环境说明:
一、rancher 2.7.5 + rke2 + harbor https
二、上游和下游安装时用的都是registry.cn-hangzhou.aliyuncs.com 这个镜像;
问题1:现在用下游用私有镜像harbor部署负载,修改下游节点/etc/rancher/rke2/registries.yaml 和 /etc/rancher/agent/registries.yaml后,重起centos后registries.yaml的内容没有发生任何变化,为何?
那就在 rancher 中编辑下游集群,那里有镜像仓库的设置,保存后会同步到下游集群
这是两个东西,你在修改集群中的配置,会自动落实到底层的 containerd 的配置修改。
你创建 workload 的时候选择的镜像仓库配置,会添加到 workload 的对应 yaml 中,如下:
apiVersion: apps/v1
kind: Deployment
metadata:
annotations:
deployment.kubernetes.io/revision: '1'
creationTimestamp: '2023-12-12T02:00:28Z'
generation: 1
labels:
workload.user.cattle.io/workloadselector: apps.deployment-default-t1
...
...
...
spec:
progressDeadlineSeconds: 600
replicas: 1
revisionHistoryLimit: 10
selector:
matchLabels:
workload.user.cattle.io/workloadselector: apps.deployment-default-t1
strategy:
rollingUpdate:
maxSurge: 25%
maxUnavailable: 25%
type: RollingUpdate
template:
metadata:
creationTimestamp: null
labels:
workload.user.cattle.io/workloadselector: apps.deployment-default-t1
namespace: default
spec:
affinity: {}
containers:
- image: nginx
imagePullPolicy: Always
name: container-0
resources: {}
securityContext:
allowPrivilegeEscalation: false
privileged: false
readOnlyRootFilesystem: false
runAsNonRoot: false
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
dnsPolicy: ClusterFirst
imagePullSecrets:
- name: harbor
restartPolicy: Always
schedulerName: default-scheduler
securityContext: {}
terminationGracePeriodSeconds: 30