Comments (3)
Root cause
When updating the private registries on an RKE1 downstream cluster Rancher always skips the entry whose password is empty. Rancher thinks the reason for an empty password is it has been migrated to a Secret, so skipping the entry can avoid wiping out the password from the Secret. The logic works well in most cases except the following one: once the username and password are set for a private registry on the RKE1 downstream cluster, we will not be able to unset those two values at the same time in the cases where the private registry does not require login anymore or the username and password are set by mistake at the first place.
What was fixed, or what changes have occurred
The logic is updated such that now when updating the private registries on an RKE1 downstream cluster Rancher skips the private registry only if it meets all the following conditions:
- its password is empty
- it can be found in the list of existing private registries
- its username is unchanged
Areas or cases that should be tested
A matrix of cases can be derived from creating/updating a DS RKE1 cluster with/without a private registry that does/doesn't have a username and/or password. In all cases, the cattle-private-registry Secret, whose name is recorded at .State.privateRegistrySecret
on the mgmt cluster, should be updated properly.
What areas could experience regressions?
The same as the above.
Are the repro steps accurate/minimal?
Yes.
Note that it is not necessary to use Terraform as the bug is on the Rancher side, not the tf-provider-rancher2.
from rancher.
The issue can validated on the latest v2.9-head tag
from rancher.
This issue is waiting for an alpha/RC to properly test.
from rancher.
Related Issues (20)
- [BUG]RANCHER-UI INTERFACE,There are no workloads deployed.
- Remove external-rules feature flag HOT 1
- [BUG] config.yaml.d/50-rancher.yaml contains JSON content HOT 1
- Validate SLE Micro 5.5 in Rancher 2.9.0 - Imported Only
- Validate RKE SLE Micro 5.5 - Imported Only HOT 1
- [BUG] Error Applying CoreDNS ConfigMap Patch due to Invalid JSON Document, on `rke -up` as part of Rancher upgrade HOT 1
- [BUG] ETCD Snapshot show as 0B
- [Same Namespace / Same Git repo source/branch for 2 different clusters in Rancher]
- AZUREAD login as service principal[RFE]
- [v2.8] [Maintenance] Bump Go in wins to 1.20+
- [RFE] Add support for listing Google projects
- Improved logging for syncing caches
- Remove support for K8s 1.25 and 1.26 for Rancher 2.9.0
- [RFE] when will the next public version of 2.7.* be released
- [BUG] RKE1 vSphere node provider cluster with out of tree cloud provider enabled fails to start multiple pods successfully.
- [BUG] Unable to setup fleet git repo in upstream cluster HOT 1
- RKE2 and K3S - KDM Update for K8s June 2024 patch release for Rancher 2.7
- RKE2 and K3S - KDM Update for K8s June 2024 patch release for Rancher 2.8
- [BUG] Incomplete "Components with -rc" section on alpha/RC release notes
- [BUG] etcd node is deleted when deleting a worker node pool HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from rancher.