k8s配置Containerd
# Containerd镜像配置
配置 Containerd 镜像加速域名,提高镜像拉取速度
# 1、配置 crictl
vim /etc/containerd/config.toml
1
在 [plugins."io.containerd.grpc.v1.cri".registry.mirrors] 后面添加镜像,注意前面的缩进(空格)
配置 docker.io 的示例
[plugins."io.containerd.grpc.v1.cri".registry.mirrors]
[plugins."io.containerd.grpc.v1.cri".registry.mirrors."docker.io"]
endpoint = ["https://hnkfbj7x.mirror.aliyuncs.com"]
1
2
3
2
3
配置k8s.gcr.io的示例
[plugins."io.containerd.grpc.v1.cri".registry.mirrors]
[plugins."io.containerd.grpc.v1.cri".registry.mirrors."k8s.gcr.io"]
endpoint = ["https://registry.aliyuncs.com/k8sxio"]
1
2
3
2
3
配置私有harbor镜像仓库示例
[plugins."io.containerd.grpc.v1.cri".registry.mirrors]
[plugins."io.containerd.grpc.v1.cri".registry.mirrors."local.harbor.top"]
endpoint = ["https://local.harbor.top"]
1
2
3
2
3
(不配置可以忽略)如果配置了harbor镜像仓库,还需要在[plugins."io.containerd.grpc.v1.cri".registry.configs]后面配置登录信息
[plugins."io.containerd.grpc.v1.cri".registry.configs]
[plugins."io.containerd.grpc.v1.cri".registry.configs."local.harbor.top".tls]
insecure_skip_verify = true
ca_file = "/etc/docker/certs.d/local.harbor.top/ca.crt"
[plugins."io.containerd.grpc.v1.cri".registry.configs."local.harbor.top".auth]
username = "admin"
password = "Harbor12345"
1
2
3
4
5
6
7
2
3
4
5
6
7
# 2、重启服务
systemctl restart containerd
1
# 3、检查 crictl 配置
# 查看是否配置 crictl
cat /etc/crictl.yaml
# 如果没有配置,则执行命令进行配置
cat <<EOF > /etc/crictl.yaml
runtime-endpoint: unix:///run/containerd/containerd.sock
image-endpoint: unix:///run/containerd/containerd.sock
timeout: 10
debug: true
EOF
# 查看生成的配置文件
cat /etc/crictl.yaml
# 查看配置是否生效
crictl info
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
# 4、测试拉取镜像
# 拉取镜像测试
crictl pull docker.io/library/maven:3.6.3-openjdk-17
# 查看拉取的结果
crictl image
1
2
3
4
5
2
3
4
5
上次更新: 2023/12/04, 17:47:36