配置containerd镜像管理

用户30750093037932025-08-07 10:32

containerd常用镜像配置

ini 复制代码 
# docker hub镜像加速
mkdir -p /etc/containerd/certs.d/docker.io
cat > /etc/containerd/certs.d/docker.io/hosts.toml << EOF
server = "https://docker.io"
[host."https://dockerproxy.com"]
  capabilities = ["pull", "resolve"]

[host."https://docker.m.daocloud.io"]
  capabilities = ["pull", "resolve"]

[host."https://reg-mirror.qiniu.com"]
  capabilities = ["pull", "resolve"]

[host."https://registry.docker-cn.com"]
  capabilities = ["pull", "resolve"]

[host."http://hub-mirror.c.163.com"]
  capabilities = ["pull", "resolve"]

EOF

# registry.k8s.io镜像加速
mkdir -p /etc/containerd/certs.d/registry.k8s.io
tee /etc/containerd/certs.d/registry.k8s.io/hosts.toml << 'EOF'
server = "https://registry.k8s.io"

[host."https://k8s.m.daocloud.io"]
  capabilities = ["pull", "resolve", "push"]
EOF

# docker.elastic.co镜像加速
mkdir -p /etc/containerd/certs.d/docker.elastic.co
tee /etc/containerd/certs.d/docker.elastic.co/hosts.toml << 'EOF'
server = "https://docker.elastic.co"

[host."https://elastic.m.daocloud.io"]
  capabilities = ["pull", "resolve", "push"]
EOF

# gcr.io镜像加速
mkdir -p /etc/containerd/certs.d/gcr.io
tee /etc/containerd/certs.d/gcr.io/hosts.toml << 'EOF'
server = "https://gcr.io"

[host."https://gcr.m.daocloud.io"]
  capabilities = ["pull", "resolve", "push"]
EOF

# ghcr.io镜像加速
mkdir -p /etc/containerd/certs.d/ghcr.io
tee /etc/containerd/certs.d/ghcr.io/hosts.toml << 'EOF'
server = "https://ghcr.io"

[host."https://ghcr.m.daocloud.io"]
  capabilities = ["pull", "resolve", "push"]
EOF

# k8s.gcr.io镜像加速
mkdir -p /etc/containerd/certs.d/k8s.gcr.io
tee /etc/containerd/certs.d/k8s.gcr.io/hosts.toml << 'EOF'
server = "https://k8s.gcr.io"

[host."https://k8s-gcr.m.daocloud.io"]
  capabilities = ["pull", "resolve", "push"]
EOF

# mcr.m.daocloud.io镜像加速
mkdir -p /etc/containerd/certs.d/mcr.microsoft.com
tee /etc/containerd/certs.d/mcr.microsoft.com/hosts.toml << 'EOF'
server = "https://mcr.microsoft.com"

[host."https://mcr.m.daocloud.io"]
  capabilities = ["pull", "resolve", "push"]
EOF

# nvcr.io镜像加速
mkdir -p /etc/containerd/certs.d/nvcr.io
tee /etc/containerd/certs.d/nvcr.io/hosts.toml << 'EOF'
server = "https://nvcr.io"

[host."https://nvcr.m.daocloud.io"]
  capabilities = ["pull", "resolve", "push"]
EOF

# quay.io镜像加速
mkdir -p /etc/containerd/certs.d/quay.io
tee /etc/containerd/certs.d/quay.io/hosts.toml << 'EOF'
server = "https://quay.io"

[host."https://quay.m.daocloud.io"]
  capabilities = ["pull", "resolve", "push"]
EOF

# registry.jujucharms.com镜像加速
mkdir -p /etc/containerd/certs.d/registry.jujucharms.com
tee /etc/containerd/certs.d/registry.jujucharms.com/hosts.toml << 'EOF'
server = "https://registry.jujucharms.com"

[host."https://jujucharms.m.daocloud.io"]
  capabilities = ["pull", "resolve", "push"]
EOF

# rocks.canonical.com镜像加速
mkdir -p /etc/containerd/certs.d/rocks.canonical.com
tee /etc/containerd/certs.d/rocks.canonical.com/hosts.toml << 'EOF'
server = "https://rocks.canonical.com"

[host."https://rocks-canonical.m.daocloud.io"]
  capabilities = ["pull", "resolve", "push"]
EOF

验证

crictl 命令, 会自动使用/etc/containerd/certs.d目录下的配置镜像加速 (推荐)

是对于ctr命令,需要指定--hosts-dir=/etc/containerd/certs.d。举个栗子:

bash 复制代码 
ctr i pull --hosts-dir=/etc/containerd/certs.d registry.k8s.io/sig-storage/csi-provisioner:v3.5.0

如果要确定此命令是否真的使用了镜像加速,可以增加--debug=true参数,譬如:

bash 复制代码 
ctr --debug=true i pull --hosts-dir=/etc/containerd/certs.d registry.k8s.io/sig-storage/csi-provisioner:v3.5.0

使用crictl 命令拉取

lua 复制代码 
[root@node2 certs.d]# crictl --debug=true  pull docker.io/library/ubuntu:20.04
DEBU[0000] get image connection
DEBU[0000] PullImageRequest: &PullImageRequest{Image:&ImageSpec{Image:docker.io/library/ubuntu:20.04,Annotations:map[string]string{},UserSpecifiedImage:,RuntimeHandler:,},Auth:nil,SandboxConfig:nil,}
DEBU[0022] PullImageResponse: &PullImageResponse{ImageRef:sha256:ba6acccedd2923aee4c2acc6a23780b14ed4b8a5fa4e14e252a23b846df9b6c1,}
Image is up to date for sha256:ba6acccedd2923aee4c2acc6a23780b14ed4b8a5fa4e14e252a23b846df9b6c1
[root@node2 certs.d]# crictl images
IMAGE                                        TAG                    IMAGE ID            SIZE
docker.io/library/ubuntu                     20.04                  ba6acccedd292       28.6MB
docker.io/rancher/klipper-helm               v0.8.3-build20240228   0929b4140ada6       256MB
docker.io/rancher/klipper-lb                 v0.4.7                 edc812b8e25d0       12.2MB
docker.io/rancher/local-path-provisioner     v0.0.26                c54dcef6214cb       48.7MB
docker.io/rancher/mirrored-coredns-coredns   1.10.1                 ead0a4a53df89       53.6MB
docker.io/rancher/mirrored-library-busybox   1.36.1                 65ad0d468eb1c       4.5MB
docker.io/rancher/mirrored-library-traefik   2.10.7                 ee69e8120b64a       154MB
docker.io/rancher/mirrored-metrics-server    v0.7.0                 b9a5a1927366a       68.2MB
docker.io/rancher/mirrored-pause             3.6                    6270bb605e12e       686kB
[root@node2 certs.d]#
相关推荐
运维 小白2 小时前
k8s 部署MySQL主从集群(一主两从)1.0
mysql·容器·kubernetes
ζั͡山 ั͡有扶苏 ั͡✾3 小时前
完善EKF可观测性体系:基于ElastAlert2构建k8s智能钉钉日志告警系统
容器·kubernetes·钉钉·kibana·filebeat·日志监控
陈陈CHENCHEN3 小时前
【Kubernetes】K8s 集群 Ingress 入口规则
kubernetes
一枚正在学习的小白3 小时前
k8s的包管理工具(5)--读取文件内容
云原生·容器·kubernetes
muyesouu6 小时前
kubernetes 安装配置 需要有两个地方配置国内镜像地址
云原生·容器·kubernetes
落日漫游10 小时前
K8s Service核心功能:稳定访问与负载均衡
docker·kubernetes·负载均衡
oneslide15 小时前
Kubernetes V1.24+ & Docker运行时 grafana容器指标显示异常
docker·kubernetes·grafana
终端行者15 小时前
k8s各种场景下排错思路以及命令 k8s常见问题故障处理思路
云原生·容器·kubernetes
victory04311 天前
K8S NFS 静态配置和动态配置 StorageClass
云原生·容器·kubernetes
运维 小白1 天前
k8s 部署NFS和动态供应器
云原生·容器·kubernetes
热门推荐
01GitHub 镜像站点02UV安装并设置国内源03Linux下V2Ray安装配置指南04安娜的档案(Anna’s Archive) 镜像网站/国内最新可访问入口(持续更新)05综合整理:pdf预览显示:你尝试预览的文件可能对你的计算机有害。如果你信任此文件以及其来源,请打开此文件以看其内容,如何解决以正常预览文件06Labelme从安装到标注:零基础完整指南07BongoCat - 跨平台键盘猫动画工具08智能库存管理的需求预测模型:从业务痛点到落地代码的完整实践09《大数据技术原理与应用》实验报告三 熟悉HBase常用操作10NVIDIA显卡驱动、CUDA、cuDNN 和 TensorRT 版本匹配指南