Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Private docker registry is causing chart installation to fail #365

Closed
4 of 6 tasks
bzlom opened this issue Nov 5, 2021 · 1 comment · Fixed by #371
Closed
4 of 6 tasks

Private docker registry is causing chart installation to fail #365

bzlom opened this issue Nov 5, 2021 · 1 comment · Fixed by #371
Labels
bug Something is not working.

Comments

@bzlom
Copy link

bzlom commented Nov 5, 2021
edited

Preflight checklist

Describe the bug

When trying to use ory Kratos helm chart with a private docker registry the deployment of kubernetes resources can fail for 2 reasons:

  1. if you enable automigration
  2. when the chart is deploying the courier

Reproducing the bug

Steps to reproduce the behaviour, we're using argo-cd to deploy our helm charts:

  1. Provide a private registry: repository: some-private-registry/oryd/kratos
  2. Provide the imagePullSecrets value, making sure you've created the kubernetes secret (for accessing this private docker registry) in the correct namespace where you'll be deploying ory-kratos
  3. enable automigration: autoMigrate: true

Relevant log output

Normal   Pulling    29m (x4 over 30m)    kubelet            Pulling image "some-private-registry/oryd/kratos:v0.6.3-alpha.1"
  Warning  Failed     29m (x4 over 30m)    kubelet            Failed to pull image "some-private-registry/oryd/kratos:v0.6.3-alpha.1": rpc error: code = Unknown desc = Error response from daemon: Head "https://some-private-registry/v2/oryd/kratos/manifests/v0.6.3-alpha.1": no basic auth credentials
  Warning  Failed     29m (x4 over 30m)    kubelet            Error: ErrImagePull
  Warning  Failed     29m (x6 over 30m)    kubelet            Error: ImagePullBackOff

Relevant configuration

apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
  name: ory-kratos-test
  namespace: argocd
spec:
  destination:
    name: ''
    namespace: kratos
    server: 'https://kubernetes.default.svc'
  source:
    path: ''
    repoURL: 'https://k8s.ory.sh/helm/charts'
    targetRevision: 0.20.2
    chart: kratos
    helm:
      values: |-
        image:
          repository: some-private-registry/oryd/kratos
          tag: v0.6.3-alpha.1
          pullPolicy: IfNotPresent
        imagePullSecrets:
        - name: infra-v1-nexus-pull-secret
...............
...............
        kratos:
          autoMigrate: false

Version

happens in both 0.15.1 and 0.20.2

On which operating system are you observing this issue?

Linux

In which environment are you deploying?

Kubernetes with Helm

Additional Context

I've had a look through the helm chart code for kratos and it looks the problem stems from the fact that in certain helm templates there isn't any reference to imagePullSecrets: defined in deployment.yaml. For example in our specific case: job-migration.yaml and statefulset-mail.yaml maybe there are more
@bzlom bzlom added the bug Something is not working. label Nov 5, 2021
@Demonsthere Demonsthere mentioned this issue Nov 19, 2021
Merged
6 tasks
@Demonsthere
Copy link
Collaborator

Hello there!
You are right, when reworking the charts we somehow forgot the imagePullSecrets. Already created a PR to fix that :)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something is not working.
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix: Add imagePullSecrets to other kratos elements Demonsthere/k8s
2 participants
@bzlom @Demonsthere