Cluster wide vs Global registries

This document (000020015) is provided subject to the disclaimer at the end of this document.


Often Asked Question

What is the difference between a global registry versus a cluster-wide registry? Where would I use one over the other?

Here's the skinny

Global Private Registry

Global-level private registries allow for administrators to store or proxy images through a centralized image repository. Global registries allow for air-gapped setups to pull images needed for cluster provisioning and end-user workloads without specifying the private registry server. This registry is used as the default pull location in place of DockerHub. The global private registry does not support image repositories requiring authentication. Use cluster-level registries if you need to authenticate against your image repository during cluster provisioning. Use registries within the cluster if you need to authenticate against your image repository for end-user workloads. Docs to Global private registry configuration

Cluster Provisioning Private Registry

Cluster-level private registries allow administrators to use a registry server with RKE-based clusters to provision system components required to run Kubernetes. List of system images here. Administrators can pass in credentials if the registry server requires them. Outside of the RKE system-images and RKE add-ons, the Rancher agent image used in cluster provisioning will use the cluster-level registry for custom clusters. Eventually, node drivers will pull the Rancher agent image from the cluster-level registry as well. Track progress on that feature here, give it a thumbs-up and watch it if you're interested in its progress..

Note: There are still specific images not covered by the cluster-level private registry that are part of the cluster provisioning process. Your cluster will need access to either DockerHub or have these images in your global registry: Busybox, shell, and pause.


This Support Knowledgebase provides a valuable tool for SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.

  • Document ID:000020015
  • Creation Date: 06-May-2021
  • Modified Date:06-May-2021
    • SUSE Rancher

< Back to Support Search

For questions or concerns with the SUSE Knowledgebase please contact: tidfeedback[at]

SUSE Support Forums

Get your questions answered by experienced Sys Ops or interact with other SUSE community experts.

Join Our Community

Support Resources

Learn how to get the most from the technical support you receive with your SUSE Subscription, Premium Support, Academic Program, or Partner Program.

SUSE Customer Support Quick Reference Guide SUSE Technical Support Handbook Update Advisories
Support FAQ

Open an Incident

Open an incident with SUSE Technical Support, manage your subscriptions, download patches, or manage user access.

Go to Customer Center