1186 update, private repo, pull secrets (RedisLabs#86)

* Update operator image tag to release -1186 * updated operator tag to version -1186 * Release -1186, private repo, pull secrets Updated to reflect release -1186 Added pull secrets section Added private repo section
yuvallevy2 · Nov 6, 2019 · d4cd748 · d4cd748
1 parent 2f2b0d1
commit d4cd748
Show file tree

Hide file tree

Showing 3 changed files with 98 additions and 6 deletions.
diff --git a/README.md b/README.md
@@ -1,14 +1,17 @@
+
+
 ### Deploying Redis Enterprise K8s using an operator (custom controller)
 ### Table of Contents
 
 
 * [Prerequisites](#prerequisites)
 * [Deployment](#deployment)
 * [Configuration Options](#configuration)
+* [Private Repositories](#private-repositories)
+* [Pull Secrets](#pull-secrets)
 * [IPV4 enforcement](#ipv4-enforcement)
 
 
-
 #### Prerequisites:
 * A minimum of 3 nodes which support the following [requirements][]
 * A kubernetes version of 1.8 or higher
@@ -21,9 +24,9 @@ The following are the images and tags for this release:
 
 Redis Enterprise    -   `redislabs/redis:5.4.6-18` or `redislabs/redis:5.4.6-18.rhel7-openshift`
 
-Operator            -   `redislabs/operator:5.4.6-1183` or `redislabs/operator:5.4.6-1183.rhel7`
+Operator            -   `redislabs/operator:5.4.6-1186` or `redislabs/operator:5.4.6-1186.rhel7`
 
-Services Rigger     -   `redislabs/k8s-controller:5.4.6-1183` or `redislabs/k8s-controller:5.4.6-1183.rhel7`
+Services Rigger     -   `redislabs/k8s-controller:5.4.6-1186` or `redislabs/k8s-controller:5.4.6-1186.rhel7`
 
 Service Broker      -   `redislabs/service-broker:78_4b9b17f` or `redislabs/service-broker:78_4b9b17f.rhel7`
 
@@ -218,7 +221,7 @@ Service Broker (only for supported clusters)
 ```
 
 CRDB (Active Active):
-*Currently supported for OpenShift
+*Currently supported for OpenShift*
 
 ```yaml
 activeActive: # edit values according to your cluster
@@ -244,6 +247,95 @@ activeActive: # edit values according to your cluster
         fqdn: <cluster3_name>.<cluster3_namespace>.svc.cluster.local
 ```
 
+#### Private Repositories
+
+Whenever images are not pulled from DockerHub, the following configuration options must be specified:
+
+In *RedisEnterpriseClusterSpec* (redis_enterprise_cluster.yaml):
+- *redisEnterpriseImageSpec*
+- *redisEnterpriseServicesRiggerImageSpec*
+- *serviceBrokerSpec - imageSpec* (if deploying the Service Broker)
+- *bootstrapperImageSpec*
+
+Image specifications in *RedisEnterpriseClusterSpec* follow the same schema:
+
+| Field | Description | Scheme | Default Value | Required |
+| ----- | ----------- | ------ | -------- | -------- |
+| repository | Repository | string |  | true |
+| versionTag |  | string |  | true |
+| imagePullPolicy |  | v1.PullPolicy |  | true |
+
+For example:
+```yaml
+  redisEnterpriseImageSpec:
+    imagePullPolicy:  IfNotPresent
+    repository:       harbor.corp.local/redisenterprise/redis
+    versionTag:       5.4.6-18
+```
+
+```yaml
+  redisEnterpriseServicesRiggerImageSpec:
+    imagePullPolicy:  IfNotPresent
+    repository:       harbor.corp.local/redisenterprise/k8s-controller
+    versionTag:       5.4.6-1186
+```
+
+```yaml
+  bootstrapperImageSpec:
+    imagePullPolicy:  IfNotPresent
+    repository:       harbor.corp.local/redisenterprise/operator
+    versionTag:       5.4.6-1186
+```
+
+In Operator Deployment spec (operator.yaml):
+- containers - image
+
+For example:
+```yaml
+spec:
+  template:
+    spec:
+      containers:
+        - name: redis-enterprise-operator
+          image: harbor.corp.local/redisenterprise/operator:5.4.6-1186
+```
+
+Image specification follow the [K8s Container schema](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.10/#container-v1-core).
+
+#### Pull secrets
+
+Private repositories which require login can be accessed by creating a pull secret and declaring it in both the *RedisEnterpriseClusterSpec* and in the Operator Deployment spec.
+
+[Create a pull secret](https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/#create-a-secret-by-providing-credentials-on-the-command-line) by running:
+
+```shell
+kubectl create secret docker-registry regcred --docker-server=<your-registry-server> --docker-username=<your-name> --docker-password=<your-pword> --docker-email=<your-email>
+```
+where:
+
+-   `<your-registry-server>`  is your Private Docker Registry FQDN. ([https://index.docker.io/v1/](https://index.docker.io/v1/)  for DockerHub)
+-   `<your-name>`  is your Docker username.
+-   `<your-pword>`  is your Docker password.
+-   `<your-email>`  is your Docker email.
+
+This creates a pull secret names `regcred`
+
+To use in the *RedisEnterpriseClusterSpec*:
+```yaml
+spec:
+  pullSecrets:
+    -name: regcred
+```  
+
+To use in the Operator Deployment:
+```yaml
+spec:
+  template:
+    spec:
+      imagePullSecrets:
+      -name: regcred
+```
+
 #### IPV4 enforcement
 You might not have IPV6 support in your K8S cluster.
 In this case, you could enforce the use of IPV4, by adding the following attribute to the REC spec:

diff --git a/operator.yaml b/operator.yaml
@@ -15,7 +15,7 @@ spec:
       serviceAccount: redis-enterprise-operator
       containers:
         - name: redis-enterprise-operator
-          image: redislabs/operator:5.4.6-1183
+          image: redislabs/operator:5.4.6-1186
           securityContext:
             runAsUser: 1001
           command:

diff --git a/operator_rhel.yaml b/operator_rhel.yaml
@@ -15,7 +15,7 @@ spec:
       serviceAccount: redis-enterprise-operator
       containers:
         - name: redis-enterprise-operator
-          image: redislabs/operator:5.4.6-1183.rhel7
+          image: redislabs/operator:5.4.6-1186.rhel7
           securityContext:
             runAsUser: 1001
           command: