Skip to Content

Changes for page Rancher 2

Last modified by Diana Strebkova on 2026/04/20 09:21
From version 26.1
edited by Diana Strebkova
on 2026/04/20 09:19
Change comment: Removed references to chartmuseum
To version 2.2
edited by Diana Strebkova
on 2025/12/08 15:17
Change comment: There is no comment for this version

Summary

Details

Page properties
Content
... ... @@ -158,6 +158,10 @@
158 158  
159 159  == Add public helm chart ==
160 160  
161 +{{warning width="70" title="Chartmuseum Deprecation"}}
162 +Chartmuseum is deprecated in new Harbor versions, we are migrating all helm charts to oci-compatible repositories in Harbor! New approach to add chart repositories in rancher.
163 +{{/warning}}
164 +
161 161  In this section, we describe (% style="color:#172b4d" %)how to add public helm charts like the one of DevOps-as-a-Service to a cluster to allow manual deployments.
162 162  
163 163  (% id="HCreateAppRepositoryinRancher" class="p1" %)
... ... @@ -173,10 +173,17 @@
173 173  (% class="p1" %)
174 174  [[image:attach:Screenshot 2023-04-25 at 13.30.33.png||data-xwiki-image-style-border="true" queryparams="effects=drop-shadow" height="127" width="1100"]]
175 175  
176 -To add public oci-repository, navigate to repository create button and click it. For target, use OCI Repository like shown below:
180 +(% id="H" class="p1" %)
181 +==== ====
177 177  
178 -[[image:1765207154466-828.png||height="298" width="821"]]
183 +(% id="HTarget:http28s29URL" class="p1" %)
184 +==== Target: http(s) URL ====
179 179  
186 +{{warning}}
187 +This example is being deprecated, you can still add other external repositories in that way, but all internal harbor-hosted repositories should be added as Target: OCI Repository
188 +{{/warning}}
189 +
190 +(% class="p1" %)
180 180  In the "Repository: Create" dialog, simply fill in the following fields. Authentication is not required.
181 181  
182 182  (% class="wrapped" %)
... ... @@ -188,7 +188,7 @@
188 188  |=(((
189 189  Name
190 190  )))|(((
191 -devopsaas-jenkins-auto-agent
202 +devops-as-a-service
192 192  )))
193 193  |=(((
194 194  Description
... ... @@ -198,74 +198,30 @@
198 198  |=(((
199 199  Index URL
200 200  )))|(((
201 -oci:~/~/registry.sdc.t-systems.net/devopsaas-helm/**<chartname>**, for example:
202 -
203 -oci:~/~/registry.sdc.t-systems.net/devopsaas-helm/jenkins-auto-agent
204 -
205 -{{box}}
206 -Take into account, that all internal harbor repositories with helm charts have PKEY-helm naming convention, adding repo with both docker images and helm charts is not supported in rancher.
207 -{{/box}}
212 +[[https:~~/~~/registry.sdc.t-systems.net/chartrepo/devopsaas/>>url:https://registry.sdc.t-systems.net/chartrepo/devopsaas/||shape="rect"]]
208 208  )))
209 209  
210 -{{info}}
211 -Now all internal helm charts are stored in harbor folders with -helm suffix. Adding the whole public project doesn't work natively anymore, so each separate chart should be added as a separate repo. //**If you have a need in adding the whole project with many repositories, please contact support for finding a possible solution.**//
212 -{{/info}}
215 +[[image:attach:image-2024-2-27_14-29-17.png||data-xwiki-image-style-border="true" queryparams="effects=drop-shadow" width="540"]]
213 213  
214 -=== Deploy Helm charts ===
215 -
216 -Now go to Apps>Charts and filter if necessary for the devops-as-a-service Helm chart repository. Like shown below, a list of available charts is displayed. Simply click on one of the tiles to deploy them to your cluster.
217 -
218 -Please note that the jenkins-lib charts are only generated for testing purposes. It doesn't make sense to deploy them. Your Jenkins is automatically retrieving the Jenkinslib directly using [[Git>>url:https://prd.sdc.t-systems.net/bitbucket/projects/DEVOPSAAS/repos/sdcloud-caas-jenkins-libs/browse||shape="rect"]].
219 -
220 -[[image:attach:image-2023-5-19_16-1-52.png||data-xwiki-image-style-border="true" queryparams="effects=drop-shadow" width="1100"]]
221 -
222 -== Add private chart repository ==
223 -
224 -=== Create a robot account in Harbor ===
225 -
226 -To add project specific helm charts to Rancher, a Harbor robot account is needed, that is able to read helm charts and pull repositories. If you don't have such an account yet, please follow the instructions given in the [[Create Robot Account section of the Harbor documentation>>doc:Harbor.Harbor 2\.7 Robot Accounts.WebHome||anchor="create_robot_account"]] and make sure to grant at least the following permissions:
227 -
228 -* Read Artifact
229 -* Pull Repository
230 -
231 -(% id="HCreateAppRepositoryinRancher-1" class="p1" %)
232 -=== Create App Repository in Rancher ===
233 -
234 234  (% class="p1" %)
235 -In Rancher UI, switch to the intended cluster and go to Apps/Repositories using the left side menu.
218 +Finally, click Create.
236 236  
237 -[[image:attach:Screenshot 2023-04-25 at 13.11.48.png||data-xwiki-image-style-border="true" queryparams="effects=drop-shadow" height="400" width="209"]]
220 +The repository is now listed:
238 238  
239 -(% class="p1" %)
240 -Create a new Repository by pressing the Create button.
222 +[[image:Screenshot 2024-07-03 at 15.13.55.png||data-xwiki-image-style-border="true" height="149" width="785"]]
241 241  
242 -(% class="p1" id="HTarget:http28s29URL-1" %)
243 -[[image:attach:Screenshot 2023-04-25 at 13.30.33.png||data-xwiki-image-style-border="true" queryparams="effects=drop-shadow" height="127" width="1100"]]
244 -
245 -(% id="HTarget:http28s29URL-1" class="p1" %)
246 246  ==== ====
247 247  
248 -{{info}}
249 -Now all internal helm charts are stored in harbor folders with -helm suffix. Adding the whole public project doesn't work natively anymore, so each separate chart should be added as a separate repo.//** If you have a real need to add the whole project, please contact support for finding a possible solution.**//
250 -{{/info}}
226 +==== Target: OCI Repository ====
251 251  
252 -(% class="p1" %)
253 -Choose OCI repository in Target and for url, use  ##oci:~/~/registry-<domain>.devops.t-systems.net/<project>-helm/<chartname>##
228 +To add public oci-repository, navigate to repository create button and click it.
254 254  
255 -(% class="box" %)
256 -(((
257 -Replace ##<domain>## , ##<project>##  and ##<chartname> ##as necessary to match your set-up. Your charts should be stored in ##<project>-helm ##repository in Harbor, which is created by default when project is created in portal.
258 -)))
230 +[[image:1765206888644-487.png||height="320" width="907"]]
259 259  
232 +
260 260  (% class="p1" %)
261 -For Authentication, select "Create a HTTP Basic Auth Secret" and provide the Username and Password of the Harbor robot account from the previous section.
234 +In the "Repository: Create" dialog, simply fill in the following fields. Authentication is not required.
262 262  
263 -(% class="wikigeneratedid" %)
264 -[[image:1765208347952-345.36.18.png||height="449" width="849"]]
265 -
266 -(% class="wikigeneratedid" %)
267 -Click Create.
268 -
269 269  (% class="wrapped" %)
270 270  |=(((
271 271  Field
... ... @@ -275,103 +275,65 @@
275 275  |=(((
276 276  Name
277 277  )))|(((
278 -sdcloud-sdportal
245 +devops-as-a-service-helm
279 279  )))
280 280  |=(((
281 281  Description
282 282  )))|(((
283 -Sdportal charts of sdcloud project
250 +Public Helm charts as documented at [[https:~~/~~/docs.devops.t-systems.net>>url:https://docs.devops.t-systems.net||shape="rect"]]
284 284  )))
285 285  |=(((
286 286  Index URL
287 287  )))|(((
288 -oci:~/~/registry.sdc.t-systems.net/sdcloud-helm/sdportal
289 -
290 -{{info}}
291 -Now we should target a chart repo directly, not the whole project. In you need to reference the whole project with a lot of repos, please contact support to find a possible solution.
292 -{{/info}}
255 +[[https:~~/~~/registry.sdc.t-systems.net/chartrepo/devopsaas/>>url:https://registry.sdc.t-systems.net/chartrepo/devopsaas/||shape="rect"]]
293 293  )))
294 294  
295 -== Migrating chart repositories in rancher to new OCI Repository format ==
296 296  
297 -(% class="box warningmessage" %)
298 -(((
299 -ChartMuseum is deprecated. **All harbor charts are removed from ChartMuseum**, and **old HTTP(S)-based chart repositories no longer work in Rancher (for internal harbor charts)**.
300 -)))
301 301  
302 -(% class="box" %)
303 -(((
304 -**All your charts are available in the corresponding  `<pkey>-helm` OCI project.**
305 -)))
260 +=== Deploy Helm charts ===
306 306  
307 -There are two ways to migrate your repositories:
262 +Now go to Apps>Charts and filter if necessary for the devops-as-a-service Helm chart repository. Like shown below, a list of available charts is displayed. Simply click on one of the tiles to deploy them to your cluster.
308 308  
309 -1. ##Direct Transition (Editing the Existing Repository)##
310 -1*. Change the target to “OCI Repository”.
311 -1*. Update the URL as required (the repository name cannot be changed) and add a new robot account for helm project, check documentation above
312 -1*. After saving, installed apps will automatically start using the updated repository.
313 -1*. (% class="box" %)
314 -(((
315 -Important limitation: OCI repositories must point directly to a single chart repository, not to a parent folder.
316 -If your old repository included several charts (for example “bitbucket” and “jira”), then after switching to OCI you can only target one chart (e.g. “bitbucket”).
317 -The other charts will no longer receive updates through this repo, and you will still need to create additional repositories for each individual chart.
318 -)))
319 -1. Add New Repositories One by One (Recommended), preserve the old one till the end. This approach allows a smooth transition while the old ChartMuseum repository continues to function. You can:
320 -1*. Create a new OCI repository for each chart,
321 -1*. Keep the old ChartMuseum repo enabled during the migration,
322 -1*. Migrate applications gradually following the steps described here.
323 -1*. This avoids disruptions and allows controlled migration.
324 -
325 -1. //Special Case: Old Repo Targeting Multiple Chart Repos//
326 -If your existing repository targets multiple chart repositories and you need the new OCI setup to behave the same way, please **contact support.**
264 +Please note that the jenkins-lib charts are only generated for testing purposes. It doesn't make sense to deploy them. Your Jenkins is automatically retrieving the Jenkinslib directly using [[Git>>url:https://prd.sdc.t-systems.net/bitbucket/projects/DEVOPSAAS/repos/sdcloud-caas-jenkins-libs/browse||shape="rect"]].
327 327  
328 -| Term | Meaning
329 -| **Old Repository** | The existing HTTP/HTTPS Harbor ChartMuseum repository.
330 -| **New Repository** | The new OCI-based Helm chart repository created for your project (e.g. `<chart-repo-name>` in `<pkey>-helm`).
266 +[[image:attach:image-2023-5-19_16-1-52.png||data-xwiki-image-style-border="true" queryparams="effects=drop-shadow" width="1100"]]
331 331  
332 -##__**Why This Migration Is Required:**__##
268 +== Add private chart repository ==
333 333  
334 -* ##ChartMuseum is deprecated.##
335 -* ##Applications deployed from old repos keep a reference to that repo inside their labels.##
336 -* ##Without updating the application to point to the new OCI repo, **Rancher will not detect new chart versions from new repository**.##
337 337  
338 -## Migration Steps:##
271 +=== Create a robot account in Harbor ===
339 339  
340 -1. ##Create the New OCI Repository in Rancher##
341 -11. Go to **Apps → Repositories**.
342 -11. Add a new repository of type **OCI**.
343 -11. Name it similarly to your old repo name (e.g. `<chart-repo-name>-oci`). __**You can't name it the same and can't rename it later.**__
344 -11. Point it to the new OCI endpoint.
345 -1. ##Disable the Old ChartMuseum Repository Temporarily## 
346 -##This step ensures that Rancher resolves charts from the new OCI repo.##
347 -11. Go to **Apps → Repositories**.
348 -11. Disable the old HTTP(S)-based repository.
349 -11. Keep it disabled until the migration is done.
350 -[[image:1765548124989-482.59.06.png||height="152" width="485"]]
351 -1. ##Update Existing Applications to Use the New OCI Repo##
352 -Applications deployed with the old repository still contain the old repo name in their metadata. You must upgrade them once to transition.
353 -11. Go to **Apps → Installed Apps**.
354 -11. Open the application that was deployed using the old repo.
355 -11. Click **Edit/Upgrade**.
356 -[[image:1765548598644-830.png||height="138" width="811"]]
357 -11. In the list of available chart repositories (scroll to the bottom), select the **new OCI repository**. Or enter the chart name in search bar:
358 -[[image:1765548750604-334.png||height="293" width="308"]]
359 -11. Choose the chart version you want to deploy (same or newer).
360 -11. Click **Upgrade**.
361 -1. ##Re-enable the Old Repository (Optional) ##
362 -If you still need the old repo for other apps, re-enable it after the migration steps above.
363 -**Note:** Even if a newer chart version exists in the old repository, your migrated app **will not see it**, because it is no longer connected to that repo
273 +To add project specific helm charts to Rancher, a Harbor robot account is needed, that is able to read helm charts and pull repositories. If you don't have such an account yet, please follow the instructions given in the [[Create Robot Account section of the Harbor documentation>>doc:Harbor.Harbor 2\.7 Robot Accounts.WebHome||anchor="create_robot_account"]] and make sure to grant at least the following permissions:
364 364  
365 -##If you want to move an app back to the old repository:##
275 +* Read Helm Chart
276 +* Pull Repository
366 366  
367 -1. Temporarily disable the new OCI repo.
368 -1. Enable the old ChartMuseum repo.
369 -1. Open the application → **Upgrade**.
370 -1. Select the chart from the old repo.
371 -1. Save.
278 +(% id="HCreateAppRepositoryinRancher-1" class="p1" %)
279 +=== Create App Repository in Rancher ===
372 372  
373 -This will reconnect the app to the old repository.
281 +(% class="p1" %)
282 +In Rancher UI, switch to the intended cluster and go to Apps/Repositories using the left side menu.
283 +[[image:attach:Screenshot 2023-04-25 at 13.11.48.png||data-xwiki-image-style-border="true" queryparams="effects=drop-shadow" height="400" width="209"]]
374 374  
285 +(% class="p1" %)
286 +Create a new Repository by pressing the Create button.
287 +
288 +(% class="p1" %)
289 +[[image:attach:Screenshot 2023-04-25 at 13.30.33.png||data-xwiki-image-style-border="true" queryparams="effects=drop-shadow" height="127" width="1100"]]
290 +\\A name for the Repository has to be set. In the screenshot, the project name CITEST is used, which corresponds to our example from above.
291 +Choose http(s) URL to an index generated by Helm and provide the Index URL ##https:~/~/registry-<domain>.devops.t-systems.net/chartrepo/<project>/##
292 +
293 +(% class="p1" %)
294 +Replace ##<domain>## and ##<project>## as necessary to match your set-up.
295 +
296 +(% class="p1" %)
297 +For Authentication, select "Create a HTTP Basic Auth Secret" and provide the Username and Password of the Harbor robot account from the previous section.
298 +[[image:attach:Screenshot 2023-04-26 at 18.10.15.png||data-xwiki-image-style-border="true" queryparams="effects=drop-shadow" height="468" width="1100"]]
299 +
300 +(% class="p1" %)
301 +Click Create.
302 +
303 +
375 375  = Automated deployments with Jenkins =
376 376  
377 377  In this section, we describe(% style="color:#172b4d" %) how to set-up **automated builds, tests and deployments** for Jenkins.
1765207032873-684.png
Author
... ... @@ -1,1 +1,0 @@
1 -xwiki:XWiki.dianastrebkovat-systemscom
Size
... ... @@ -1,1 +1,0 @@
1 -142.1 KB
Content
1765207154466-828.png
Author
... ... @@ -1,1 +1,0 @@
1 -xwiki:XWiki.dianastrebkovat-systemscom
Size
... ... @@ -1,1 +1,0 @@
1 -143.6 KB
Content
1765208347952-345.36.18.png
Author
... ... @@ -1,1 +1,0 @@
1 -xwiki:XWiki.dianastrebkovat-systemscom
Size
... ... @@ -1,1 +1,0 @@
1 -199.3 KB
Content
1765548124989-482.59.06.png
Author
... ... @@ -1,1 +1,0 @@
1 -xwiki:XWiki.dianastrebkovat-systemscom
Size
... ... @@ -1,1 +1,0 @@
1 -64.4 KB
Content
1765548598644-830.png
Author
... ... @@ -1,1 +1,0 @@
1 -xwiki:XWiki.dianastrebkovat-systemscom
Size
... ... @@ -1,1 +1,0 @@
1 -153.4 KB
Content
1765548750604-334.png
Author
... ... @@ -1,1 +1,0 @@
1 -xwiki:XWiki.dianastrebkovat-systemscom
Size
... ... @@ -1,1 +1,0 @@
1 -103.0 KB
Content
© 2018-2026 T-Systems International GmbH