Hi All, I am attempting to load images into my airgap environment and running into an issue. I am attempting to install both

cert-manager

and

kube-vip

. I have created two tars: cert-manager:

docker save <http://quay.io/jetstack/cert-manager-cainjector:v1.9.1|quay.io/jetstack/cert-manager-cainjector:v1.9.1>

<http://quay.io/jetstack/cert-manager-controller:v1.9.1|quay.io/jetstack/cert-manager-controller:v1.9.1>

<http://quay.io/jetstack/cert-manager-webhook:v1.9.1|quay.io/jetstack/cert-manager-webhook:v1.9.1>

<http://quay.io/jetstack/cert-manager-ctl:v1.9.1|quay.io/jetstack/cert-manager-ctl:v1.9.1> | gzip > cert-manager.tar.gz

kube-vip:

docker save <http://ghcr.io/kube-vip/kube-vip:v0.5.0|ghcr.io/kube-vip/kube-vip:v0.5.0> | gzip > kube-vip.tar.gz

I have copied both into the images directory:

root@rke-test-cluster-node-0:~# ls /var/lib/rancher/rke2/agent/images/
cert-manager.tar.gz  kube-vip.tar.gz  rke2-images.linux-amd64.tar.zst

Cert-manager

is able to come up without issue, but I run into issues with

kube-vip

.

Failed to pull image "<http://ghcr.io/kube-vip/kube-vip:v0.5.0|ghcr.io/kube-vip/kube-vip:v0.5.0>": rpc error: code = Unknown desc = failed to pull and unpack image "<http://ghcr.io/kube-vip/kube-vip:v0.5.0|ghcr.io/kube-vip/kube-vip:v0.5.0>": failed to resolve reference "<http://ghcr.io/kube-vip/kube-vip:v0.5.0|ghcr.io/kube-vip/kube-vip:v0.5.0>": failed to do request: Head "<https://ghcr.io/v2/kube-vip/kube-vip/manifests/v0.5.0>": dial tcp 140.82.112.33:443: i/o timeout

When listing my available images, the

kube-vip

image seems to be available:

root@rke-test-cluster-node-0:~# /var/lib/rancher/rke2/bin/crictl images | grep -e kube-vip -e cert-manager
<http://ghcr.io/kube-vip/kube-vip|ghcr.io/kube-vip/kube-vip>                                       v0.5.0                         09067696476ff       37.9MB
<http://quay.io/jetstack/cert-manager-cainjector|quay.io/jetstack/cert-manager-cainjector>                        v1.9.1                         11778d29f8cc2       39.2MB
<http://quay.io/jetstack/cert-manager-controller|quay.io/jetstack/cert-manager-controller>                        v1.9.1                         8eaca4249b016       57.2MB
<http://quay.io/jetstack/cert-manager-ctl|quay.io/jetstack/cert-manager-ctl>                               v1.9.1                         0a3af10d53674       50.2MB
<http://quay.io/jetstack/cert-manager-webhook|quay.io/jetstack/cert-manager-webhook>                           v1.9.1                         d3348bcdc1e7e       45.8MB

It seems it is trying to reach out to the internet for the image, rather than use the image available locally. Could someone provide any insight into what settings if any I can look into or steps I can take to further debug this?