Confused about using external registries

Hi, I have gitpod on a bare metal cluster. I am trying to get it to play nice with Harbor, especially with the image-builder, When I start a workspace I get Request createWorkspace failed with message: 13 INTERNAL: cannot resolve workspace image: Error response from daemon: unknown: repository gitpod/workspace-images not found on the dashboard and "a":{"All":false,"Explicit":null},"level":"debug","message":"registry not allowed","ref":{},"reg":"docker.io","serviceContext":{"service":"image-builder","version":""},"severity":"DEBUG","time":"2021-04-17T02:33:09Z"} from the image-builder service pod.

  • Are you using GCR or Docker.io? The error message is about GCR I believe, the built-in registry pulls from Docker.io
  • For the base workspace image: which images / tags should I use (for Harbor replication rules for ex.) and under what namespace should they appear?
  • under what namespace do you push the images after they are built?
  • how do you handle the external registry name? For example I use core.harbor.whatever.org/gitpod, but Gitpod ignores the suffix and my config ends up with "baseImageRepository": "registry.gitpod.whatever.org/base-images" rather than ..../gitpod/base-images. What repositories names are pre-empted by gitpod?
  • in the values.yaml what are baseImageName: "" / workspaceImageName: ""? That’s a very unhelpful default value…
2 Likes

I don’t yet understand exactly what you’re trying to accomplish. Here are my thoughts on this topic:

  • We pull images both from docker.io and GCR. The actual Gitpod app is on GCR. We pull the default workspace images and other standard images like alpine from docker.io.
  • When you configure your own registry in Gitpod, Gitpod uses this registry to push the images built by the Gitpod image-builder (esp. the custom workspace images). That does not mean that Gitpod does not pull images from docker.io resp. GCR.
  • When you would like to pull all images from your local registry instead of docker.io resp. GCR you’ll find some hints for configuration and which images need to be in your registry in this pull request: Allow air-gap Gitpod installations by corneliusludmann · Pull Request #3228 · gitpod-io/gitpod · GitHub
  • In general, we don’t officially support and test this configuration. That’s, why it’s not officially documented and subject to change.

Thanks for that, I will go back to the built-in registry for now.