containerd配置私有仓库registry

SilentCodeY2024-11-07 15:48

|----------|--------------|-------|
| 机器 | ip | 端口 |
| regtisry | 192.168.0.72 | 5000 |
| k8s-* | ------- | k8s集群 |

1、镜像上传

root@admin:~# docker push 192.168.0.72:5000/nginx:1.26.1-alpine

The push refers to repository [192.168.0.72:5000/nginx]

6961f0b8531c: Pushed

3112cd521249: Pushed

d3f50ce9b5b5: Pushed

9efaf2eb479a: Pushed

bef35f150926: Pushed

7b87df18a0ed: Pushed

4160c36f5f9d: Pushed

d4fc045c9e3a: Pushed

1.26.1-alpine: digest: sha256:2565e998caf6d270af6ded12206135ffd3247aeb362f5dc5ad2c7449f3712df0 size: 1989

2、重要报错

root@k8s-master3 \~\]# journalctl -u containerd -f -- Logs begin at Fri 2024-10-25 15:25:01 CST. -- Nov 06 14:08:14 k8s-master3 containerd\[19662\]: time="2024-11-06T14:08:14.052429673+08:00" level=warning msg="could not use snapshotter devmapper in metadata plugin" error="devmapper not configured" Nov 06 14:08:14 k8s-master3 containerd\[19662\]: time="2024-11-06T14:08:14.154156087+08:00" level=warning msg="failed to load plugin io.containerd.grpc.v1.cri" error="invalid plugin config: `mirrors` cannot be set when `config_path` is provided" Nov 06 14:08:14 k8s-master3 systemd\[1\]: Started containerd container runtime. Nov 06 14:22:06 k8s-master3 systemd\[1\]: Stopping containerd container runtime... Nov 06 14:22:06 k8s-master3 systemd\[1\]: Stopped containerd container runtime. Nov 06 14:22:06 k8s-master3 systemd\[1\]: Starting containerd container runtime... Nov 06 14:22:06 k8s-master3 containerd\[28450\]: time="2024-11-06T14:22:06.359645523+08:00" level=warning msg="failed to load plugin io.containerd.snapshotter.v1.devmapper" error="devmapper not configured" Nov 06 14:22:06 k8s-master3 containerd\[28450\]: time="2024-11-06T14:22:06.360210472+08:00" level=warning msg="could not use snapshotter devmapper in metadata plugin" error="devmapper not configured" Nov 06 14:22:06 k8s-master3 containerd\[28450\]: time="2024-11-06T14:22:06.475504596+08:00" level=warning msg="failed to load plugin io.containerd.grpc.v1.cri" error="invalid plugin config: `mirrors` cannot be set when `config_path` is provided" Nov 06 14:22:06 k8s-master3 systemd\[1\]: Started containerd container runtime. \[root@k8s-master3 \~\]# ctr plugins ls \| grep cri io.containerd.grpc.v1 cri linux/amd64 error 从日志来看,出现了以下错误: > `invalid plugin config: mirrors cannot be set when config_path is provided` 这表明在 `/etc/containerd/config.toml` 中,`mirrors` 和 `config_path` 配置项冲突。根据 containerd 配置规则,**当使用 `config_path` 指定了证书和私有仓库配置文件目录时,不允许再使用 `mirrors` 配置**。 #### 解决方案 要解决此问题,可以选择以下两种方式之一: ##### 方案 1:删除 `mirrors` 配置 如果你更愿意通过 `config_path` 指定私有仓库配置文件,则删除 `mirrors` 配置部分,保留 `config_path` 配置。例如,更新后的 `config.toml` 文件为: > `version = 2 root = "/var/lib/containerd" state = "/run/containerd" oom_score = 0 [grpc] address = "/run/containerd/containerd.sock" [plugins."io.containerd.grpc.v1.cri"] sandbox_image = "registry.aliyuncs.com/google_containers/pause:3.7" [plugins."io.containerd.grpc.v1.cri".containerd] snapshotter = "overlayfs" default_runtime_name = "runc" [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc] runtime_type = "io.containerd.runc.v2" [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc.options] SystemdCgroup = true [plugins."io.containerd.grpc.v1.cri".registry] config_path = "/etc/containerd/certs.d" [plugins."io.containerd.grpc.v1.cri".registry.configs."192.168.0.72:5000".tls] insecure_skip_verify = true [plugins."io.containerd.grpc.v1.cri".registry.configs."192.168.0.72:5000".auth] username = "admin" password = "admin" ` #本人使用的方案二解决 ##### 方案 2:移除 `config_path` 并仅使用 `mirrors` 如果你更偏向在 `config.toml` 中直接配置镜像仓库的地址,则可以删除 `config_path` 行,仅使用 `mirrors` 配置。例如: > `[plugins."io.containerd.grpc.v1.cri".registry] [plugins."io.containerd.grpc.v1.cri".registry.mirrors."192.168.0.72:5000"] endpoint = ["http://192.168.0.72:5000"] [plugins."io.containerd.grpc.v1.cri".registry.configs."192.168.0.72:5000".tls] insecure_skip_verify = true [plugins."io.containerd.grpc.v1.cri".registry.configs."192.168.0.72:5000".auth] username = "admin" password = "admin" ` #### 重启 Containerd 并验证 更新配置后,重新启动 containerd 服务: > `sudo systemctl restart containerd` #成功验证,既能通过crictl拉取,还能写入到yaml文件中拉取,而不用为集群中每一台机器上传镜像 > at > > \[root@k8s-master1 containerd\]# crictl pull ​​192.168.0.72:5000/nginx:1.26.1-alpine > > Image is up to date for sha256:98abffe47b9c4812f59d521554e7b2245196e882bca57ece5b23d38ede0cc137 > > \[root@k8s-master1 containerd\]# crictl images > > IMAGE TAG IMAGE ID SIZE > > 192.168.0.72:5000/nginx 1.26.1-alpine 98abffe47b9c4 20.5MB

相关推荐
JY.yuyu1 天前
Docker常用命令——数据卷管理 / 端口映射 / 容器互联
运维·docker·容器
lpruoyu1 天前
【Docker进阶-06】docker-compose & docker swarm
运维·docker·容器
虾说羊1 天前
docker容器化部署项目流程
运维·docker·容器
骇客野人1 天前
通过脚本推送Docker镜像
java·docker·容器
liux35281 天前
基于kubeadm部署Kubernetes 1.26.4 集群指南
云原生·容器·kubernetes
Zfox_1 天前
CANN GE 深度解析:图编译器与执行引擎的后端优化策略、OM 文件结构与 Stream 调度机制
容器·节点小宝
人鱼传说1 天前
docker desktop是一个好东西
运维·docker·容器
小章UPUP1 天前
Kubernetes (K8s) 与 Podman 的比较
容器·kubernetes·podman
忆~遂愿1 天前
CANN metadef 核心解析:计算图原型定义、算子元数据抽象与异构系统互操作机制
docker·容器
说实话起个名字真难啊1 天前
用docker来安装openclaw
docker·ai·容器
热门推荐
01GitHub 镜像站点02Claude Code + GLM4.7 避坑指南:解决 Unable to connect to Anthropic services03OpenClaw Chrome扩展使用教程 - 浏览器中继控制04Linux下V2Ray安装配置指南05UV安装并设置国内源06openclaw配置教程(linux+局域网ollama)07让 Trae IDE 智能体 “读懂”文档 Excel+PDF+DOCX :mcp-documents-reader 工具使用指南08使用 1panel面板 部署 php网站09Vue-skills的中文文档10从零搭建一个 PHP 登录注册系统(含完整源码)