How to update the harbor certificate manually by editing the cluster add-on secret
search cancel

How to update the harbor certificate manually by editing the cluster add-on secret

book

Article ID: 408390

calendar_today

Updated On:

Products

VMware Telco Cloud Automation

Issue/Introduction

Cluster upgrade stuck due to harbor certificate change

Environment

3.x

Cause

An inability to pull images from Harbor after a certificate change has stalled a cluster upgrade. The Harbor cluster add-on wasn't deleted and re-added before the cluster upgrade, causing the cluster to be unable to pull necessary images.

Resolution

Manually edit the harbor secret and update the certificate.

Here are the steps to update the secret manually.

1. kubectl get secret -n <namespace> harbor-tca-addon-secret -o "jsonpath={@.data.values\.yaml}"|base64 -d > values.yaml
2. save new harbor cert as server.crt
3. base64 -w0 server.crt
4. vi values.yaml

Replace value of externalHarborCertificate with output from step 3

5. VALUES_YAML=base64 -w0 values.yaml
6. kubectl patch secret -n <namespace> harbor-tca-addon-secret --patch '{"data":{"values.yaml":"'$VALUES_YAML'"}}'

Powered by Wolken Software