feat: add known issue about v1.4.0 airgapped environment

versioned_docs/version-v1.4/airgap.md

@@ -49,12 +49,34 @@ When the nodes in the cluster do not use a proxy to communicate with each other,
 
 ## Guest Cluster Images
 
-All necessary images to install and run Harvester are conveniently packaged into the ISO, eliminating the need to pre-load images on bare-metal nodes. A Harvester cluster manages them independently and effectively behind the scenes. 
+All necessary images to install and run Harvester are conveniently packaged into the ISO, eliminating the need to pre-load images on bare-metal nodes. A Harvester cluster manages them independently and effectively behind the scenes.
 
-However, it's essential to understand a guest K8s cluster (e.g., RKE2 cluster) created by the [Harvester node driver](./rancher/node/node-driver.md) is a distinct entity from a Harvester cluster. A guest cluster operates within VMs and requires pulling images either from the internet or a [private registry](https://ranchermanager.docs.rancher.com/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/global-default-private-registry#configure-a-private-registry-with-credentials-when-creating-a-cluster). 
+However, it's essential to understand a guest K8s cluster (e.g., RKE2 cluster) created by the [Harvester node driver](./rancher/node/node-driver.md) is a distinct entity from a Harvester cluster. A guest cluster operates within VMs and requires pulling images either from the internet or a [private registry](https://ranchermanager.docs.rancher.com/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/global-default-private-registry#configure-a-private-registry-with-credentials-when-creating-a-cluster).
 
 If the **Cloud Provider** option is configured to **Harvester** in a guest K8s cluster, it deploys the Harvester cloud provider and Container Storage Interface (CSI) driver.
 
 ![cluster-registry](/img/v1.2/cluster-registry.png)
 
-As a result, we recommend monitoring each [RKE2 release](https://github.com/rancher/rke2/releases) in your air gapped environment and pulling the required images into your private registry. Please refer to the **Harvester CCM & CSI Driver** with RKE2 Releases section on the [Harvester support matrix page](https://www.suse.com/suse-harvester/support-matrix/all-supported-versions/harvester-v1-1-2/) for the best Harvester cloud provider and CSI driver capability support.
+As a result, we recommend monitoring each [RKE2 release](https://github.com/rancher/rke2/releases) in your air gapped environment and pulling the required images into your private registry. Please refer to the **Harvester CCM & CSI Driver** with RKE2 Releases section on the [Harvester support matrix page](https://www.suse.com/suse-harvester/support-matrix/all-supported-versions/harvester-v1-1-2/) for the best Harvester cloud provider and CSI driver capability support.
+
+## Known issues
+
+---
+
+### 1. Missing rancher/rancher-agent:v2.9.2 image affects deployment in air-gapped environments. (Issue [#7157](https://github.com/harvester/harvester/issues/7157))
+
+Rancher v2.9.2, which is embedded in Harvester v1.4.0, introduced a new cronjob ([`rke2-machine-config-cleanup`](https://github.com/rancher/rancher/commit/53ba791e11f98a5594c6fa8a30d321602483446c)). This cronjob uses a container image (`rancher/rancher-agent:v2.9.2`) that is not included in the Harvester v1.4.0 ISO. To mitigate the issue, you can pull the image from the internet and then load it in the air-gapped environment.
+
+```bash
+# on a computer which can reach the internet and harvester cluster
+docker pull rancher/rancher-agent:v2.9.2
+docker save rancher/rancher-agent:v2.9.2 -o rancher-agent-v2.9.2.tar
+
+# copy rancher-agent-v2.9.2.tar to the air-gapped environment
+scp rancher-agent-v2.9.2.tar rancher@<harvester-node-ip>:/tmp
+
+# ssh to the harvester node and load the image
+ssh rancher@<harvester-node-ip>
+sudo -i
+docker load -i /tmp/rancher-agent-v2.9.2.tar
+```