validate CRI v1 image API for endpoint “unix:///run/containerd/containerd.sock“

原创 于 2025-07-07 20:05:52 发布 · 1.2k 阅读 · 16 ·
CC 4.0 BY-SA版权
云游
文章标签:

#运维 #docker

1.现象

pull image failed: Failed to exec command: sudo -E /bin/bash -c "env PATH=$PATH crictl pull 172.23.123.117:8443/kubesphereio/pause:3.9"

FATA[0000] validate service connection: validate CRI v1 image API for endpoint "unix:///run/containerd/containerd.sock": rpc error: code = Unimplemented desc = unknown service runtime.v1.ImageService: Process exited with status 1

2.原因

      这个错误表明 crictl 无法通过当前配置与容器运行时(如 containerd)进行通信。具体来说,crictl 正在尝试使用 CRI v1 的 ImageService API,但目标端点(containerd)似乎没有实现该服务,或者其配置不正确。

3.解决方案

3.1查看当前 crictl 配置

cat /etc/crictl.yaml

说明它正在使用 containerd,而 containerd 没有启用 CRI 支持就会报错。

3.2使用 ctr 命令测试 

ctr plugins ls

3.3 使用 crictl 测试连接

sudo crictl --runtime-endpoint unix:///run/containerd/containerd.sock info

 

3.4编辑 containerd 的config.toml配置文件 

vi /etc/containerd/config.toml

disabled_plugins = []

[plugins."io.containerd.grpc.v1.cri"]

  enable_selinux = false

  sandbox_image = "172.23.123.117:8443/kubesphereio/pause:3.9"

[plugins."io.containerd.grpc.v1.cri".registry]

 [plugins."io.containerd.grpc.v1.cri".registry.configs]

  [plugins."io.containerd.grpc.v1.cri".registry.configs."172.23.123.117:8443"]

    tls = true

    cert_file = "/etc/containerd/certs.d/172.23.123.117:8443/172.23.123.117.cert"

    key_file = "/etc/containerd/certs.d/172.23.123.117:8443/172.23.123.117.key"

    ca_file = "/etc/containerd/certs.d/172.23.123.117:8443/ca.crt"

    skip_verify = false

[plugins."io.containerd.grpc.v1.cri".registry.mirrors]

  [plugins."io.containerd.grpc.v1.cri".registry.mirrors."registry.k8s.io"]

    endpoint = ["https://172.23.123.117:8443"]

  [plugins."io.containerd.grpc.v1.cri".registry.mirrors."docker.io"]

    endpoint = ["https://172.23.123.117:8443"]

3.4创建证书目录并复制证书:

sudo mkdir -p /etc/containerd/certs.d/172.23.123.117:8443

sudo cp /etc/docker/certs.d/172.23.123.117:8443/ca.crt /etc/containerd/certs.d/172.23.123.117:8443/ca.crt

sudo cp /etc/docker/certs.d/172.23.123.117:8443/172.23.123.117.cert /etc/containerd/certs.d/172.23.123.117:8443/172.23.123.117.cert 

sudo cp /etc/docker/certs.d/172.23.123.117:8443/172.23.123.117.key /etc/containerd/certs.d/172.23.123.117:8443/172.23.123.117.key

3.5重启

sudo systemctl daemon-reload

sudo systemctl restart containerd

3.6手动测试是否可以拉取镜像

 sudo crictl pull 172.23.123.117:8443/kubesphereio/pause:3.9

 

k8s执行crictl images报错
关于代码的那些事
09-04 2141
找到runtime_type 写入"io.containerd.runtime.v1.linux"
validate service connection: validate CRI v1 runtime API for endpoint \“unix:///var/run/containerd/
小石潭记丶
07-11 3540
systemctl status containerd.service发现是无法启动容器运行时。重新执行文章中的安装部分,下载包可以提前科学上网下载好。根据提示查询Containerd状态。最后重启再试就OK了。
k8s部署执行crictl images报错
weixin_45432833的博客
09-26 4762
crictl images执行报错现象及修复方式
sealos部署K8s,安装docker时master节点突然NotReady
qq_46497658的博客
11-08 794
历经风雨,后面的路就知道出门要带伞了
validate service connection: CRI v1 image API is not implemented for endpoint \“unix:///var/run/cont
Arthashit的博客
07-21 6582
K8s安装报错CRI v1 image API is not implemented for endpoint
validate service connection: validate CRI v1 runtime API for endpoint \“unix:///var/run/cri-dockerd
qq_44644452的博客
04-16 1347
2.systemctl enable cri-docker.service # 开机启动 cri-docker1.systemctl start cri-docker.service #启动 cri-docker。用systemctl status cri-docker.service 查看cri-docker什么状态。错误现象如下图所示。报错,不能连接docker-cri。没有启动docker-cri
crictl pull mysql:8.0.36 FATA[0000] validate service connection: validate CRI v1 image API for endpoint "unix:///run/containerd/containerd.sock": rpc error: code = Unimplemented desc = unknown service runtime.v1.ImageService
08-15
我们正在解决的是 containerd 报错 "validate CRI v1 image API for endpoint \"unix:///run/containerd/containerd.sock\": rpc error: code = Unimplemented desc = unknown service runtime.v1.ImageService" 的...
[root@ts ~]# crictl pull 127.0.0.1:30081/k8smaster.qfusion.irds/irds/busybox:v1.36.0 WARN[0000] image connect using default endpoints: [unix:///var/run/dockershim.sock unix:///run/containerd/containerd.sock unix:///run/crio/crio.sock unix:///var/run/cri-dockerd.sock]. As the default settings are now deprecated, you should set the endpoint instead. ERRO[0000] validate service connection: CRI v1 image API is not implemented for endpoint "unix:///var/run/dockershim.sock": rpc error: code = Unimplemented desc = unknown service runtime.v1.ImageService ERRO[0000] validate service connection: CRI v1 image API is not implemented for endpoint "unix:///run/containerd/containerd.sock": rpc error: code = Unimplemented desc = unknown service runtime.v1.ImageService E1018 01:40:33.713949 22842 remote_image.go:171] "PullImage from image service failed" err="rpc error: code = Unavailable desc = connection error: desc = \"transport: Error while dialing dial unix /run/crio/crio.sock: connect: no such file or directory\"" image="127.0.0.1:30081/k8smaster.qfusion.irds/irds/busybox:v1.36.0" FATA[0000] pulling image: rpc error: code = Unavailable desc = connection error: desc = "transport: Error while dialing dial unix /run/crio/crio.sock: connect: no such file or directory" [root@ts ~]#
最新发布
10-19
当使用 `crictl pull` 命令拉取镜像时出现 CRI v1 image API 未实现以及 `/run/crio/crio.sock` 文件不存在的问题,可按以下思路解决。 ### 解决 CRI v1 image API 未实现问题 该错误表明 `crictl` 无法通过当前...
启动kubelet失败failed to run Kubelet: validate service connection: validate CRI v1 runtime API for endpo
空山新雨后,天气晚来秋
05-13 6669
启动kubelet失败failed to run Kubelet: validate service connection: validate CRI v1 runtime API for endpoint
crictl 遇到报错 /run/containerd/containerd.sock: connect: permission denied
gs80140的专栏
04-24 569
crictl --runtime-endpoint unix:///run/containerd/containerd.sock logs CONTAINERID FATA[0000] validate service connection: validate CRI v1 runtime API for endpoint "unix:///run/containerd/containerd.sock": rpc error: code = Unavailable desc = connection err
crictl 拉取镜像报错 Unimplemented desc = unknown service runtime.v1.ImageService
gs80140的专栏
04-24 584
FATA[0000] validate service connection: validate CRI v1 image API for endpoint "unix:///run/containerd/containerd.sock": rpc error: code = Unimplemented desc = unknown service runtime.v1.ImageService 
记录一次安装k8s初始化失败
飘然渡沧海的博客
05-27 2087
如果要修改xfs ftyoe 要修改设置,可是如果修改这个设计影响系统,所以暂时启动这个服务器。,报错说明containerd 没有启动,我们看下containerd 状态。这里说明系统不支持overlayfs。可以看error里面是由错误的。从docker 官方文档上面来看。
containerd ps 失败
Amewin的博客
11-16 2124
containerd是轻量化的运行容器,类似于docker,目前是K8S推荐的首选运行容器。
使用crictl pull时报错:“unknown service runtime.v1alpha2.ImageService
m0_54803732的博客
06-10 3394
使用crictl pull时报错:“unknown service runtime.v1alpha2.ImageService
使用 CRI-O 容器引擎
tearon的博客
04-14 8647
CRI-O 是一个开源的、社区驱动的容器引擎。 其主要目标是取代 Docker 服务作为 Kubernetes 实施的容器引擎。随着Kubernetes v1.24 对 dockershim 的弃用,CRI-O 将成为 Kubernetes 容器引擎的不二之选。 CRI-O 的稳定性来自于它是与 Kubernetes 的主要和次要版本同步开发、测试和发布的,而且它遵循 OCI 标准。例如,CRI-O 1.24 与 Kubernetes 1.24 保持一致。
k8s报错
冰恋云的专栏
12-02 5423
报错: 这个错误信息表明你的容器运行时(container runtime)没有正常运行,具体是因为CRI(容器运行时接口)v1版本的API没有为特定的端点实现。在执行 kubeadm init --config=kubeadm.yaml --ignore-preflight-errors=SystemVerification 就好了。卸载重新安装 yum remove -y kubelet-1.26.0 kubeadm-1.26.0 kubectl-1.26.0。解决:我是这么解决的。
基于kubernetes组件初步部署k8s
抽象空间的博客
07-09 1414
kubernetes组件,kubernetes部署安装
【Kubernetes1.26.x:container runtime is not running问题详细排查】
热门推荐
isymikasan的博客
03-24 2万+
一篇很细的排错记录,你在安装1.26.3kuberneters或者以后新版本出现的问题都可以安装这个思路进行排错。
kubelet启动失败-报错解决
mkdir_的博客
10-20 1万+
kubelet 启动失败 配置完daemon.json,重启docker后kubelet起不来 [root@node1/etc/docker]# vim daemon.json { "registry-mirrors": ["https://ig2l319y.mirror.aliyuncs.com"], "exec-opts": ["native.cgroupdriver=systemd"] } systemctl restart docker 状态如图 原因
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值