Hello everyone. I am facing an issue in an offline environment. Indeed, some images are deleted by the Kubelet Garbage Collection whereas I need them. Sometimes, when I restart my cluster, the Image Registry image is no longer on the worker nodes (the Image Registry is running in my Kubernetes Cluster) and so it can not start (so other pods can not start too). Do you know if it is possible to declare a list of images to prevent them from being removed by the Kubelet GC (a kind of “blacklist”)? I use containerd as CRI runtime.
Hosting your image registry on the same cluster that needs access to said images is not at all a good idea for reasons you’re now discovering. The ultimate solution is to move that registry to some other infrastructure so you don’t create these types of cyclical dependencies.
Yes you’re right but for some reasons I can not do it like this. Indeed, I am in a very small environment with a very small footprint and I can not run an Image Registry (with High Availability on S3) outside my Kube cluster. And I don’t think that it is an “unrealistic” idea to think about a “blacklist” feature to prevent some images from being removed