containerd配置私有仓库registry
| 机器 | ip | 端口 |
| regtisry | 192.168.0.72 | 5000 |
| k8s-* | ------- | k8s集群 |
1、镜像上传
root@admin:~# docker push 192.168.0.72:5000/nginx:1.26.1-alpine
The push refers to repository [192.168.0.72:5000/nginx]
6961f0b8531c: Pushed
3112cd521249: Pushed
d3f50ce9b5b5: Pushed
9efaf2eb479a: Pushed
bef35f150926: Pushed
7b87df18a0ed: Pushed
4160c36f5f9d: Pushed
d4fc045c9e3a: Pushed
1.26.1-alpine: digest: sha256:2565e998caf6d270af6ded12206135ffd3247aeb362f5dc5ad2c7449f3712df0 size: 1989
2、重要报错
[root@k8s-master3 ~]# journalctl -u containerd -f -- Logs begin at Fri 2024-10-25 15:25:01 CST. -- Nov 06 14:08:14 k8s-master3 containerd[19662]: time="2024-11-06T14:08:14.052429673+08:00" level=warning msg="could not use snapshotter devmapper in metadata plugin" error="devmapper not configured" Nov 06 14:08:14 k8s-master3 containerd[19662]: time="2024-11-06T14:08:14.154156087+08:00" level=warning msg="failed to load plugin io.containerd.grpc.v1.cri" error="invalid plugin config: mirrors cannot be set when config_path is provided" Nov 06 14:08:14 k8s-master3 systemd[1]: Started containerd container runtime. Nov 06 14:22:06 k8s-master3 systemd[1]: Stopping containerd container runtime... Nov 06 14:22:06 k8s-master3 systemd[1]: Stopped containerd container runtime. Nov 06 14:22:06 k8s-master3 systemd[1]: Starting containerd container runtime... Nov 06 14:22:06 k8s-master3 containerd[28450]: time="2024-11-06T14:22:06.359645523+08:00" level=warning msg="failed to load plugin io.containerd.snapshotter.v1.devmapper" error="devmapper not configured" Nov 06 14:22:06 k8s-master3 containerd[28450]: time="2024-11-06T14:22:06.360210472+08:00" level=warning msg="could not use snapshotter devmapper in metadata plugin" error="devmapper not configured" Nov 06 14:22:06 k8s-master3 containerd[28450]: time="2024-11-06T14:22:06.475504596+08:00" level=warning msg="failed to load plugin io.containerd.grpc.v1.cri" error="invalid plugin config: mirrors cannot be set when config_path is provided" Nov 06 14:22:06 k8s-master3 systemd[1]: Started containerd container runtime. [root@k8s-master3 ~]# ctr plugins ls | grep cri io.containerd.grpc.v1 cri linux/amd64 error
从日志来看,出现了以下错误:
invalid plugin config: mirrors cannot be set when config_path is provided
这表明在 /etc/containerd/config.toml 中,mirrors 和 config_path 配置项冲突。根据 containerd 配置规则,当使用 config_path 指定了证书和私有仓库配置文件目录时,不允许再使用 mirrors 配置。
解决方案
要解决此问题,可以选择以下两种方式之一:
方案 1:删除 mirrors 配置
如果你更愿意通过 config_path 指定私有仓库配置文件,则删除 mirrors 配置部分,保留 config_path 配置。例如,更新后的 config.toml 文件为:
version = 2 root = "/var/lib/containerd" state = "/run/containerd" oom_score = 0 [grpc] address = "/run/containerd/containerd.sock" [plugins."io.containerd.grpc.v1.cri"] sandbox_image = "registry.aliyuncs.com/google_containers/pause:3.7" [plugins."io.containerd.grpc.v1.cri".containerd] snapshotter = "overlayfs" default_runtime_name = "runc" [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc] runtime_type = "io.containerd.runc.v2" [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc.options] SystemdCgroup = true [plugins."io.containerd.grpc.v1.cri".registry] config_path = "/etc/containerd/certs.d" [plugins."io.containerd.grpc.v1.cri".registry.configs."192.168.0.72:5000".tls] insecure_skip_verify = true [plugins."io.containerd.grpc.v1.cri".registry.configs."192.168.0.72:5000".auth] username = "admin" password = "admin"
#本人使用的方案二解决
方案 2:移除 config_path 并仅使用 mirrors
如果你更偏向在 config.toml 中直接配置镜像仓库的地址,则可以删除 config_path 行,仅使用 mirrors 配置。例如:
[plugins."io.containerd.grpc.v1.cri".registry] [plugins."io.containerd.grpc.v1.cri".registry.mirrors."192.168.0.72:5000"] endpoint = ["http://192.168.0.72:5000"] [plugins."io.containerd.grpc.v1.cri".registry.configs."192.168.0.72:5000".tls] insecure_skip_verify = true [plugins."io.containerd.grpc.v1.cri".registry.configs."192.168.0.72:5000".auth] username = "admin" password = "admin"
重启 Containerd 并验证
更新配置后,重新启动 containerd 服务:
sudo systemctl restart containerd
#成功验证,既能通过crictl拉取,还能写入到yaml文件中拉取,而不用为集群中每一台机器上传镜像
at
[root@k8s-master1 containerd]# crictl pull 192.168.0.72:5000/nginx:1.26.1-alpine
Image is up to date for sha256:98abffe47b9c4812f59d521554e7b2245196e882bca57ece5b23d38ede0cc137
[root@k8s-master1 containerd]# crictl images
IMAGE TAG IMAGE ID SIZE192.168.0.72:5000/nginx 1.26.1-alpine 98abffe47b9c4 20.5MB