10/04/2022, 1:56 PM
Hi all, I am running Rancher Desktop 1.5.1 on MacBook M1. I'm able to pull an image from my private repository using nerdctl:
nerdctl -n <|> pull <|>
Then, I can create a pod (the pod is up and running, but it uses the pulled image):
kubectl run hello-app --image=<|>
But this is not the desired behavior. I want to be able to create the kubernetes resources using the private registry, without downloading the image first. So, I deleted the previously downloaded image, then I tried to recreate the pod:
nerdctl -n <|> rmi <|>
kubectl run hello-app --image=<|>
Now, the pod's status is ErrImagePull:
Failed to pull image "<|>": rpc error: code = Unknown desc = failed to pull and unpack image "<|>": failed to resolve reference "<|>": pulling from host <|> failed with status code [manifests v0.0.1]: 403 Forbidden
I observed the forbidden message, but I ran
nerdctl login <|>
Again, if I download the image using nerdctl, the pod is up and running. I have to mention that I tried to add the private registry using ~/Library/Application Support/rancher-desktop/lima/\_config/override.yaml file, but no success: it seems that the registry is not recognized by containerd - nothing is added in the /etc/containerd/config.toml file, even if the registries.yaml file is in the /etc/rancher/k3s directory. My override.yaml file:
  - mode: system
    script: |
      set -eux
      mkdir -p /etc/rancher/k3s/
      cat <<'EOF' > /etc/rancher/k3s/registries.yaml
            - "<https://artifactory.mycompany>"
            username: .......
            password: .......
If I run ``rdctl shell -- cat /etc/rancher/k3s/registries.yaml``, I see the desired file provisioned by the override.yaml.
Does anyone have any idea?