Private Registry Proper Function

Hello,

I’m trying to integrate a private local registry into my rancher instance. My registry sits on 192.169.6.10:5000 and contains nginxtest:latest. I’ve gone and entered 192.168.6.10:5000 into the registry tab. When I go to create a workload with nginxtest:latest as the image, it continuously says that it can’t find the image. If I do 192.168.6.10:5000/nginxtest:latest, it’ll find the image regardless of what I entered for registry. Is this proper behaviour? What am I doing wrong,

Thanks!

It needs to be a secure registry (with https).

Othewise, I think when you create your cluster node, you can add your unsecure registries in the params.

I’m doing this from the GUI side of rancher. It this possible from just the GUI side?

Are you saying it’s not possible to have an unsecure registry on a namespace level? I thought documentation indicated it was possible?

If you go in your node template (I’m on vSphere but I saw it in Azure too), in the Engine Options, look there’s an Insecure Registries setting. You can try to set it. (I never did so I don’t know if it works. What I did was to set up https on my registries)

I thnk each of your node with docker installed, need to be aware there’s a unsecure registry. I assume this setting is used for it.

Sorry I’m still a little confused.

I have Rancher deployed as containers and am accessing them from a browser. After going into a cluster’s default namespace, I see a resources tab at the top that drops down to show registries. It is my understanding that if I add a registry, I should be able to use them within that namespace insecurely. However it isn’t working out as I understood it. If I put nginxtest:latest, it’ll say that it doesn’t exist and can’t pull despite existing within the registry. However, if I put 192.168.6.10:5000/nginxtest:latest, it’ll show. I should be able to put nginxtest:lastest and have it pull from that registry right? The docker installed on the node is already able to pull from the registry. It knows that the registry is unsecure and allows it.

That’s the way I tought it should work but when I tried it, I ended up doing the same thing as you.

Maybe there’s something we’re missing.

I found this bug but I don’t think it’s related: https://github.com/rancher/rancher/issues/13339

Good catch! I missed that bug report. Hopefully it’s been fixed or someone else can chime in. The workaround is perfectly fine but it’d be nice to have that feature.

Good Morning,

Searching I noticed that only “unsafe” private records work for the deploy of Pods.
I am also stuck in this step, I have set up a private registry that is available for all projects, however, when creating a Workload with the image present in the registry, the Pod is not created.
Is there a procedure to create the private registry and make it available in Rancher 2?

Thanks!

When you say unsafe do you mean unsecure?

The current workaround is to also include the host and port of the private registry. Although in the demo videos online, it seems like they’ve demonstrated that it is possible to hook up a private registry and pull images without referencing port and host.

Okay now I feel really dumb because it just dawned on me on how to use the private registry function.

When putting the registry into rancher, there was a name field. I wonder if that’s how you reference images. For example, if my registry was inserted as registry1 and links to my registry at 192.16.1.5:5000, to pull images from Rancher requires not 192.16.1.5:5000/imagename:version but registry1/imagename:version.

I unfortunately don’t have my Rancher in front of me to test this but this makes sense to me.

Good Morning,

I uploaded an instance of the registry: 2 on a machine by the following command:

“docker run -d -p 5000: 5000 -restart = always -name registry -v / opt / docker-registry: / var / lib / registry registry: 2”

From the Rancher 2 console, selecting the Namespace> Resources> Registres, I configure the address
: “myregistry.example.com:5000”, however when creating a Workload it is eternally loading and does not run.

Note: When I log into this registry from the command line, the user “admin” and “admin” password are requested. I configured these credentials also in the Rancher console.

It is also possible to upload a private registry by Rancher himself in his Catalog Apps.

The demo video you previously cited annihil8ted
could you forward me the link?

Thanks for the help guys!

Is there anybody who had success with it? I’m stuck on it too?