k8s搭配containerd:如何从harbor私有仓库pull镜像
参考文章
参考连接:https://www.jianshu.com/p/aa0f49ad614f
参考连接:https://blog.csdn.net/laomeng2019/article/details/90300866
containerd 实现了 kubernetes 的 Container Runtime Interface (CRI) 接口,提供容器运行时核心功能,如镜像管理、容器管理等,相比 dockerd 更加简单、健壮和可移植。
从docker过度还是需要一点时间慢慢习惯的,今天来探讨containerd 如何从私有仓库harbor下载镜像!
containerd 不能像docker一样 docker login harbor.example.com 登录到镜像仓库。无法从harbor拉取到镜像。
自己总结
ctr 可以拉取harbo镜像,可以推送,但是不可以 build
nerdctl 可以拉取harbo镜像,可以推送,但是不能指定命令空间,常用build 镜像
crictl 可以拉取harbo镜像 推送我没有成功,他是直接可以看k8s.io命令空间下的镜像
解决办法:
更改containerd 的config.toml文件
可通过命令:containerd config default> /etc/containerd/config.toml 生成默认配置文件!
文件路径:
[root@k8s02 containerd]# pwd
/etc/containerd
[root@k8s02 containerd]# ls
config.toml config.toml.rpmnew
[root@k8s02 containerd]#
完整的config.toml配置文件
可以拿我的这个配置文件直接套用
version = 2
root = "/var/lib/containerd"
state = "/run/containerd"
plugin_dir = ""
disabled_plugins = []
required_plugins = []
oom_score = 0
[grpc]
address = "/run/containerd/containerd.sock"
tcp_address = ""
tcp_tls_cert = ""
tcp_tls_key = ""
uid = 0
gid = 0
max_recv_message_size = 16777216
max_send_message_size = 16777216
[ttrpc]
address = ""
uid = 0
gid = 0
[debug]
address = ""
uid = 0
gid = 0
level = ""
[metrics]
address = ""
grpc_histogram = false
[cgroup]
path = ""
[timeouts]
"io.containerd.timeout.shim.cleanup" = "5s"
"io.containerd.timeout.shim.load" = "5s"
"io.containerd.timeout.shim.shutdown" = "3s"