containerd配置私有仓库registry

SilentCodeY2024-11-07 15:48

|----------|--------------|-------|
| 机器 | ip | 端口 |
| regtisry | 192.168.0.72 | 5000 |
| k8s-* | ------- | k8s集群 |

1、镜像上传

root@admin:~# docker push 192.168.0.72:5000/nginx:1.26.1-alpine

The push refers to repository [192.168.0.72:5000/nginx]

6961f0b8531c: Pushed

3112cd521249: Pushed

d3f50ce9b5b5: Pushed

9efaf2eb479a: Pushed

bef35f150926: Pushed

7b87df18a0ed: Pushed

4160c36f5f9d: Pushed

d4fc045c9e3a: Pushed

1.26.1-alpine: digest: sha256:2565e998caf6d270af6ded12206135ffd3247aeb362f5dc5ad2c7449f3712df0 size: 1989

2、重要报错

root@k8s-master3 \~\]# journalctl -u containerd -f -- Logs begin at Fri 2024-10-25 15:25:01 CST. -- Nov 06 14:08:14 k8s-master3 containerd\[19662\]: time="2024-11-06T14:08:14.052429673+08:00" level=warning msg="could not use snapshotter devmapper in metadata plugin" error="devmapper not configured" Nov 06 14:08:14 k8s-master3 containerd\[19662\]: time="2024-11-06T14:08:14.154156087+08:00" level=warning msg="failed to load plugin io.containerd.grpc.v1.cri" error="invalid plugin config: `mirrors` cannot be set when `config_path` is provided" Nov 06 14:08:14 k8s-master3 systemd\[1\]: Started containerd container runtime. Nov 06 14:22:06 k8s-master3 systemd\[1\]: Stopping containerd container runtime... Nov 06 14:22:06 k8s-master3 systemd\[1\]: Stopped containerd container runtime. Nov 06 14:22:06 k8s-master3 systemd\[1\]: Starting containerd container runtime... Nov 06 14:22:06 k8s-master3 containerd\[28450\]: time="2024-11-06T14:22:06.359645523+08:00" level=warning msg="failed to load plugin io.containerd.snapshotter.v1.devmapper" error="devmapper not configured" Nov 06 14:22:06 k8s-master3 containerd\[28450\]: time="2024-11-06T14:22:06.360210472+08:00" level=warning msg="could not use snapshotter devmapper in metadata plugin" error="devmapper not configured" Nov 06 14:22:06 k8s-master3 containerd\[28450\]: time="2024-11-06T14:22:06.475504596+08:00" level=warning msg="failed to load plugin io.containerd.grpc.v1.cri" error="invalid plugin config: `mirrors` cannot be set when `config_path` is provided" Nov 06 14:22:06 k8s-master3 systemd\[1\]: Started containerd container runtime. \[root@k8s-master3 \~\]# ctr plugins ls \| grep cri io.containerd.grpc.v1 cri linux/amd64 error 从日志来看,出现了以下错误: > `invalid plugin config: mirrors cannot be set when config_path is provided` 这表明在 `/etc/containerd/config.toml` 中,`mirrors` 和 `config_path` 配置项冲突。根据 containerd 配置规则,**当使用 `config_path` 指定了证书和私有仓库配置文件目录时,不允许再使用 `mirrors` 配置**。 #### 解决方案 要解决此问题,可以选择以下两种方式之一: ##### 方案 1:删除 `mirrors` 配置 如果你更愿意通过 `config_path` 指定私有仓库配置文件,则删除 `mirrors` 配置部分,保留 `config_path` 配置。例如,更新后的 `config.toml` 文件为: > `version = 2 root = "/var/lib/containerd" state = "/run/containerd" oom_score = 0 [grpc] address = "/run/containerd/containerd.sock" [plugins."io.containerd.grpc.v1.cri"] sandbox_image = "registry.aliyuncs.com/google_containers/pause:3.7" [plugins."io.containerd.grpc.v1.cri".containerd] snapshotter = "overlayfs" default_runtime_name = "runc" [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc] runtime_type = "io.containerd.runc.v2" [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc.options] SystemdCgroup = true [plugins."io.containerd.grpc.v1.cri".registry] config_path = "/etc/containerd/certs.d" [plugins."io.containerd.grpc.v1.cri".registry.configs."192.168.0.72:5000".tls] insecure_skip_verify = true [plugins."io.containerd.grpc.v1.cri".registry.configs."192.168.0.72:5000".auth] username = "admin" password = "admin" ` #本人使用的方案二解决 ##### 方案 2:移除 `config_path` 并仅使用 `mirrors` 如果你更偏向在 `config.toml` 中直接配置镜像仓库的地址,则可以删除 `config_path` 行,仅使用 `mirrors` 配置。例如: > `[plugins."io.containerd.grpc.v1.cri".registry] [plugins."io.containerd.grpc.v1.cri".registry.mirrors."192.168.0.72:5000"] endpoint = ["http://192.168.0.72:5000"] [plugins."io.containerd.grpc.v1.cri".registry.configs."192.168.0.72:5000".tls] insecure_skip_verify = true [plugins."io.containerd.grpc.v1.cri".registry.configs."192.168.0.72:5000".auth] username = "admin" password = "admin" ` #### 重启 Containerd 并验证 更新配置后,重新启动 containerd 服务: > `sudo systemctl restart containerd` #成功验证,既能通过crictl拉取,还能写入到yaml文件中拉取,而不用为集群中每一台机器上传镜像 > at > > \[root@k8s-master1 containerd\]# crictl pull ​​192.168.0.72:5000/nginx:1.26.1-alpine > > Image is up to date for sha256:98abffe47b9c4812f59d521554e7b2245196e882bca57ece5b23d38ede0cc137 > > \[root@k8s-master1 containerd\]# crictl images > > IMAGE TAG IMAGE ID SIZE > > 192.168.0.72:5000/nginx 1.26.1-alpine 98abffe47b9c4 20.5MB

相关推荐
可观测性用观测云37 分钟前
Kubernetes APIServer 可观测最佳实践
kubernetes
碣石潇湘无限路3 小时前
【云原生】Kubernetes CEL 速查表
容器·贪心算法·kubernetes
mingyuewu5 小时前
MAC安装docker 后提示com.docker.vmnetd”将对您的电脑造成伤害
macos·docker·容器
企鹅侠客7 小时前
Prometheus operator怎么添加targets和告警规则
运维·云原生·kubernetes·prometheus·pod
专注代码七年8 小时前
Docker运维篇
运维·docker·容器
一杯敬朝阳 一杯敬月光9 小时前
WIN11 企业版 部署Dify+Docker
运维·docker·容器
Leo Han9 小时前
k8s常用命令(持续更新中)
docker·容器·kubernetes
KubeSphere 云原生9 小时前
云原生周刊:Kubernetes v1.33 要来了
云原生·容器·kubernetes
dessler10 小时前
Kubernetes(k8s)-日志(logs)和exec内部逻辑
linux·运维·kubernetes
白夜易寒20 小时前
Docker学习之私有仓库(day10)
学习·docker·容器
热门推荐
01我决定放弃搞 Java 了02DeepSeek各版本说明与优缺点分析03如何在WPS和Word/Excel中直接使用DeepSeek功能04从零安装 LLaMA-Factory 微调 Qwen 大模型成功及所有的坑05苍穹外卖面试总结06DeepSeek R1本地化部署 Ollama + Chatbox 打造最强 AI 工具07RAG 实践- Ollama+RagFlow 部署本地知识库08本地化部署AI知识库:基于Ollama+DeepSeek+AnythingLLM保姆级教程09如何本地部署AI智能体平台,带你手搓一个AI Agent10Android下HWC以及drm_hwcomposer普法(上)