https://rancher.com/ logo
#general
Title
# general
a

adamant-kite-43734

07/19/2022, 3:13 PM
This message was deleted.
t

tall-school-18125

07/19/2022, 7:34 PM
I just checked for the
imagePullSecrets
in an RKE1 cluster yaml file and didn't find it there. I believe
imagePullSecrets
can only be configured for a pod, whereas the RKE template private registry will be used to pull images for provisioning the Kubernetes cluster itself.
g

gifted-breakfast-73755

07/19/2022, 8:17 PM
@tall-school-18125 Ok so if I am interested in pulling images for pods from a private registry then I would just need to use
imagePullSecrets
in the kubernetes YAML file?
I know that outside of Rancher I can create a Kubernetes secret with the the private registry credentials and reference that secret via
imagePullSecrets
in the Kubernetes YAML file but I was wondering if the private registry on the RKE template can help at all such as automatically create the kubernetes secret when the cluster is created, etc.
t

tall-school-18125

07/19/2022, 8:23 PM
The private registry on the RKE template just tells Rancher where to get the Kubernetes images from when installing or upgrading the cluster. It creates a secret of type registry, which you can then see in cluster explorer if you look for secrets in the
cattle-global-data
namespace on the
local
cluster. The issue with referencing that from your pod would be that your registry secret would need to be in the same namespace as the pod. So you are probably going to need to create a new registry secret in the same namespace as your workload to get images for your workload.
g

gifted-breakfast-73755

07/19/2022, 8:31 PM
@tall-school-18125 Oh ok, so the private registry on the RKE template tells Rancher where to pull the images for pods such as
kubelet
,
rancher-agent
, etc. but is not used for application pods that I create on my own?
t

tall-school-18125

07/19/2022, 8:34 PM
That's correct.
g

gifted-breakfast-73755

07/19/2022, 8:35 PM
Ok, thank you for the clarification