After a week of trial-and-error and some Googling I figured it out.
ImagePullBackOff:
To me the above indicated the issue was with Rancher-Kubernetes. Turns out this was actually Docker related.
On the host that will be running the Rancher agent container, prior to pulling the rancher agent image and running it as a container, add the certificate for your private Docker Registry to the trusted certificates on the host; then, this is the crucial part —restart the Docker daemon.
cp /mnt/certs/vhdocker.hosp.domain.com.crt /usr/local/share/ca-certificates/
update-ca-certificates
systemctl restart docker.service
ls /etc/ssl/certs | awk /vhdocker.hosp/
(Not sure if it’s necessary, but I also did this on the host that will be running my Rancher server container)
Steps
- Install private Docker registry cert on host that will run the Rancher server container
- Restart Docker daemon
- Run Rancher server image as a container
- Install private Docker registry cert on host that will run the Rancher client container
- Restart Docker daemon
- Run Rancher client image as a container
After this I was able to deploy a workload from an image in my private Docker Registry.