I am observing issues where my Kubernetes cluster cannot pull images from private registries any more. This may be the case since I switched its runtime from Docker to containerd
. imagePullSecret
tags and the corresponding secret
s are still in place.
One can find descriptions that suggest that with containerd
image pull credentials have to be placed in /etc/containerd/config.toml
instead.
What is the latest normative documentation for this case: Should containerd
(when serving as Kubernetes container runtime) be able to pick up image pull credentials from Kubernetes secrets in the “normal” way or can these not serve with that particular runtime?
Cluster information:
Kubernetes version: 1.27.1
Cloud being used: bare-metal
Installation method: kubeadm
Host OS: Debian
CNI and version: Cilium
CRI and version: containerd 1.6.21