**. Or enter the chart name in search bar:
++[[image:1765548750604-334.png||height="293" width="308"]]
++11. Choose the chart version you want to deploy (same or newer).
++11. Click **Upgrade**.
++1. ##Re-enable the Old Repository (Optional) ##
++If you still need the old repo for other apps, re-enable it after the migration steps above.
++**Note:** Even if a newer chart version exists in the old repository, your migrated app **will not see it**, because it is no longer connected to that repo
++
++##If you want to move an app back to the old repository:##
++
++1. Temporarily disable the new OCI repo.
++1. Enable the old ChartMuseum repo.
++1. Open the application → **Upgrade**.
++1. Select the chart from the old repo.
++1. Save.
++
++This will reconnect the app to the old repository.
++
  = Automated deployments with Jenkins =
  In this section, we describe(% style="color:#172b4d" %) how to set-up **automated builds, tests and deployments** for Jenkins.

1765548124989-482.59.06.png

Author

...	...	@@ -1,0 +1,1 @@
	1	+xwiki:XWiki.dianastrebkovat-systemscom

Size

...	...	@@ -1,0 +1,1 @@
	1	+64.4 KB

Content

1765548598644-830.png

Author

...	...	@@ -1,0 +1,1 @@
	1	+xwiki:XWiki.dianastrebkovat-systemscom

Size

...	...	@@ -1,0 +1,1 @@
	1	+153.4 KB

Content

1765548750604-334.png

Author

...	...	@@ -1,0 +1,1 @@
	1	+xwiki:XWiki.dianastrebkovat-systemscom

Size

...	...	@@ -1,0 +1,1 @@
	1	+103.0 KB

Content

Changes for page Rancher 2

Summary

Details

DevOps-as-a-Service

Navigation