dashboard
dashboard copied to clipboard
rancher
Can't set cluster private registry password in UI
Internal reference: SURE-4978 Reported in 2.6.4 & 2.6.6
Issue description: If you edit a downstream cluster from the UI to add a private registry, the password provided does not apply. The same problem happens if you Edit Config > Edit as YAML. The UI or editing as YAML should allow you to enter a password and have it work.
Business impact: After upgrading, the user's images from private registries were not able to be pulled causing errors in the workloads of their downstream clusters.
Repro steps:
- Create a custom downstream cluster
- From cluster management edit config for the cluster
- In the Private Registry section, check enabled and add docker.io as the default
- Cluster will update. Then Edit as YAML
- Add another private registry so it looks like this:
private_registries:
- ecr_credential_plugin: {}
is_default: true
url: docker.io
- ecr_credential_plugin: {}
is_default: false
url: sample.domain.name.tld
user: [email protected]
password: <PASSWORD>
- Save and the cluster doesn't seem to update
- Try to create a workload that comes from the private registry added in step 5 -- the image won't pull
- Go back to the cluster config and try to enter the password in the "Private Registry" section -- it won't apply and workloads still can't pull images from the private registry
- Edit the cluster with
kubectl edit clusters.management.cattle.io c-XXXXX-- the cluster updates and then you can pull images from the private registry - Interestingly, if you now change the password in the UI to a wrong password the cluster updates and the images stop pulling again. I'm not sure why this would cause an update but step 5 and 8 did not
Workaround: Edit the CRD for the cluster, see step 9 above
Actual behavior: The cluster private registry password is not applied from GUI / YAML
Expected behavior: The cluster private registry password should be applied GUI / YAML
Additional notes: This worked in 2.5.11
