I want to use Helm with Gitlab to deploy my services to OpenShift.
I have a Gitlab Runner deployed in OpenShift.
I already have Tiller installed in Openshift under the tiller namespace and am using the docker image docker.greater.com.au/platform/images/dtzar/helm-kubectl:latest
My system is also behind a proxy which I won't be able to get past.
As part of one of my Gitlab CI build steps I have the following:
$ helm init --client-only
Creating /root/.helm
Creating /root/.helm/repository
Creating /root/.helm/repository/cache
Creating /root/.helm/repository/local
Creating /root/.helm/plugins
Creating /root/.helm/starters
Creating /root/.helm/cache/archive
Creating /root/.helm/repository/repositories.yaml
Adding stable repo with URL: https://kubernetes-charts.storage.googleapis.com
Error: Looks like "https://kubernetes-charts.storage.googleapis.com" is not a valid chart repository or cannot be reached: Get https://kubernetes-charts.storage.googleapis.com/index.yaml: Proxy Authorization Required
My main question is I am wondering if it's possible to disable Helm from trying to add https://kubernetes-charts.storage.googleapis.com as a repostiory as part of helm init?
It might be worth noting that I do not know if helm init --client-only is a required step in using helm with this setup.
I have also tried a simple helm version and the server is responding with a Proxy Authorization Required error.
Client: &version.Version{SemVer:"v2.12.1",
GitCommit:"02a47c7249b1fc6d8fd3b94e6b4babf9d818144e", GitTreeState:"clean"}
Error: Get https://---.---.---.---:---/api/v1/namespaces/tiller/pods?labelSelector=app%3Dhelm%2Cname%3Dtiller: Proxy Authorization Required
I've removed the IP address but it's trying to resolve the Tiller server from the wrong IP address when running this helm version command.
You can define which stable repository you would like to use with option -o --stable-repo-url url.
Example: helm init --client-only --stable-repo-url https://path.to.my.repo
You could found more info here
Related
I want to use Helm on new environment that only have access to Internte via Proxy.
How can I use Helm commands with proxy?
helm repo add ....
helm repo update
I tried to give proxy in command but I get following error:
Error: "helm repo add" requires 2 arguments
I am working on helm 2 and trying to deploy Tiller as pod.
>helm init --service-account tiller
But i am getting below Error:
Error: error initializing: Looks like "https://kubernetes-charts.storage.googleapis.com" is not a valid chart repository or cannot be reached: Get https://kubernetes-charts.storage.googleapis.com/index.yaml: dial tcp 172.217.2.240:443: connect: connection timed out
Has anyone faced this error and if yes , what is the recommended way to overcome this for helm2?
Helm versions prior to 2.17.0 have the deprecated https://kubernetes-charts.storage.googleapis.com/index.yaml as the default stable repository, which no longer resolves. The new repo is https://charts.helm.sh/stable. You can choose to:
Use the --stable-repo-url argument to specify the new repository:
helm init --stable-repo-url https://charts.helm.sh/stable --service-account tiller
Use the --skip-refresh argument and replace the stable repo:
helm init --client-only --skip-refresh
helm repo rm stable
helm repo add stable https://charts.helm.sh/stable
Upgrade helm to 2.17.0 or later.
helm init --client-only --skip-refresh
helm repo rm stable
helm repo add stable https://charts.helm.sh/stable
update the urls like below solved my issue
Name : stable
Old Location:https://kubernetes-charts.storage.googleapis.com
New Location:https://charts.helm.sh/stable
Name : incubator
Old Location:https://kubernetes-charts-incubator.storage.googleapis.com
New Location:https://charts.helm.sh/incubator
Reference:https://helm.sh/blog/new-location-stable-incubator-charts/
repo is not avail. use below repo.
k8scka#master:~$ helm3 repo add stable https://charts.helm.sh/stable
"stable" has been added to your repositories
k8scka#master:~$
I had this issue when targeting a helm_release resource in Terraform that was using the helm2 provider. We tracked it down to the root cause being a missing ~/.helm/repository/repositories.yaml file that helm2 uses, which must be also used by the Terraform provider.
The file can be recreated with a helm v2 client with
helm2 init --stable-repo-url https://charts.helm.sh/stable --client-only
There is no need to keep the helm v2 client afterwards if you only want to use Terraform.
Just for history and maybe anyone else will face also. Community answer.
Errors like "Error: error initializing: Looks like "https://kubernetes-charts.storage.googleapis.com" is not a valid chart repository or cannot be reached: Get https://kubernetes-charts.storage.googleapis.com/index.yaml: dial tcp 172.217.2.240:443: connect: connection timed out" are typically due to problems with Proxy and non-direct connection.
This was discussed in related github issue Cannot perform helm init behind proxy, lots have same problems. As per topic - users can have such problems with some of helm versions. Its recommended to use it starting from v2.11.0
We're trying to set up a local development environment with several microservices app under Skaffold. We managed to do it with base Skaffold, using a (slightly outdated) tutorial at https://github.com/ahmetb/skaffold-from-laptop-to-cloud. And to get Skaffold to push images to a local repository without Helm, all I had to do was set up the imageName to use something like localhost:5000/image_name.
But with Helm, well.... I set up a very crude Helm install (DISCLAIMER: I am not much familiar with Helm yet), just changing the skaffold YAML to use Helm and dumping all the .YAML deployment and service files into the Helm chart's /templates directory, and that bombed.
Skaffold then successfully creates any pods that rely on a stock external image (like redis), but then whenever anything uses an image that would be generated from a local Dockerfile, it gets stuck and throws this error:
Failed to pull image "localhost:5000/k8s-skaffold/php-test": rpc
error: code = Unknown desc = Error response from daemon: Get
http://localhost:5000/v2/: dial tcp [::1]:5000: connect: connection
refused
As far as I can tell, that's the error that comes when we haven't initialized a local Docker image repository - but with the non-Helm version, we don't need to start up a local image repository, Skaffold just makes that magic happen. Which is part of the appeal OF Skaffold.
So how do we automagically get Skaffold to create Helm charts that create and pull from a local repository? (As noted, this may be my unfamiliarity with Helm. If so, I apologize.)
The Skaffold YAML is this:
apiVersion: skaffold/v1beta7
kind: Config
build:
tagPolicy:
sha256: {}
artifacts:
- image: localhost:5000/k8s-skaffold/php-test
context: voting-app/php-test
deploy:
helm:
releases:
- name: php-help-test
chartPath: helm
#wait: true
#valuesFiles:
#- helm-skaffold-values.yaml
values:
image: localhost:5000/k8s-skaffold/php-test
#recreatePods will pass --recreate-pods to helm upgrade
#recreatePods: true
#overrides builds an override values.yaml file to run with the helm deploy
#overrides:
# some:
# key: someValue
#setValues get appended to the helm deploy with --set.
#setValues:
#some.key: someValue
And the Helm Chart values.yaml is the default provided by a generated chart. I can also provide the Dockerfile if needed, but it's just pulling from that image.
You can't use localhost in your image definition. For the sake of testing you can try to use the ip of the host where your private registry is running, say if the host has address 222.0.0.2, then use image: 222.0.0.2:5000/k8s-skaffold/php-test.
It is of course undesirable to hard-code an address so a better way is to omit the "host" part entirely;
image: k8s-skaffold/php-test:v0.1
In this case your CRI (Container Runtime Interface) plugin will try a sequence of servers, for instance docker.io. The servers are configurable but unfortunately I don't know how to configure it for "docker" since I use cri-o myself.
I am trying to implement the CI/CD pipeline for my microservice by using Jenkins, Kubernetes and Kubernetes Helm. Here I am using Helm chart for packaging of YAML files and deployment into Kubernetes cluster. I am now learning the implementation of Helm chart and deployment. When I am learning, I found the image name definition in deployment YAML file.
I have two questions:
If we only defining the image name, then it will automatically pull from Docker Hub? Or do we need to define additionally anything in the deployment chart YAML file for pulling?
How the Helm Tiller communicating with Docker Hub registry?
Docker image names in Kubernetes manifests follow the same rules as everywhere else. If you have an image name like postgres:9.6 or myname/myimage:foo, those will be looked up on Docker Hub like normal. If you're using a third-party repository (Google GCR, Amazon ECR, quay.io, ...) you need to include the repository name in the image name. It's the exact same string you'd give to docker run or docker build -t.
Helm doesn't directly talk to the Docker registry. The Helm flow here is:
The local Helm client sends the chart to the Helm Tiller.
Tiller applies any templating in the chart, and sends it to the Kubernetes API.
This creates a Deployment object with an embedded Pod spec.
Kubernetes creates Pods from the Deployment, which have image name references.
So if your Helm chart names an image that doesn't exist, all of this flow will run normally, until it creates Pods that wind up in ImagePullBackOff state.
P.S.: if you're not already doing this, you should make the image tag (the part after the colon) configurable in your Helm chart, and declare your image name as something like myregistry.io/myname/myimage:{{ .Values.tag }}. Your CD system can then give each build a distinct tag and pass it into helm install. This makes it possible to roll back fairly seamlessly.
Run the command below. It will generate blank chart with values.yaml, add key value pare inside values.yaml and use them in your deployment.yaml file as variable.
helm create mychart
I'm trying to load a Helm chart into IBM Cloud Private. When I run the bx pr load-ppa-archive --archive command or the bx pr load-helm-chart --archive command, I get an error that says that it can't load my Helm chart:
FAILED
Post https://mycluster.icp:8443/helm-repo/import: Service Unavailable
How do I make this work?
If you're trying to load the Helm chart from a node in the IBM Cloud Private cluster, this error can be caused by your http_proxy or HTTP_PROXY settings. You can try two things:
1. Install the CLI on a computer that's not in the cluster and upload the chart from there.
2. Add mycluster and mycluster.icp to the NO_PROXY variable on the cluster node and try again.