I'm trying to start Rancher as a single docker in an air-gapped environment, as below. Looking at some error messages, the "local" cluster, which is inside Rancher, is trying to pull rancher/shell and it's failing, possibly because of the lack of authorization as our local repo needs it. How can we pass the registry credentials to the K3s running inside Rancher?
sudo docker run -d --privileged --restart=unless-stopped \
--name rancher \
-p 8080:80 -p 8443:443 \
-v /home/devbox/certs:/certificates \
-e SSL_CERT_DIR=/certificates \
-e CATTLE_SYSTEM_DEFAULT_REGISTRY=private.docker.net \
-e CATTLE_SYSTEM_CATALOG=bundled \
private.docker.net/rancher/rancher:v2.7.5
It's possible by providing file registries.yaml, you can create something like
configs:
private.docker.net:
auth:
username: USER
password: PASS
Then to your docker run command just add
-v ./registries.yaml:/etc/rancher/k3s/registries.yaml:ro
Everything should work