Changes for page Rancher 2

Last modified by Diana Strebkova on 2026/04/20 09:21

Manage
- Copy
Actions
- Export
- Print Preview
Viewers
- Source
- Children
- Content
- Comments
- Likes

From 12.15 to 12.14 From 28.1 to 27.1

From version 27.1

edited by Diana Strebkova
on 2026/04/20 09:20

Change comment: There is no comment for this version

To version 12.15

edited by Diana Strebkova
on 2025/12/12 13:22

Change comment: There is no comment for this version

Raw
Rendered

Summary

Page properties (1 modified, 0 added, 0 removed)
Attachments (0 modified, 0 added, 3 removed)

Details

Page properties

Content

@@ -158,6 +158,10 @@
  == Add public helm chart ==
++{{warning width="70" title="Chartmuseum Deprecation"}}
++Chartmuseum is deprecated in new Harbor versions, we are migrating all helm charts to oci-compatible repositories in Harbor with "PKEY-helm" naming convention. For internal harbor repos, use new approach to add OCI chart repositories in rancher.
++{{/warning}}
++
  In this section, we describe (% style="color:#172b4d" %)how to add public helm charts like the one of DevOps-as-a-Service to a cluster to allow manual deployments.
  (% id="HCreateAppRepositoryinRancher" class="p1" %)
@@ -173,6 +173,49 @@
  (% class="p1" %)
  [[image:attach:Screenshot 2023-04-25 at 13.30.33.png||data-xwiki-image-style-border="true" queryparams="effects=drop-shadow" height="127" width="1100"]]
++(% id="H" class="p1" %)
++==== Target: http(s) URL ====
++
++{{warning}}
++This example is being deprecated, you can still add other external repositories in that way, but all internal harbor-hosted repositories should be added as Target: OCI Repository
++{{/warning}}
++
++(% class="p1" %)
++In the "Repository: Create" dialog, simply fill in the following fields. Authentication is not required.
++
++(% class="wrapped" %)
++|=(((
++Field
++)))|=(((
++Value
++)))
++|=(((
++Name
++)))|(((
++devops-as-a-service
++)))
++|=(((
++Description
++)))|(((
++Public Helm charts as documented at [[https:~~/~~/docs.devops.t-systems.net>>url:https://docs.devops.t-systems.net||shape="rect"]]
++)))
++|=(((
++Index URL
++)))|(((
++[[https:~~/~~/registry.sdc.t-systems.net/chartrepo/devopsaas/>>url:https://registry.sdc.t-systems.net/chartrepo/devopsaas/||shape="rect"]]
++)))
++
++[[image:attach:image-2024-2-27_14-29-17.png||data-xwiki-image-style-border="true" queryparams="effects=drop-shadow" width="540"]]
++
++(% class="p1" %)
++Finally, click Create.
++
++The repository is now listed:
++
++[[image:Screenshot 2024-07-03 at 15.13.55.png||data-xwiki-image-style-border="true" height="149" width="785"]]
++
++==== Target: OCI Repository ====
++
  To add public oci-repository, navigate to repository create button and click it. For target, use OCI Repository like shown below:
  [[image:1765207154466-828.png||height="298" width="821"]]
@@ -200,11 +200,11 @@
  )))|(((
  oci:~/~/registry.sdc.t-systems.net/devopsaas-helm/**<chartname>**, for example:
--oci:~/~/registry.sdc.t-systems.net/devopsaas-helm/jenkins-auto-agent
++oci:~/~/registry.sdc.t-systems.net/devopsaas-helm/jenkins-lib
--{{box}}
--Take into account, that all internal harbor repositories with helm charts have PKEY-helm naming convention, adding repo with both docker images and helm charts is not supported in rancher.
--{{/box}}
++{{info}}
++Take into account, that all internal harbor repositories with helm charts have PKEY-helm naming convention, adding repo with both docker images and helm charts may not be supported in rancher.
++{{/info}}
  )))
  {{info}}
@@ -225,7 +225,7 @@
  To add project specific helm charts to Rancher, a Harbor robot account is needed, that is able to read helm charts and pull repositories. If you don't have such an account yet, please follow the instructions given in the [[Create Robot Account section of the Harbor documentation>>doc:Harbor.Harbor 2\.7 Robot Accounts.WebHome||anchor="create_robot_account"]] and make sure to grant at least the following permissions:
--* Read Artifact
++* Read Helm Chart
  * Pull Repository
  (% id="HCreateAppRepositoryinRancher-1" class="p1" %)
@@ -234,17 +234,39 @@
  (% class="p1" %)
  In Rancher UI, switch to the intended cluster and go to Apps/Repositories using the left side menu.
++
  [[image:attach:Screenshot 2023-04-25 at 13.11.48.png||data-xwiki-image-style-border="true" queryparams="effects=drop-shadow" height="400" width="209"]]
  (% class="p1" %)
  Create a new Repository by pressing the Create button.
--(% class="p1" id="HTarget:http28s29URL-1" %)
--[[image:attach:Screenshot 2023-04-25 at 13.30.33.png||data-xwiki-image-style-border="true" queryparams="effects=drop-shadow" height="127" width="1100"]]
++(% id="HTarget:http28s29URL-1" class="p1" %)
++==== [[image:attach:Screenshot 2023-04-25 at 13.30.33.png||data-xwiki-image-style-border="true" queryparams="effects=drop-shadow" height="127" width="1100"]] ====
  (% id="HTarget:http28s29URL-1" class="p1" %)
--====   ====
++==== Target: http(s) URL ====
++{{warning title="Chartmuseum Deprecation"}}
++Chartmuseum in Harbor is deprecated, meaning we won't be able to add internal harbor repositories to Rancher that way anymore. Instead use Target: OCI repository.
++{{/warning}}
++
++(% class="p1" %)
++A name for the Repository has to be set. In the screenshot, the project name CITEST is used, which corresponds to our example from above.
++Choose http(s) URL to an index generated by Helm and provide the Index URL ##https:~/~/registry-<domain>.devops.t-systems.net/chartrepo/<project>/##
++
++(% class="p1" %)
++Replace ##<domain>## and ##<project>## as necessary to match your set-up.
++
++(% class="p1" %)
++For Authentication, select "Create a HTTP Basic Auth Secret" and provide the Username and Password of the Harbor robot account from the previous section.
++[[image:attach:Screenshot 2023-04-26 at 18.10.15.png||data-xwiki-image-style-border="true" queryparams="effects=drop-shadow" height="468" width="1100"]]
++
++(% class="p1" %)
++Click Create.
++
++(% id="HTarget:OCIRepository-1" class="p1" %)
++==== Target: OCI Repository ====
++
  {{info}}
  Now all internal helm charts are stored in harbor folders with -helm suffix. Adding the whole public project doesn't work natively anymore, so each separate chart should be added as a separate repo.//** If you have a real need to add the whole project, please contact support for finding a possible solution.**//
  {{/info}}
@@ -292,38 +292,48 @@
  {{/info}}
  )))
--== Migrating chart repositories in rancher to new OCI Repository format ==
++=== Migrating chart repositories in rancher to new OCI Repository format ===
  (% class="box warningmessage" %)
  (((
--ChartMuseum is deprecated. **All harbor charts are removed from ChartMuseum**, and **old HTTP(S)-based chart repositories no longer work in Rancher (for internal harbor charts)**.
++ChartMuseum is being deprecated. After the migration is complete, **all harbor charts will be removed from ChartMuseum**, and **old HTTP(S)-based chart repositories will no longer work in Rancher (for internal harbor charts)**.
  )))
--(% class="box" %)
--(((
--**All your charts are available in the corresponding  `<pkey>-helm` OCI project.**
--)))
--
  There are two ways to migrate your repositories:
--1. ##Direct Transition (Editing the Existing Repository)##
--1*. Change the target to “OCI Repository”.
--1*. Update the URL as required (the repository name cannot be changed) and add a new robot account for helm project, check documentation above
--1*. After saving, installed apps will automatically start using the updated repository.
--1*. (% class="box" %)
--(((
++1. Direct Transition (Editing the Existing Repository)
++ You can modify the existing repository directly:
++Change the target to “OCI Repository”.
++
++* Update the URL as required (the repository name cannot be changed).
++
++After saving, installed apps will automatically start using the updated repository.
++
  Important limitation: OCI repositories must point directly to a single chart repository, not to a parent folder.
  If your old repository included several charts (for example “bitbucket” and “jira”), then after switching to OCI you can only target one chart (e.g. “bitbucket”).
  The other charts will no longer receive updates through this repo, and you will still need to create additional repositories for each individual chart.
++
++1. Add New Repositories One by One (Recommended)
++
++This approach allows a smooth transition while the old ChartMuseum repository continues to function.
++You can:
++
++* Create a new OCI repository for each chart,
++* Keep the old ChartMuseum repo enabled during the migration,
++* Migrate applications gradually following the steps described in the main migration guide.
++
++This avoids disruptions and allows controlled migration.
++
++Special Case: Old Repo Targeting Multiple Chart Repos
++
++If your existing repository targets multiple chart repositories and you need the new OCI setup to behave the same way, please contact support. OCI does not support multi-chart endpoints within a single repository, and we can help you find an appropriate solution.
++
++To ensure a smooth transition, we recommend to **add an OCI-based repository alongside the existing ChartMuseum repository** during the migration phase. If you don't w
++
++(% class="box" %)
++(((
++**We will make your charts available in the corresponding new `<pkey>-helm` OCI projects.**
  )))
--1. Add New Repositories One by One (Recommended), preserve the old one till the end. This approach allows a smooth transition while the old ChartMuseum repository continues to function. You can:
--1*. Create a new OCI repository for each chart,
--1*. Keep the old ChartMuseum repo enabled during the migration,
--1*. Migrate applications gradually following the steps described here.
--1*. This avoids disruptions and allows controlled migration.
--
--1. //Special Case: Old Repo Targeting Multiple Chart Repos//
--If your existing repository targets multiple chart repositories and you need the new OCI setup to behave the same way, please **contact support.**
  | Term | Meaning
  | **Old Repository** | The existing HTTP/HTTPS Harbor ChartMuseum repository.
@@ -331,7 +331,7 @@
  ##__**Why This Migration Is Required:**__##
--* ##ChartMuseum is deprecated.##
++* ##ChartMuseum is deprecated and will be removed.##
  * ##Applications deployed from old repos keep a reference to that repo inside their labels.##
  * ##Without updating the application to point to the new OCI repo, **Rancher will not detect new chart versions from new repository**.##
@@ -340,7 +340,7 @@
 . ##Create the New OCI Repository in Rancher##
 . Go to **Apps → Repositories**.
 . Add a new repository of type **OCI**.
--11. Name it similarly to your old repo name (e.g. `<chart-repo-name>-oci`). __**You can't name it the same and can't rename it later.**__
++11. Name it similarly to your old repo name (e.g. `<chart-repo-name>-oci`). You can't name it the same.
 . Point it to the new OCI endpoint.
 . ##Disable the Old ChartMuseum Repository Temporarily##
  ##This step ensures that Rancher resolves charts from the new OCI repo.##
@@ -347,15 +347,12 @@
 . Go to **Apps → Repositories**.
 . Disable the old HTTP(S)-based repository.
 . Keep it disabled until the migration is done.
--[[image:1765548124989-482.59.06.png||height="152" width="485"]]
 . ##Update Existing Applications to Use the New OCI Repo##
  Applications deployed with the old repository still contain the old repo name in their metadata. You must upgrade them once to transition.
 . Go to **Apps → Installed Apps**.
 . Open the application that was deployed using the old repo.
--11. Click **Edit/Upgrade**.
--[[image:1765548598644-830.png||height="138" width="811"]]
--11. In the list of available chart repositories (scroll to the bottom), select the **new OCI repository**. Or enter the chart name in search bar:
--[[image:1765548750604-334.png||height="293" width="308"]]
++11. Click **Upgrade**.
++11. In the list of available chart repositories (scroll to the bottom), select the **new OCI repository**.
 . Choose the chart version you want to deploy (same or newer).
 . Click **Upgrade**.
 . ##Re-enable the Old Repository (Optional) ##
@@ -362,8 +362,11 @@
  If you still need the old repo for other apps, re-enable it after the migration steps above.
  **Note:** Even if a newer chart version exists in the old repository, your migrated app **will not see it**, because it is no longer connected to that repo
--##If you want to move an app back to the old repository:##
++----
++## Reverting the Migration (If Needed)
++If you want to move an app back to the old repository:##
++
 . Temporarily disable the new OCI repo.
 . Enable the old ChartMuseum repo.
 . Open the application → **Upgrade**.
@@ -372,7 +372,8 @@
  This will reconnect the app to the old repository.
--= Automated deployments with Jenkins =
++=
++Automated deployments with Jenkins =
  In this section, we describe(% style="color:#172b4d" %) how to set-up **automated builds, tests and deployments** for Jenkins.

1765548124989-482.59.06.png

Author

...	...	@@ -1,1 +1,0 @@
1		-xwiki:XWiki.dianastrebkovat-systemscom

Size

...	...	@@ -1,1 +1,0 @@
1		-64.4 KB

Content

1765548598644-830.png

Author

...	...	@@ -1,1 +1,0 @@
1		-xwiki:XWiki.dianastrebkovat-systemscom

Size

...	...	@@ -1,1 +1,0 @@
1		-153.4 KB

Content

1765548750604-334.png

Author

...	...	@@ -1,1 +1,0 @@
1		-xwiki:XWiki.dianastrebkovat-systemscom

Size

...	...	@@ -1,1 +1,0 @@
1		-103.0 KB

Content