Channels
#rancher-desktop
Title
t
tall-kite-83186
06/01/2022, 12:09 PMprobably a dumb question. but I've build a docker image which is now in my private registry.
While trying to install in K3s I install the related chart and reference my docker image directly but K8s pod complains it cannot find the image (imagePullBackoff). How do I tell K3s to use RD registry from wsl?
m
miniature-advantage-69986
06/01/2022, 3:32 PMwhat did you meen with "privat registry"?
If you do a docker build and tag the image you should be able to see the image with "docker image ls", after this you can create a pod with this image but make sure that the imagePullPolicy is set to "IfNotPresent" otherwise K3S will try to pull the image from dockerhub.
t
tall-kite-83186
06/01/2022, 3:36 PMI can definitely see the image when doing
nerdctl imagesJust changed the policy, now I have this:
Failed to pull image "haproxy-agent-service-checker:latest": rpc error: code = Unknown desc = failed to pull and unpack image "<http://docker.io/library/haproxy-agent-service-checker:latest|docker.io/library/haproxy-agent-service-checker:latest>": failed to resolve reference "<http://docker.io/library/haproxy-agent-service-checker:latest|docker.io/library/haproxy-agent-service-checker:latest>": pull access denied, repository does not exist or may require authorization: server message: insufficient_scope: authorization failedAnd the complementary event:
Back-off pulling image "haproxy-agent-service-checker:latest"I don't get why k3s tries to pull from docker instead of local registry
Copy code
# nerdctl images
REPOSITORY TAG IMAGE ID CREATED PLATFORM SIZE BLOB SIZE
haproxy-agent-service-checker latest 164609860dc6 4 hours ago linux/amd64 107.1 MiB 39.3 MiBt
tall-insurance-55443
06/01/2022, 3:50 PMYou need to do something very similar to this
https://docs.rancherdesktop.io/how-to-guides/hello-world-example#build-image-from-code-locally
specifically
nerdctl --namespace <http://k8s.io|k8s.io> build --tag nginx-helloworld:latest .t
tall-kite-83186
06/01/2022, 3:50 PMCan't I build onto default registry and let K3s to pick in it?
Or is it bound to k8s.io ?
t
tall-insurance-55443
06/01/2022, 3:52 PM🤷 I don’t know K3 well enough TBH
But it’s one way or the other (either push it where k8s knows, or change where k8s is looking)
f
fast-garage-66093
06/01/2022, 4:39 PM@tall-insurance-55443 is correct: you need to build the image in the
<http://k8s.io|k8s.io>t
tall-kite-83186
06/01/2022, 4:40 PMIndeed it confuses. Can't we allow K3s to see default containerd namespace ?
f
fast-garage-66093
06/01/2022, 4:44 PMNo, this is the way k8s and containerd work; I'm not sure this is configurable, but even if it were, I would strongly recommend against it.
t
tall-kite-83186
06/01/2022, 4:44 PMThat's fine, I'll stick with k8s.io namespace
f
fast-garage-66093
06/01/2022, 4:46 PMNote that this namespace is "owned" by kubernetes, so if you would create a container in it, kubelet would just kill it as soon as it notices. For that reason
nerdctl -n <http://k8s.io|k8s.io> build ...t
tall-kite-83186
06/01/2022, 4:46 PMGotcha
Hmmm, for some reasons I still have the same issues pulling the image from k8s.io internal registry:
f
fast-garage-66093
06/01/2022, 5:27 PMOh, this is because you are using the
latestimagePullPolicy: AlwaysimagePullPolicy: Neverlatestt
tall-kite-83186
06/01/2022, 5:29 PMYou got it!
Thank you Jan
👍 1
404 Views