Containerd 2.x 配置镜像加速器
- containerd
- 2小时前
- 0评论
Containerd 2.x 镜像仓库配置方式与 1.x 略有变化,官方推荐使用 certs.d 目录管理镜像仓库配置,而不是直接在 config.toml 中配置。
一、配置实战
1. 查看版本
[root@k8s-master ~]# containerd --version
containerd containerd.io v2.2.1 6164966eaa5248f4ee8ae5f59e7baa3e193637f7
如果显示 v2.x,建议使用下面的方法配置镜像加速器。
2. 配置结构
containerd 2.x版本所有镜像仓库配置都在/etc/containerd/certs.d/目录下
配置结构:
- 一个 registry 域名 = 一个目录
- 一个目录 = 一个 hosts.toml
- 在 hosts.toml 中定义:server、认证信息、是否跳过认证
3. 添加配置
(1) 创建Docker Hub目录
mkdir -p /etc/containerd/certs.d/docker.io
目录名必须和镜像中使用的 registry 完全一致。
(2) 创建Hosts.toml配置文件
vi /etc/containerd/certs.d/docker.io/hosts.toml
添加加速器,可以添加一个或多个,按顺序去读取。
server = "https://docker.io"
[host."https://registry.cn-hangzhou.aliyuncs.com"]
capabilities = ["pull", "resolve"]
[host."https://docker.mirrors.ustc.edu.cn"]
capabilities = ["pull", "resolve"]
[host."http://hub-mirror.c.163.com"]
capabilities = ["pull", "resolve"]
[host."https://docker.1panel.live"]
capabilities = ["pull", "resolve"]
[host."https://hub.littlediary.cn"]
capabilities = ["pull", "resolve"]
[host."https://docker.kejilion.pro"]
capabilities = ["pull", "resolve"]
[host."https://docker.1ms.run"]
capabilities = ["pull", "resolve"]
[host."https://lispy.org"]
capabilities = ["pull", "resolve"]
[host."https://docker.xiaogenban1993.com"]
capabilities = ["pull", "resolve"]
[host."https://docker.xuanyuan.me"]
capabilities = ["pull", "resolve"]
[host."https://docker.mybacc.com"]
capabilities = ["pull", "resolve"]
[host."https://docker-0.unsee.tech"]
capabilities = ["pull", "resolve"]
[host."https://dockerpull.cn"]
capabilities = ["pull", "resolve"]
去主配置文件config.toml确认config_path位置为/etc/containerd/certs.d
[root@k8s-master ~]# cat /etc/containerd/config.toml |grep config_path
config_path = '/etc/containerd/certs.d'
plugin_config_path = '/etc/nri/conf.d'
config_path = ''
containerd 2.x 默认开启,但生产环境务必检查,可能版本不同,有些没有配置。
国内的加速器可能偶尔会更新,旧的就访问不了了,多关注网上新的就行!
4. 重启containerd
systemctl restart containerd
二、验证
拉取成功。