NVIDIA
unable to add docker credentials to avoid pull rate limits
Hello, i cannot add docker credentials to CNS deployment to avoid pull rate limit issues. In my case during install, k8s was not able to pull Calico images from Docker registry.
Regards, Wolfgang
Defining a registry mirror for installation would also be a suitable solution.
after patching pull secret manually for calico at a later time also "local-path-storage helper-pod-create-pvc-f6f86b95-c510-4120-89f5-30a8ae72ead5" fails with rate limit issue.
CNS Deployment is focused for Fresh Install, if you hit rate limit that specific the docker hub and your system, but with fresh installation we never see this issue before. docker hub login feature is customized if your system already used enough docker pulls
Based on how docker pull rate limits works, this is independent of install state of the individual system. If there are a lot of un-auth docker pulls from a single public IP this will result in rate limit errors independent of the systems behind that IP. Therefore adding ability to authenticate or use private registry would be very helpful.
But if you have a fresh install you shouldn't hit the issue ?
We will add this step as part of troubleshooting
If the fresh install uses public IP of corporate network which already has exhausted free pulls, it will fail.
it seems like your corporatation need to work on increase the pull rate limits for corporate IP, as it's intended to an orgnization. Cloud Native Stack implemented for Fresh Install with inteneded static IP that can allow enough pulls from docker hub. It doesn't make sense to add the credentials additional step for docker hub rate limit issue