public/rancher-docs
1
0
Fork 0
mirror of https://github.com/rancher/rancher-docs.git synced 2026-05-17 10:25:16 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add info about Private Registry Credentials covering backup labels

Browse Source
This commit is contained in:
Dan Pock
2024-07-18 11:32:44 -04:00
parent 2d6ede4f49
commit bd87f0973b
2 changed files with 28 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files
versioned_docs/version-2.8/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/global-default-private-registry.md
+14 -2
View File
@@ -54,8 +54,20 @@ Since the private registry cannot be configured after the cluster is created, yo
1. Select **☰ > Cluster Management**.
1. On the **Clusters** page, click **Create**.
1. Choose a cluster type.
1. In the **Cluster Configuration** go to the **Registries** tab and select **Pull images for Rancher from a private registry**.
1. Enter the registry hostname and credentials.
1. In the **Cluster Configuration** go to the **Registries** tab.
1. Check the box next to **Enable cluster scoped container registry for Rancher system container images**.
1. Enter the registry hostname.
1. Under **Authentication** select **Create a HTTP Basic Auth Secret** and fill in the credential fields.
1. Click **Create**.
**Result:** The new cluster pulls images from the private registry.
### Working with Private Registry Credentials
When working with private registries, it is important to ensure that any secrets created for these registries are properly backed up. By default, when you add a private registry credential secret through the process outlined above, it is included in backup operations.
However, if you create credential secrets outside of the Rancher GUI (using kubectl, or Terraform), you must take an extra step to ensure they are backed up effectively. When creating these secrets, make sure to add the `fleet.cattle.io/managed=true` label to indicate that this secret should be included in backups created by Rancher Backups.
For example, if you have a custom private registry named "my-private-registry" and create a secret called "my-reg-creds" for it, apply the `fleet.cattle.io/managed=true` label to this secret. This ensures that your backup process captures this secret providing easy restoration if needed.
By following this guidance, you can ensure that all your private registry credentials are backed up and easily accessible in the event of a restore or migration.