Open deniseschannon opened 4 years ago
We want to moev forward with a cluster level registry that applies to anything that Rancher deploys within a cluster.
@deniseschannon Currently private registries are for RKE clusters, so now we'd want this for all clusters + for everything deployed for that cluster should use that registry? Does this also include the helm stuff the original comment mentions?
Yes, it'd be for everything including helm charts
Just to add an extra voice here, our team is interested in using a private, cluster-wide registry specifically for our internally-developed applications. That is, we're not looking to replace docker.io or any other public registry with out own mirror, we just want a way to manage registries.yaml
(we're using k3os) to add auth config for an extra, private registry.
Basically, I just want to point out that it'd be nice to be able to manage additional private registries centrally via Rancher, even if you're not actually intending to deploy everything from a private registry. Per-cluster would be ok, though being able to do it globally would be even better.
Currently, Rancher supports a Global registry setting and a RKE cluster registry for RKE clusters.
Global registry is a global setting with no credentials.
The RKE cluster registry is only available for RKE clusters and only intended to pull RKE system images using the private registry and with authentication.
We have already extended the RKE provisioning to use this cluster registry for custom RKE clusters https://github.com/rancher/rancher/issues/20029 and are planning to extend it for RKE node driver provisioned clusters https://github.com/rancher/rancher/issues/26366
But with 2.5, there are other components that are now deployed automatically during cluster provisioning that are not going to use this private registry.
List of additional components: Busybox shell pause
Option 1: Extending RKE cluster private registry to start deploying the extra components with the registry.
Option 2: Extending cluster private registry to all cluster types so that any apps deployed from the helm chart automatically picks up from this private registry. Note: Issues that could arise is how do you know which registry you want to use for different charts if it's cluster leve.