Containerd
配置代理
在containerd中配置代理可以通过修改config.toml文件来实现镜像仓库代理,新版本的containerd镜像仓库配置都是建议放在一个单独的文件夹当中,并且在/etc/containerd/config.toml配置文件当中打开config_path配置,指向镜像仓库配置目录
这种方式只需要在第一次修改/etc/containerd/config.toml文件打开config_path配置时需要重启containerd,后续我们增加镜像仓库配置都无需重启containerd
不过containerd的配置文件格式和docker的配置文件格式有很大差异,还是比较倾向docker的方式,直接在/etc/docker/daemon.json配置镜像仓库代理,而且是json格式
root@iZ2zeiimo6zhpdm0ht4db5Z:~# cat /etc/containerd/config.toml
version = 2
root = "/var/lib/containerd"
state = "/run/containerd"
oom_score = 0
[grpc]
max_recv_message_size = 16777216
max_send_message_size = 16777216
[debug]
address = ""
level = "info"
format = ""
uid = 0
gid = 0
[metrics]
address = ""
grpc_histogram = false
[plugins]
[plugins."io.containerd.grpc.v1.cri"]
sandbox_image = "hub.ssgeek.com/official/pause:3.9"
max_container_log_line_size = -1
enable_unprivileged_ports = false
enable_unprivileged_icmp = false
enable_selinux = false
disable_apparmor = false
tolerate_missing_hugetlb_controller = true
disable_hugetlb_controller = true
image_pull_progress_timeout = "5m"
[plugins."io.containerd.grpc.v1.cri".containerd]
default_runtime_name = "runc"
snapshotter = "overlayfs"
discard_unpacked_layers = true
[plugins."io.containerd.grpc.v1.cri".containerd.runtimes]
[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc]
runtime_type = "io.containerd.runc.v2"
runtime_engine = ""
runtime_root = ""
base_runtime_spec = "/etc/containerd/cri-base.json"
[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc.options]
systemdCgroup = true
binaryName = "/usr/local/bin/runc"
[plugins."io.containerd.grpc.v1.cri".registry]
config_path = "/etc/containerd/certs.d"
这里Containerd已经配置config_path路径,如果没有配置请自行添加
加速配置如下
# cat /etc/containerd/certs.d/docker.io/hosts.toml
server = "https://docker.io"
[host."https://registry.ssgeek.com:5000"]
capabilities = ["pull","resolve"]
skip_verify = false
override_path = false