Skip to content
For Self-Managed AI Platform users running v11.1, see the on-premise platform documentation

NIM Containers – Misc Configuration Topics

NIM Containers – Misc Configuration Topics

Installing the Crane CLI

curl -L -O https://github.com/google/go-containerregistry/releases/download/v0.20.6/go-containerregistry_Linux_x86_64.tar.gz
tar xzf go-containerregistry_Linux_x86_64.tar.gz crane
mv crane /usr/local/bin

Trust Manager and Public CA bundles

For more details on Trust Manager and CA bundles, refer to Custom CA documentation.

Install Trust Manager: 

helm repo add jetstack https://charts.jetstack.io
helm repo update
helm upgrade --install trust-manager jetstack/trust-manager \
  --namespace dr-app --wait --debug \
  --set app.webhook.tls.helmCert.enabled=true \
  --set app.trust.namespace=dr-app

Add the Public CA bundle to Trust Manager: 

apiVersion: trust.cert-manager.io/v1alpha1
kind: Bundle
metadata:
  name: ca-cert-bundle
  annotations:
    kubernetes.io/description: Public CA root cert bundle for DataRobot
spec:
  sources:
  # copies Public CA cert bundle
  - useDefaultCAs: true
  target:
    configMap:
      key: "pem_formatted"
    additionalFormats:
      jks:
        key: "jks_formatted"
    namespaceSelector:
      matchLabels:
        kubernetes.io/metadata.name: dr-app

copy the above YAML to a file, e.g., ca-bundle.yaml, and apply it: 

kubectl apply -f ca-bundle.yaml