k8s containerd 配置 http访问harbor image【最新--官方文档】

不看官方文档的代价:在搜索了很多中文资料发现配置了都不起作用,浪费了很多时间。

https://github.com/containerd/containerd/blob/main/docs/cri/config.md#registry-configuration

The old CRI config pattern for specifying registry.mirrors and registry.configs has been DEPRECATED. You should now point your registry config_path to the path where your hosts.toml files are located.   也就是说直接在/etc/containerd/config.toml里配置 registry.mirrors已经失效了。

最新的配置方法是只在config.toml 中指定hosts.toml的config_path

    [plugins."io.containerd.grpc.v1.cri".registry]
      config_path = "/etc/containerd/certs.d"

在hosts.toml配置真正的harbor的URL, 默认是https,这里改成了http

vim /etc/containerd/certs.d/registry.imagehub.com/hosts.toml

server = "http://registry.imagehub.com"

[host."http://registry.imagehub.com"]
  capabilities = ["pull", "resolve", "push"]
  skip_verify = true
修改完,需要daemon-reload, restart containerd

验证pull image是否成功:

ctr images pull --hosts-dir "/etc/containerd/certs.d" registry.imagehub.com/library/hello_world:v2

网元yaml配置image地址:

# cat hello_world.yaml

   containers:
   - name: hello-world-container
     image: registry.imagehub.com/library/hello_world:v2

# kubectl get pods --all-namespaces
NAMESPACE     NAME                                       READY   STATUS             RESTARTS   AGE
default       hello-world-6c8d6fb999-8fdsd               1/1     Running            0          52m
 

你可能感兴趣的:(k8s,kubernetes,容器,k8s,containerd)