I have created a NestJs app, packaged it into a bin-file using pkg, containerized it with docker image and name it projectABC. All of these were deployed in Ubuntu20 and the bin file runs perfectly fine.
Next, i wanted to try harbor repository. Following the tutorial, i created local harbor repository with self-signed certificate with this tut. I am using minikube to deploy harbor in my machine.
After harbor is up, i created a project with name "project", then pushed the projectABC image into it with Project registry set to Public. All is well from docker login, docker tag, to docker push. Testing the newly pushed image, i can docker pull and check the projectABC run as intended.
So now I want to deploy using helm chart. So far i have successfully login into registry and pushed an empty chart project.
helm create projectABC
export HELM_EXPERIMENTAL_OCI=1
helm chart save ./projectABC 192.168.1.69/project/ABC
helm registry login https://192.168.1.69 --insecure
helm chart push 192.168.1.69/project/ABC:0.0.1
Then i modified values.yaml to pull the image from harbor repo
image:
repository: 192.168.1.69/project/ABC:0.0.1
pullPolicy: Always
But it failed with result:
container in pod is waiting to start: trying and failing to pull image
So my questions:
Tried to create secret and follow this discussion, but failed. until:
I used kubectl describe to check what is going on with my pod. Turns out it failed to pull image due to certificate is signed by unknown authority.
Found this discussion in reddit, that showing minikube need to have a copy of the certificate inside its own directory. After providing the cert and restarting minikube, it works correctly.
# create the dir if it is not exist
mkdir -p ~/.minikube/files/etc/ssl/certs
# copy the cert
cp ~/your.crt ~/.minikube/files/etc/ssl/certs/your-crt.pem