Create an OVHcloud Managed Private Registry (MPR) with Pulumi
Objective
You can create an OVHcloud Managed Private Registry via the OVHcloud Control Panel, but you can also deploy a registry programmatically with Infrastructure as Code (IaC) tools. This can be done via Terraform thanks to our OVHcloud provider, and now also with Pulumi.
Pulumi
Pulumi is an Infrastructure as Code (IasC) tool that allows you to build your infrastructures with a programming language, in Golang for example.
Users define the desired state in Pulumi programs and Pulumi creates the desired resources.
Pulumi offers an intuitive command line interface (CLI), to provision, update or delete your infrastructure. If you are familiar with Docker Compose CLI and Terraform CLI, you will adopt Pulumi CLI too.
Navigation path:Public Cloud > Select your project
Before you begin
You should have installed the Pulumi CLI on your machine. Verify the Pulumi CLI is successfully installed in your machine with the pulumi version command.
You should have a result like this:
$ pulumi versionv3.86.0
OVHcloud Pulumi provider
In order to create a Private Registry (Harbor instance) and other resources, you will use the OVHcloud Pulumi provider. This provider is a bridge to our official Terraform provider.
All available Pulumi resources have their definition and documentation.
Replace xxx by the correct values and ovh-eu with the correct endpoint.
Instructions
One advantage of Pulumi is that it allows you to build your infrastructures with the programming language of your choice. It supports a variety of programming languages.
In this tutorial you will be able to deploy your private registry (harbor) with a user and its project in the Go/Golang programming language.
For your information, our OVH Pulumi provider currently supports Go but also Python, Node.js/Typescript and C#/Dotnet.
Deploy your Managed Private Registry (MPR) in Go / Golang
Pulumi project creation and initialization
In Pulumi, the infrastructure is organized into projects. In the Pulumi ecosystem, a project represents a Pulumi program which, when run, declares the desired infrastructure for Pulumi to manage.
First, create a folder named ovh-registry-go which represents our project and go into it.
mkdir ovh-registry-gocd ovh-registry-go
Initialize your project:
pulumi new go -y
The output should be like this:
$ pulumi new go -yCreated project 'ovh-registry-go'Please enter your desired stack name.To create a stack in an organization, use the format <org-name>/<stack-name> (e.g. `acmecorp/dev`).Created stack 'dev'Installing dependencies...Finished installing dependenciesYour new project is ready to go!To perform an initial deployment, run `pulumi up`
The command creates a dev stack and the code organization of your project:
go get github.com/pulumiverse/pulumi-harbor/sdk/v3/go/...
In order to create an OVHcloud Managed Private Registry, you need to define the serviceName.
pulumi config set serviceName <your-service-name>
Or you can edit the Pulumi.yaml file with the following content:
config: serviceName: <your-service-name>
Info
Replace <your-service-name> by your Public Cloud project.
Then, edit the main.go file and replace the content with the following:
package mainimport ( "github.com/ovh/pulumi-ovh/sdk/go/ovh/cloudproject" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" "github.com/pulumi/pulumi/sdk/v3/go/pulumi/config" "github.com/pulumiverse/pulumi-harbor/sdk/v3/go/harbor")func main() { pulumi.Run(func(ctx *pulumi.Context) error { serviceName := config.Require(ctx, "serviceName") // Initiate the configuration of the registry regcap, err := cloudproject.GetCapabilitiesContainerFilter(ctx, &cloudproject.GetCapabilitiesContainerFilterArgs{ ServiceName: serviceName, PlanName: "SMALL", Region: "GRA", }, nil) if err != nil { return err } // Deploy a new Managed private registry myRegistry, err := cloudproject.NewContainerRegistry(ctx, "my-registry", &cloudproject.ContainerRegistryArgs{ ServiceName: pulumi.String(regcap.ServiceName), PlanId: pulumi.String(regcap.Id), Region: pulumi.String(regcap.Region), }) if err != nil { return err } // Create a User myRegistryUser, err := cloudproject.NewContainerRegistryUser(ctx, "user", &cloudproject.ContainerRegistryUserArgs{ ServiceName: pulumi.String(regcap.ServiceName), RegistryId: myRegistry.ID(), Email: pulumi.String("myuser@ovh.com"), Login: pulumi.String("myuser"), }) if err != nil { return err } //Add as an output registry information ctx.Export("registryID", myRegistry.ID()) ctx.Export("registryName", myRegistry.Name) ctx.Export("registryURL", myRegistry.Url) ctx.Export("registryVersion", myRegistry.Version) ctx.Export("registryUser", myRegistryUser.User) ctx.Export("registryPassword", myRegistryUser.Password) //Use the created regsitry to initiate the harbor provider harborProvider, err := harbor.NewProvider(ctx, "harbor", &harbor.ProviderArgs{ Username: myRegistryUser.User, Password: myRegistryUser.Password, Url: myRegistry.Url, }, pulumi.DependsOn([]pulumi.Resource{myRegistry, myRegistryUser})) if err != nil { return err } // Create a public project in your harbor registry project, err := harbor.NewProject(ctx, "project", &harbor.ProjectArgs{ Name: pulumi.String("my-new-project"), Public: pulumi.String("true"), }, pulumi.Provider(harborProvider)) if err != nil { return err } ctx.Export("project", project.Name) return nil })}
This Go program will create an OVHcloud Managed Private registry:
named my-registry- followed by a random ID
in the GRA region
with a SMALL plan
in your Public Cloud project (depending on the serviceName you defined)
A registry user:
named myuser
with myuser@ovh.com email address
And a project inside the created registry:
named my-new-project
with Public visibility
Then, run the go mod tidy command to ask Go to download and install the necessary Go providers and dependencies.
go mod tidy
Create your Private Registry (Harbor) through Pulumi
Now you can deploy your registry. To do that, just execute the pulumi up command.
This will display the plan/the preview of the desired state. You will be prompted to choose the stack (dev by default) and to confirm that you want to perform/apply the changes.
$ pulumi upPreviewing update (dev)View in Browser (Ctrl+O): https://app.pulumi.com/scraly/ovh-registry-go/dev/previews/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx Type Name Plan + pulumi:pulumi:Stack ovh-registry-go-dev create + โโ ovh:CloudProject:ContainerRegistry my-registry create + โโ ovh:CloudProject:ContainerRegistryUser user create + โโ pulumi:providers:harbor harbor create + โโ harbor:index:Project project createOutputs: project : output<string> registryID : output<string> registryName : "my-registry-be6ba67" registryPassword: output<string> registryURL : output<string> registryUser : output<string> registryVersion : output<string>Resources: + 5 to createDo you want to perform this update? yesUpdating (dev)View in Browser (Ctrl+O): https://app.pulumi.com/scraly/ovh-registry-go/dev/updates/1 Type Name Status + pulumi:pulumi:Stack ovh-registry-go-dev created (146s) + โโ ovh:CloudProject:ContainerRegistry my-registry created (141s) + โโ ovh:CloudProject:ContainerRegistryUser user created (1s) + โโ pulumi:providers:harbor harbor created (0.39s) + โโ harbor:index:Project project created (0.96s) Outputs: project : "my-new-project" registryID : "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" registryName : "my-registry-be6ba67" registryPassword: [secret] registryURL : "https://034nl9k0.c1.gra9.container-registry.ovh.net" registryUser : "myuser" registryVersion : "2.14.2"Resources: + 5 createdDuration: 2m30s
Go to the Managed Private Registry section. Your registry has been successfully created:
Connect to the registry
Your registry is created with a user, so you have all the information to connect to it.
In order to do this, retrieve the registry URL, login and password from the dev Pulumi stack:
Connect to the Managed Private Registry with the login and password:
Then click on the created project:
You can now deploy your applications and/or create new clusters through Pulumi.
Known issues
"Provider is missing a required configuration key"
If you encounter the following error, it means you forgot to export the needed OVHcloud environment variables.
$ pulumi upPreviewing update (dev)View in Browser (Ctrl+O): https://app.pulumi.com/scraly/ovh-registry-go/dev/previews/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx Type Name Plan Info pulumi:pulumi:Stack ovh-registry-go-dev โโ pulumi:providers:ovh default_github_/api.github.com/ovh/pulumi-ovh 1 errorDiagnostics: pulumi:providers:ovh (default_github_/api.github.com/ovh/pulumi-ovh): error: pulumi:providers:ovh resource 'default_github_/api.github.com/ovh/pulumi-ovh' has a problem: Provider is missing a required configuration key, try `pulumi config set ovh:endpoint`: The OVH API endpoint to target (ex: "ovh-eu").
The solution is to export the missing required configuration:
