k3s icon indicating copy to clipboard operation
k3s copied to clipboard

Published 20 hours ago verified publisher icon k3s-io

Cant setup Dependency Proxy from gitlab

Open gawsoftpl opened this issue 2 years ago • 1 comments

I can't setup k3s to download container via gitlab dependency proxy. https://docs.gitlab.com/ee/user/packages/dependency_proxy/

    configs:
      registry.example.com:
        auth:
          username: token
          password: greg34g34g545g54
    mirrors:
      docker.io:
        endpoint:
          - "https://registry.example.com"
        rewrite:
          "^(.*)": "company/dependency_proxy/containers/$1"

I received logs:

E0724 01:19:30.513755      60 kuberuntime_manager.go:815] "CreatePodSandbox for pod failed" err="rpc error: code = Unknown desc = fail │
│ ed to get sandbox image \"rancher/mirrored-pause:3.6\": failed to pull image \"rancher/mirrored-pause:3.6\": failed to pull and unpack │
│  image \"docker.io/rancher/mirrored-pause:3.6\": failed to resolve reference \"docker.io/rancher/mirrored-pause:3.6\": pull access den │
│ ied, repository does not exist or may require authorization: server message: insufficient_scope: authorization failed" pod="kube-syste │
│ m/local-path-provisioner-7b7dc8d6f5-5g27d"                                                                                             │
│ E0724 01:19:30.513937      60 pod_workers.go:951] "Error syncing pod, skipping" err="failed to \"CreatePodSandbox\" for \"local-path-p │
│ rovisioner-7b7dc8d6f5-5g27d_kube-system(b5421ea0-48a1-4906-907b-83a847f282b1)\" with CreatePodSandboxError: \"Failed to create sandbox │
│  for pod \\\"local-path-provisioner-7b7dc8d6f5-5g27d_kube-system(b5421ea0-48a1-4906-907b-83a847f282b1)\\\": rpc error: code = Unknown  │
│ desc = failed to get sandbox image \\\"rancher/mirrored-pause:3.6\\\": failed to pull image \\\"rancher/mirrored-pause:3.6\\\": failed │
│  to pull and unpack image \\\"docker.io/rancher/mirrored-pause:3.6\\\": failed to resolve reference \\\"docker.io/rancher/mirrored-pau │
│ se:3.6\\\": pull access denied, repository does not exist or may require authorization: server message: insufficient_scope: authorizat │
│ ion failed\"" pod="kube-system/local-path-provisioner-7b7dc8d6f5-5g27d" podUID=b5421ea0-48a1-4906-907b-83a847f282b1

gawsoftpl avatar Jul 24 '22 01:07 gawsoftpl

Check the containerd log file; it frequently contains more detailed information on pull failures. I suspect that there is some problem with the pull-through cache and it is falling back to docker hub.

brandond avatar Jul 30 '22 02:07 brandond

This repository uses a bot to automatically label issues which have not had any activity (commit/comment/label) for 180 days. This helps us manage the community issues better. If the issue is still relevant, please add a comment to the issue so the bot can remove the label and we know it is still valid. If it is no longer relevant (or possibly fixed in the latest release), the bot will automatically close the issue in 14 days. Thank you for your contributions.

stale[bot] avatar Jan 26 '23 03:01 stale[bot]