Harbor with external redis

[rakeshreddyrg09]

Hello, fellow developers in harbor
I am trying to install harbor with helm chart v 1.13.0, when it comes to the redis: external,
the harbor values file says If using existingSecret, the key must be REDIS_PASSWORD

but when I install the redis using helm chart (from bitnami) version 18.0.4 (appVersion: 7.2.1) the secret name is redis and its key is redis-password, not REDIS_PASSWORD. Can you please look into this team.

For the time being I have manually edited the helm chart of redis to change the key name of the secret to REDIS_PASSWORD and installed the harbor.

here is the below issue I am facing

Steps to reproduce the problem:
Install harbor helm chart version 1.13.0
install redis helm chart version 18.0.4 (from bitnami)
change the redis type: external

[zyyw]

Hi @rakeshreddyrg09 , when installing Harbor via harbor-helm with existingSecret for external redis, the key of the existingSecret of external redis must be REDIS_PASSWORD, regard less of how the external redis is installed.

As for the error of NOAUTH Authentication required, it seems that, after you change the key name of the existingSecret of external redis to REDIS_PASSWORD, Harbor can talk to the redis but likely the auth credentials is not correct. Could you please double check whether you can PING the redis-server via redis-cli with the auth credentials specified in REDIS_PASSWORD?

[MinerYang]

Hi @rakeshreddyrg09 ,
Could you please verify a few things

1. as shengwen mentioned above, could you use the redis-cli -h <hostname> -a <pasword> to check if the password is correct.
2. how do you create the secret ? Is it under same namespace with harbor instance? Could you also kindly provide the secret manifest ?
3. could you provide the redis url that is been rendered? such as kubectl get cm <harbor-core-cm> -o yaml | grep _REDIS_URL_CORE

[rakeshreddyrg09]

Hi @MinerYang, Sorry for the late response

1. I checked the password, it is correct.
2. Yes it is in the same namespace harbor. the below is crated my me, referring redis secret.
   
   redis secret:
   

[rakeshreddyrg09]

Hi @rakeshreddyrg09 , when installing Harbor via harbor-helm with existingSecret for external redis, the key of the existingSecret of external redis must be REDIS_PASSWORD, regard less of how the external redis is installed.

As for the error of NOAUTH Authentication required, it seems that, after you change the key name of the existingSecret of external redis to REDIS_PASSWORD, Harbor can talk to the redis but likely the auth credentials is not correct. Could you please double check whether you can PING the redis-server via redis-cli with the auth credentials specified in REDIS_PASSWORD?

Hi @zyyw, sorry for late reply
this time I didn't change the redis secret, I create a new secret with same value. still I am getting the same error

please refer above given images for more details.

[MinerYang]

Hi @rakeshreddyrg09 ,
this redis url is not been rendered correctly , it should be like this redis://:<password>@<redis-server-host>:6379/0?idle_timeout_seconds=30
this is introduced by goharbor/harbor-helm#1179
there's a :<password> miss.. I will look into it and fix in next release.

Sorry for your inconvenience, could you try to use password instead of existingSecret as a workaround?

[rakeshreddyrg09]

Thank you so much @MinerYang

[Kajot-dev]

I believe this is the same as #1352 and your PR fixes it as well