Skip to main content
Version: v2.0-v2.4

2. Collect and Publish Images to your Private Registry

Prerequisites: You must have a private registry available to use.

Note: Populating the private registry with images is the same process for HA and Docker installations, the differences in this section is based on whether or not you are planning to provision a Windows cluster or not.

By default, all images used to provision Kubernetes clusters or launch any tools in Rancher, e.g. monitoring, pipelines, alerts, are pulled from Docker Hub. In an air gap installation of Rancher, you will need a private registry that is located somewhere accessible by your Rancher server. Then, you will load the registry with all the images.

This section describes how to set up your private registry so that when you install Rancher, Rancher will pull all the required images from this registry.

By default, we provide the steps of how to populate your private registry assuming you are provisioning Linux only clusters, but if you plan on provisioning any Windows clusters, there are separate instructions to support the images needed for a Windows cluster.

For Rancher servers that will only provision Linux clusters, these are the steps to populate your private registry.

A. Find the required assets for your Rancher version
B. Collect all the required images
C. Save the images to your workstation
D. Populate the private registry

Prerequisites

These steps expect you to use a Linux workstation that has internet access, access to your private registry, and at least 20 GB of disk space.

If you will use ARM64 hosts, the registry must support manifests. As of April 2020, Amazon Elastic Container Registry does not support manifests.

A. Find the required assets for your Rancher version

  1. Browse to our releases page and find the Rancher v2.x.x release that you want to install. Don't download releases marked rc or Pre-release, as they are not stable for production environments. Click *Assets.*

  2. From the release's Assets section, download the following files:

Release FileDescription
rancher-images.txtThis file contains a list of images needed to install Rancher, provision clusters and user Rancher tools.
rancher-save-images.shThis script pulls all the images in the rancher-images.txt from Docker Hub and saves all of the images as rancher-images.tar.gz.
rancher-load-images.shThis script loads images from the rancher-images.tar.gz file and pushes them to your private registry.

B. Collect all the required images (For Kubernetes Installs using Rancher Generated Self-Signed Certificate)

In a Kubernetes Install, if you elect to use the Rancher default self-signed TLS certificates, you must add the cert-manager image to rancher-images.txt as well. You skip this step if you are using you using your own certificates.

  1. Fetch the latest cert-manager Helm chart and parse the template for image details:

    Note: Recent changes to cert-manager require an upgrade. If you are upgrading Rancher and using a version of cert-manager older than v0.12.0, please see our upgrade documentation.

    helm repo add jetstack https://charts.jetstack.io
    helm repo update
    helm fetch jetstack/cert-manager --version v0.14.2
    helm template ./cert-manager-<version>.tgz | grep -oP '(?<=image: ").*(?=")' >> ./rancher-images.txt
  2. Sort and unique the images list to remove any overlap between the sources:

    sort -u rancher-images.txt -o rancher-images.txt

C. Save the images to your workstation

  1. Make rancher-save-images.sh an executable:

    chmod +x rancher-save-images.sh
  2. Run rancher-save-images.sh with the rancher-images.txt image list to create a tarball of all the required images:

    ./rancher-save-images.sh --image-list ./rancher-images.txt

    Result: Docker begins pulling the images used for an air gap install. Be patient. This process takes a few minutes. When the process completes, your current directory will output a tarball named rancher-images.tar.gz. Check that the output is in the directory.

D. Populate the private registry

Move the images in the rancher-images.tar.gz to your private registry using the scripts to load the images. The rancher-images.txt is expected to be on the workstation in the same directory that you are running the rancher-load-images.sh script.

  1. Log into your private registry if required:

    docker login <REGISTRY.YOURDOMAIN.COM:PORT>
  2. Make rancher-load-images.sh an executable:

    chmod +x rancher-load-images.sh
  3. Use rancher-load-images.sh to extract, tag and push rancher-images.txt and rancher-images.tar.gz to your private registry:

     ./rancher-load-images.sh --image-list ./rancher-images.txt --registry <REGISTRY.YOURDOMAIN.COM:PORT>

Next: Kubernetes Installs - Launch a Kubernetes Cluster with RKE

Next: Docker Installs - Install Rancher