I recently created a private GKE kubernetes cluster for running web services and discovered that it's quite locked down and isn't supposed to have any outbound internet access, but has access to GCP services. I'm happy to live with pushing container images to private GCP repo.
However what I do find strange is that after installing some public domain helm charts, some images are pulled from docker hub and other public registries and some are not.
I'm using pre-emptible nodes, so some charts which I had previously deployed have had underlying nodes replaced and the replacements show image pull errors.
Is this due to the multi-tenant nature of the GKE service? Maybe some hosts may have already cached images and so are not actually pulling images?
One example
mongo:3.6
was hanging for over 24 hours for one pod, then eventually was pulled by three pods, but it's a docker hub reference
