From 877c686f768bb9d8345b7e936c0931eea0ae888c Mon Sep 17 00:00:00 2001 From: Vincent Rubiolo Date: Tue, 12 Apr 2022 15:52:01 +0200 Subject: [PATCH] Improve documentation for using private registries When updating k3s private registries configuration (under /etc/rancher/k3s/registries.yaml), one has to use the k3s crictl binary to verify the changes done to the containerd configuration. --- registry/README.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/registry/README.md b/registry/README.md index 89d1cf3..40c7303 100644 --- a/registry/README.md +++ b/registry/README.md @@ -204,13 +204,13 @@ EOF sudo systemctl restart k3s ``` -If this is successfully applied, you can check the applied configuration in the `config.registry` section of the following command. +If this is successfully applied, you can check the applied configuration in the `config.registry` section of the following command. Be sure to use the `crictl` binary from k3s, otherwise you won't see your changes reflected in the `containerd` configuration used by k3s. ```bash -sudo /usr/local/bin/crictl info +sudo k3s crictl info # With jq -sudo /usr/local/bin/crictl info | jq .config.registry +sudo k3s crictl info | jq .config.registry ``` If you want Kubernetes to be able to pull images directly from this private registry, alternatively you can also manually create `imagePullSecrets` for the Pod instead of writing your credentials in `auth` in `registries.yaml`. [Another guide about rate limiting on Docker Hub](../tips/dockerhub-rate-limit.md) explains how to use `ImagePullSecrets`.