-
|
I'm hosting my own container registry in my k3os cluster. I'm trying to pull images from that as part of deployments to that cluster, and those pulls consistently fail with My container registry sits behind an ingress controller that uses cert-manager to issue certificates using I've gone to each of my nodes and added my Not sure what else to try. |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment
-
|
After a long and winding trip through documentation & issues on k3os, k3s, & containerd, I think I found my solution. TL;DR I forgot that most of my manual edits in I added the following line to run_cmd:
- "cat /usr/local/share/ca-certificates/my-cusom-root.crt >> /etc/ssl/certs/ca-certificates.crt"This allowed my custom CA to be persisted and trusted by the OS—which makes |
Beta Was this translation helpful? Give feedback.
After a long and winding trip through documentation & issues on k3os, k3s, & containerd, I think I found my solution.
TL;DR I forgot that most of my manual edits in
/etcwere not persisting, so I was getting tons of false-negative failures about the CA cert.I added the following line to
/var/lib/rancher/k3os/config.yamlon all three nodes:This allowed my custom CA to be persisted and trusted by the OS—which makes
containerdhappy—which means I didn't end up needing to change anything else. My images are being downloaded now without issue.