Registry.connect.redhat.com required authentication

I’ve been attempting to setup Couchbase Autonomous Operator 1.1 under minikube.

I’ve managed to get as far as a running operator by adding a secret for my redhat account using kubectl create secret and adding imagePullSecrets to operator.yaml

However when I now attempt to create a CB cluster using cbopctl create -f couchbase-cluster.yaml I get an authentication error from the redhat registry when k8s attempts to pull the image for CB server.

How can I enable the pull of the server image?

Thanks

Chris.

That’s probably a question for RedHat at the end of the day :smiley:

What I do personally is create a Service Account via https://access.redhat.com/terms-based-registry/#/accounts. From the OpenShift Secret tab I download the secret YAML file.

Now one of the problems I’ve found is that if you run the .dockerconfigjson value in that YAML through base64 -d you will see that the auths section lists registry.redhat.io as the server. You’ll need to manually edit and re-encode this to use registry.connect.redhat.com instead.

From there I just create the secret in my namespace and link it to the Operator service account. For Couchbase server, at present, you’ll also need to link it to the default service account too.

That handles permission errors. The other likely candidate is that the image names are wrong. Ensure under the deployment image configuration you have registry.connect.redhat.com/couchbase/operator:1.1.0-1

Finally we only tests the RedHat images on OpenShift or Minishift, so I’m unsure as to whether it’ll work for you on Minikube.

Let me know if you need any more help!

Si

Si,

Thanks for your response. It turns out to be much simpler. The website auto downloads the redhat version of the operator as soon as you hit the download page. The option to choose the open source K8s version is not obvious. As a result I was using the wrong version of the operator for my environment.

Chris.

1 Like

You are right, that’s quite confusing! I’ll let the powers that be know about this and hopefully make it more interactive rather than “here have this!” :smiley: