-
Bug
-
Resolution: Unresolved
-
Undefined
-
None
-
1.9.0
-
None
-
False
-
-
False
-
-
The current documentation for Installing RHDH on EKS instructs users to:
- Create a pull secret (my-rhdh-pull-secret)
- Patch the default service account with imagePullSecrets
This enables the kubelet to pull container images from registry.redhat.io. However, the install-dynamic-plugins init container uses skopeo to pull the catalog index image at runtime, and skopeo does not inherit kubelet's credentials.
Starting with RHDH 1.9, when RELATED_IMAGE_catalog_index points to registry.redhat.io, users will encounter:
InstallException: Failed to download catalog index image registry.redhat.io/rhdh/plugin-catalog-index:1.9: unable to retrieve auth token: invalid username/password: unauthorized
we could
Add a new step to Section 1.3 (and equivalent sections for AKS/GKE docs) to create the dynamic-plugins-registry-auth secret for example
### Provision registry credentials for the init container The `install-dynamic-plugins` init container uses skopeo to pull the catalog index image. Create an additional secret to provide registry credentials to skopeo: $ kubectl -n {my-rhdh-namespace} create secret generic dynamic-plugins-registry-auth \\ --from-file=auth.json=<path-to-auth.json> Where `auth.json` contains your registry credentials in Docker config format: { "auths": { "registry.redhat.io": { "auth": "<base64-encoded-username:password>" } } } Alternatively, if you already have a Docker config file: $ kubectl -n {my-rhdh-namespace} create secret generic dynamic-plugins-registry-auth \\ --from-file=auth.json=$HOME/.docker/config.json
- is related to
-
-
- In Progress
-
