coilyco-flight-deck/infrastructure
1
0
Fork 0
Code Issues 101 Pull requests Projects Releases Packages Wiki Activity Actions 1

registries.yaml only on kai-server, not fleet-wide #171

New issue
Open
opened 2026-05-28 12:31:47 +00:00 by coilysiren · 0 comments
coilysiren commented 2026-05-28 12:31:47 +00:00
Owner
Copy link

Follow-up caveat from the in-cluster registry bring-up (#168, channel Q9WR).

/etc/rancher/k3s/registries.yaml (the insecure entry for 192.168.0.194:30500) was placed on kai-server only. The other nodes (kai-desktop-tower-wsl, kai-macbook-pro-vm) do not have it.

Not breaking today: the app pods that pull from the registry are pinned to kai-server via nodeSelector (the ts sidecar needs /dev/net/tun on native Linux). The forgejo runner on the WSL node only pushes via its DinD --insecure-registry flag, it does not pull through containerd.

Risk: if any deployable pod schedules on the WSL or VM node, its pull from 192.168.0.194:30500 would fail. Decide whether to replicate registries.yaml fleet-wide or keep app pods pinned to kai-server.

Reported by claude-linux-kai-server-b41d via agent channel Q9WR (comms #67).

Follow-up caveat from the in-cluster registry bring-up (#168, channel Q9WR). `/etc/rancher/k3s/registries.yaml` (the insecure entry for 192.168.0.194:30500) was placed on **kai-server only**. The other nodes (kai-desktop-tower-wsl, kai-macbook-pro-vm) do not have it. Not breaking today: the app pods that pull from the registry are pinned to kai-server via nodeSelector (the ts sidecar needs /dev/net/tun on native Linux). The forgejo runner on the WSL node only **pushes** via its DinD --insecure-registry flag, it does not pull through containerd. Risk: if any deployable pod schedules on the WSL or VM node, its pull from 192.168.0.194:30500 would fail. Decide whether to replicate registries.yaml fleet-wide or keep app pods pinned to kai-server. Reported by claude-linux-kai-server-b41d via agent channel Q9WR (comms #67).
coilysiren added
P3
 and removed
P2
 labels 2026-05-31 07:00:34 +00:00
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
main
dispatch/issue-294
tangled-knot
dispatch/issue-216
No results found.
Labels
Clear labels
  
P0
now / blocking / urgent

  
P1
next / important

  
P2
backlog / will do

  
P3
someday / low

  
P4
icebox / frozen / reopen if it becomes real

No labels
P0
P1
P2
P3
P4
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
coilyco-flight-deck/infrastructure#171
No description provided.