host.toml配置(推荐)
1 |
新版本的containerd镜像仓库配置都是建议放在一个单独的文件夹当中,并且在/etc/containerd/config.toml配置文件当中打开config_path配置,指向镜像仓库配置目录即可。这种方式只需要在第一次修改/etc/containerd/config.toml文件打开config_path配置时需要重启containerd,后续我们增加镜像仓库配置都无需重启containerd,非常方便。 |
1 2 3 4 |
确认containerd服务是否有配置registry配置路径 sudo grep config_path `ps -ef | grep "[c]ontainerd " | awk '{print $NF}'` 设置方法 sudo sed -ri 's@(config_path).*@\1 = "/etc/containerd/certs.d"@g' /etc/containerd/config.toml 。需要重启 containerd 服务 |
修改配置文件设置config_path路径
1 |
vim /apps/containerd/conf/config.toml |
1 2 3 |
在107行添加 [plugins."io.containerd.grpc.v1.cri".registry] config_path = "/apps/containerd/conf/certs.d" |

or 自行配置的containerd config.toml文件
1 2 3 4 5 6 7 8 9 10 11 12 13 14 |
https://github.com/containerd/containerd/blob/main/docs/hosts.md #containerd 2.0 之前 version = 2 [plugins."io.containerd.grpc.v1.cri".registry] config_path = "/etc/containerd/certs.d" #在 containerd 2.0 中 version = 3 [plugins."io.containerd.cri.v1.images".registry] config_path = "/etc/containerd/certs.d" |

registry.configso配置
1 2 3 4 5 6 7 8 |
version = 2 [plugins] [plugins."io.containerd.grpc.v1.cri"] [plugins."io.containerd.grpc.v1.cri".registry] [plugins."io.containerd.grpc.v1.cri".registry.mirrors] [plugins."io.containerd.grpc.v1.cri".registry.mirrors."docker.io"] endpoint = ["https://registry.docker-cn.com", "https://another.mirror"] |
———————————————————————————–
docker.io示例
1 2 3 4 5 6 7 8 9 10 11 |
sudo mkdir -p /etc/containerd/certs.d/docker.io cat <<'EOF' | sudo tee /etc/containerd/certs.d/docker.io/hosts.toml > /dev/null server = "https://docker.io" [host."https://bydocker.w91m.com"] capabilities = ["pull", "resolve"] [host."https://docker.m.daocloud.io"] capabilities = ["pull", "resolve"] EOF |
registry.k8s.io
1 2 3 4 5 6 7 |
sudo mkdir -p /etc/containerd/certs.d/registry.k8s.io cat <<'EOF' | sudo tee /etc/containerd/certs.d/registry.k8s.io/hosts.toml > /dev/null server = "https://registry.k8s.io" [host."https://k8s.m.daocloud.io"] capabilities = ["pull", "resolve"] EOF |
k8s.gcr.io示例
1 2 3 4 5 6 7 8 |
sudo mkdir -p /etc/containerd/certs.d/k8s.gcr.io cat <<'EOF' | sudo tee /etc/containerd/certs.d/k8s.gcr.io/hosts.toml > /dev/null server = "https://k8s.gcr.io" [host."k8s-gcr.m.daocloud.io"] capabilities = ["pull", "resolve"] EOF |
Containerd通过在启动时指定一个配置文件夹,使后续所有镜像仓库相关的配置都可以在里面热加载,无需重启Containerd。
docker hub镜像加速
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 |
mkdir -p /etc/containerd/certs.d/docker.io cat > /etc/containerd/certs.d/docker.io/hosts.toml << EOF server = "https://docker.io" [host."https://dockerproxy.com"] capabilities = ["pull", "resolve"] [host."https://docker.m.daocloud.io"] capabilities = ["pull", "resolve"] [host."https://reg-mirror.qiniu.com"] capabilities = ["pull", "resolve"] [host."https://registry.docker-cn.com"] capabilities = ["pull", "resolve"] [host."http://hub-mirror.c.163.com"] capabilities = ["pull", "resolve"] EOF |
registry.k8s.io镜像加速
1 2 3 4 5 6 7 |
mkdir -p /etc/containerd/certs.d/registry.k8s.io tee /etc/containerd/certs.d/registry.k8s.io/hosts.toml << 'EOF' server = "https://registry.k8s.io" [host."https://k8s.m.daocloud.io"] capabilities = ["pull", "resolve", "push"] EOF |
docker.elastic.co镜像加速
1 2 3 4 5 6 7 8 |
mkdir -p /etc/containerd/certs.d/docker.elastic.co tee /etc/containerd/certs.d/docker.elastic.co/hosts.toml << 'EOF' server = "https://docker.elastic.co" [host."https://elastic.m.daocloud.io"] capabilities = ["pull", "resolve", "push"] EOF |
gcr.io镜像加速
1 2 3 4 5 6 7 8 9 |
mkdir -p /etc/containerd/certs.d/gcr.io tee /etc/containerd/certs.d/gcr.io/hosts.toml << 'EOF' server = "https://gcr.io" [host."https://gcr.m.daocloud.io"] capabilities = ["pull", "resolve", "push"] EOF |
ghcr.io镜像加速
1 2 3 4 5 6 7 |
mkdir -p /etc/containerd/certs.d/ghcr.io tee /etc/containerd/certs.d/ghcr.io/hosts.toml << 'EOF' server = "https://ghcr.io" [host."https://ghcr.m.daocloud.io"] capabilities = ["pull", "resolve", "push"] EOF |
k8s.gcr.io镜像加速
1 2 3 4 5 6 7 |
mkdir -p /etc/containerd/certs.d/k8s.gcr.io tee /etc/containerd/certs.d/k8s.gcr.io/hosts.toml << 'EOF' server = "https://k8s.gcr.io" [host."https://k8s-gcr.m.daocloud.io"] capabilities = ["pull", "resolve", "push"] EOF |
mcr.m.daocloud.io镜像加速
1 2 3 4 5 6 7 8 9 |
mkdir -p /etc/containerd/certs.d/mcr.microsoft.com tee /etc/containerd/certs.d/mcr.microsoft.com/hosts.toml << 'EOF' server = "https://mcr.microsoft.com" [host."https://mcr.m.daocloud.io"] capabilities = ["pull", "resolve", "push"] EOF |
nvcr.io镜像加速
1 2 3 4 5 6 7 8 9 10 |
mkdir -p /etc/containerd/certs.d/nvcr.io tee /etc/containerd/certs.d/nvcr.io/hosts.toml << 'EOF' server = "https://nvcr.io" [host."https://nvcr.m.daocloud.io"] capabilities = ["pull", "resolve", "push"] EOF |
quay.io镜像加速
1 2 3 4 5 6 7 |
mkdir -p /etc/containerd/certs.d/quay.io tee /etc/containerd/certs.d/quay.io/hosts.toml << 'EOF' server = "https://quay.io" [host."https://quay.m.daocloud.io"] capabilities = ["pull", "resolve", "push"] EOF |
registry.jujucharms.com镜像加速
1 2 3 4 5 6 7 8 |
mkdir -p /etc/containerd/certs.d/registry.jujucharms.com tee /etc/containerd/certs.d/registry.jujucharms.com/hosts.toml << 'EOF' server = "https://registry.jujucharms.com" [host."https://jujucharms.m.daocloud.io"] capabilities = ["pull", "resolve", "push"] EOF |
rocks.canonical.com镜像加速
1 2 3 4 5 6 7 |
mkdir -p /etc/containerd/certs.d/rocks.canonical.com tee /etc/containerd/certs.d/rocks.canonical.com/hosts.toml << 'EOF' server = "https://rocks.canonical.com" [host."https://rocks-canonical.m.daocloud.io"] capabilities = ["pull", "resolve", "push"] EOF |
1 2 |
systemctl daemon-reload systemctl restart containerd |
1 |
crictl info 查看 |

获取镜像
1 2 3 |
[root@k8s-master-1 containerd]# crictl pull nginx Image is up to date for sha256:a72860cb95fd59e9c696c66441c64f18e66915fa26b249911e83c3854477ed9a |
1 2 3 |
https://www.cnblogs.com/jiaxzeng/p/18023137 daocloud文档:https://docs.daocloud.io/community/mirror/ daocloud github地址: https://github.com/DaoCloud/public-image-mirror |
- 本文固定链接: https://www.yoyoask.com/?p=11610
- 转载请注明: shooter 于 SHOOTER 发表