配置containerd镜像管理

用户30750093037932025-08-07 10:32

containerd常用镜像配置

ini 复制代码 
# docker hub镜像加速
mkdir -p /etc/containerd/certs.d/docker.io
cat > /etc/containerd/certs.d/docker.io/hosts.toml << EOF
server = "https://docker.io"
[host."https://dockerproxy.com"]
  capabilities = ["pull", "resolve"]

[host."https://docker.m.daocloud.io"]
  capabilities = ["pull", "resolve"]

[host."https://reg-mirror.qiniu.com"]
  capabilities = ["pull", "resolve"]

[host."https://registry.docker-cn.com"]
  capabilities = ["pull", "resolve"]

[host."http://hub-mirror.c.163.com"]
  capabilities = ["pull", "resolve"]

EOF

# registry.k8s.io镜像加速
mkdir -p /etc/containerd/certs.d/registry.k8s.io
tee /etc/containerd/certs.d/registry.k8s.io/hosts.toml << 'EOF'
server = "https://registry.k8s.io"

[host."https://k8s.m.daocloud.io"]
  capabilities = ["pull", "resolve", "push"]
EOF

# docker.elastic.co镜像加速
mkdir -p /etc/containerd/certs.d/docker.elastic.co
tee /etc/containerd/certs.d/docker.elastic.co/hosts.toml << 'EOF'
server = "https://docker.elastic.co"

[host."https://elastic.m.daocloud.io"]
  capabilities = ["pull", "resolve", "push"]
EOF

# gcr.io镜像加速
mkdir -p /etc/containerd/certs.d/gcr.io
tee /etc/containerd/certs.d/gcr.io/hosts.toml << 'EOF'
server = "https://gcr.io"

[host."https://gcr.m.daocloud.io"]
  capabilities = ["pull", "resolve", "push"]
EOF

# ghcr.io镜像加速
mkdir -p /etc/containerd/certs.d/ghcr.io
tee /etc/containerd/certs.d/ghcr.io/hosts.toml << 'EOF'
server = "https://ghcr.io"

[host."https://ghcr.m.daocloud.io"]
  capabilities = ["pull", "resolve", "push"]
EOF

# k8s.gcr.io镜像加速
mkdir -p /etc/containerd/certs.d/k8s.gcr.io
tee /etc/containerd/certs.d/k8s.gcr.io/hosts.toml << 'EOF'
server = "https://k8s.gcr.io"

[host."https://k8s-gcr.m.daocloud.io"]
  capabilities = ["pull", "resolve", "push"]
EOF

# mcr.m.daocloud.io镜像加速
mkdir -p /etc/containerd/certs.d/mcr.microsoft.com
tee /etc/containerd/certs.d/mcr.microsoft.com/hosts.toml << 'EOF'
server = "https://mcr.microsoft.com"

[host."https://mcr.m.daocloud.io"]
  capabilities = ["pull", "resolve", "push"]
EOF

# nvcr.io镜像加速
mkdir -p /etc/containerd/certs.d/nvcr.io
tee /etc/containerd/certs.d/nvcr.io/hosts.toml << 'EOF'
server = "https://nvcr.io"

[host."https://nvcr.m.daocloud.io"]
  capabilities = ["pull", "resolve", "push"]
EOF

# quay.io镜像加速
mkdir -p /etc/containerd/certs.d/quay.io
tee /etc/containerd/certs.d/quay.io/hosts.toml << 'EOF'
server = "https://quay.io"

[host."https://quay.m.daocloud.io"]
  capabilities = ["pull", "resolve", "push"]
EOF

# registry.jujucharms.com镜像加速
mkdir -p /etc/containerd/certs.d/registry.jujucharms.com
tee /etc/containerd/certs.d/registry.jujucharms.com/hosts.toml << 'EOF'
server = "https://registry.jujucharms.com"

[host."https://jujucharms.m.daocloud.io"]
  capabilities = ["pull", "resolve", "push"]
EOF

# rocks.canonical.com镜像加速
mkdir -p /etc/containerd/certs.d/rocks.canonical.com
tee /etc/containerd/certs.d/rocks.canonical.com/hosts.toml << 'EOF'
server = "https://rocks.canonical.com"

[host."https://rocks-canonical.m.daocloud.io"]
  capabilities = ["pull", "resolve", "push"]
EOF

验证

crictl 命令, 会自动使用/etc/containerd/certs.d目录下的配置镜像加速 (推荐)

是对于ctr命令,需要指定--hosts-dir=/etc/containerd/certs.d。举个栗子:

bash 复制代码 
ctr i pull --hosts-dir=/etc/containerd/certs.d registry.k8s.io/sig-storage/csi-provisioner:v3.5.0

如果要确定此命令是否真的使用了镜像加速,可以增加--debug=true参数,譬如:

bash 复制代码 
ctr --debug=true i pull --hosts-dir=/etc/containerd/certs.d registry.k8s.io/sig-storage/csi-provisioner:v3.5.0

使用crictl 命令拉取

lua 复制代码 
[root@node2 certs.d]# crictl --debug=true  pull docker.io/library/ubuntu:20.04
DEBU[0000] get image connection
DEBU[0000] PullImageRequest: &PullImageRequest{Image:&ImageSpec{Image:docker.io/library/ubuntu:20.04,Annotations:map[string]string{},UserSpecifiedImage:,RuntimeHandler:,},Auth:nil,SandboxConfig:nil,}
DEBU[0022] PullImageResponse: &PullImageResponse{ImageRef:sha256:ba6acccedd2923aee4c2acc6a23780b14ed4b8a5fa4e14e252a23b846df9b6c1,}
Image is up to date for sha256:ba6acccedd2923aee4c2acc6a23780b14ed4b8a5fa4e14e252a23b846df9b6c1
[root@node2 certs.d]# crictl images
IMAGE                                        TAG                    IMAGE ID            SIZE
docker.io/library/ubuntu                     20.04                  ba6acccedd292       28.6MB
docker.io/rancher/klipper-helm               v0.8.3-build20240228   0929b4140ada6       256MB
docker.io/rancher/klipper-lb                 v0.4.7                 edc812b8e25d0       12.2MB
docker.io/rancher/local-path-provisioner     v0.0.26                c54dcef6214cb       48.7MB
docker.io/rancher/mirrored-coredns-coredns   1.10.1                 ead0a4a53df89       53.6MB
docker.io/rancher/mirrored-library-busybox   1.36.1                 65ad0d468eb1c       4.5MB
docker.io/rancher/mirrored-library-traefik   2.10.7                 ee69e8120b64a       154MB
docker.io/rancher/mirrored-metrics-server    v0.7.0                 b9a5a1927366a       68.2MB
docker.io/rancher/mirrored-pause             3.6                    6270bb605e12e       686kB
[root@node2 certs.d]#
相关推荐
能不能别报错6 小时前
K8s学习笔记(十六) 探针(Probe)
笔记·学习·kubernetes
能不能别报错8 小时前
K8s学习笔记(十四) DaemonSet
笔记·学习·kubernetes
火星MARK9 小时前
k8s面试题
容器·面试·kubernetes
赵渝强老师11 小时前
【赵渝强老师】Docker容器的资源管理机制
linux·docker·容器·kubernetes
能不能别报错12 小时前
K8s学习笔记(十五) pause容器与init容器
笔记·学习·kubernetes
稚辉君.MCA_P8_Java12 小时前
kafka解决了什么问题?mmap 和sendfile
java·spring boot·分布式·kafka·kubernetes
一叶飘零_sweeeet13 小时前
从 0 到 1 掌控云原生部署:Java 项目的 Docker 容器化与 K8s 集群实战指南
docker·云原生·kubernetes·项目部署
落日漫游1 天前
Kubernetes容器运行时:cri-docker vs containerd
docker·kubernetes
2501_920047032 天前
k8s-ingress控制器
云原生·容器·kubernetes
K_i1342 天前
Docker、容器、虚拟机到底是什么
docker·微服务·云原生·容器·kubernetes
热门推荐
01两千字总结:Codex 国内如何安装和使用的教程,以及如何设置中文回答02GitHub 镜像站点03UV安装并设置国内源04KGG转MP3工具|非KGM文件|解密音频05Linux下V2Ray安装配置指南06jdk21下载、安装(Windows、Linux、macOS)07Claude Code & 智谱GLM-4.5 环境配置指南 (Windows/macOS/Ubuntu)08DeepSeek-VL 解析:混合视觉-语言模型如何超越传统计算机视觉方法09一文了解国产算子编程语言 TileLang,TileLang 对国产开源生态的影响与启示1046个Nano-banana 精选提示词,持续更新中