I’m in an half-air-gapped environment (I can access the docker registries but only through a proxy) and I have installed the rancher control-plane using our private registry just fine.
Now I’m trying to import an existing cluster and I also need to use our private registry for that.
So i’m creating the cluster in rancher and getting the manifest to apply.
Then, in this manifest I need to modify the image of the containers to use our private registry.
Once done I can apply the manifest using kubectl apply.
This is half working.
As a matter of fact the deployment and the daemon set are created in the first place using the private registry but after that it seems they are updated (by the agent itself?) and reverted to the public image name, so the pods can’t be created.
$ kubectl get all -n cattle-system NAME READY STATUS RESTARTS AGE pod/cattle-cluster-agent-657ff69f4f-vkmjk 0/1 ImagePullBackOff 0 157m pod/cattle-cluster-agent-67ddfc445-7222s 1/1 Running 0 157m pod/cattle-node-agent-4j4p8 1/1 Running 0 157m pod/cattle-node-agent-ptkzx 0/1 ImagePullBackOff 0 157m NAME DESIRED CURRENT READY UP-TO-DATE AVAILABLE NODE SELECTOR AGE daemonset.apps/cattle-node-agent 2 2 1 1 1 <none> 157m NAME READY UP-TO-DATE AVAILABLE AGE deployment.apps/cattle-cluster-agent 1/1 1 1 157m NAME DESIRED CURRENT READY AGE replicaset.apps/cattle-cluster-agent-657ff69f4f 1 1 0 157m replicaset.apps/cattle-cluster-agent-67ddfc445 1 1 1 157m
If I check the the deployment at this point, it will have the standard image name, and not the one in my private registry:
$ kubectl -n cattle-system describe deployment.apps/cattle-cluster-agent Name: cattle-cluster-agent Namespace: cattle-system CreationTimestamp: Tue, 23 Jun 2020 16:47:15 -0400 Labels: <none> Annotations: deployment.kubernetes.io/revision: 2 Selector: app=cattle-cluster-agent Replicas: 1 desired | 1 updated | 2 total | 1 available | 1 unavailable StrategyType: RollingUpdate MinReadySeconds: 0 RollingUpdateStrategy: 25% max unavailable, 25% max surge Pod Template: Labels: app=cattle-cluster-agent Service Account: cattle Containers: cluster-register: Image: rancher/rancher-agent:v2.4.3 <= Here I should have myprivateregistry.com/rancher/rancher-agent:2.4.3 Port: <none> Host Port: <none> [...]
Any idea on how I can fix that? Is there any way to configure the ranger-agent image to look for the image at another place?
For sure I can edit again the deployment and deamonsets with the correct image name but I need to do that in a automated way and more straightforward way.
Thanks for you help.