containerd 设置docker 镜像私仓源及设置私仓密码

共计 1898 个字符,预计需要花费 5 分钟才能阅读完成。

1. 搭建测试环境

mkdir test && cd test && mkdir registry

# 默认账号密码 admin admin
docker run -it --rm --entrypoint htpasswd registry:2.7.0 -Bbn admin admin > htpasswd

docker run -itd -p 5000:5000 --restart=always --name registry \
-v pwd/registry:/var/lib/registry \
-v pwd/htpasswd:/auth/htpasswd \
-e "REGISTRY_AUTH=htpasswd" -e "REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm" -e "REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd" registry:2.7.0

2. 设置 containerd 配置文件

vim /etc/containerd/config.toml
containerd 配置
    [plugins."io.containerd.grpc.v1.cri".registry]
      # config_path = "/etc/containerd/certs.d" 不能和下面配置文件同时存在

      [plugins."io.containerd.grpc.v1.cri".registry.auths]
      [plugins."io.containerd.grpc.v1.cri".registry.configs]
        [plugins."io.containerd.grpc.v1.cri".registry.configs."10.130.59.18:5000".auth]
          username = "admin"
          password = "admin"

      [plugins."io.containerd.grpc.v1.cri".registry.headers]

      [plugins."io.containerd.grpc.v1.cri".registry.mirrors]
        [plugins."io.containerd.grpc.v1.cri".registry.mirrors."test-registry.study-k8s.com"]
          endpoint = ["http://10.130.59.18:5000"]
        [plugins."io.containerd.grpc.v1.cri".registry.mirrors."10.130.59.18:5000"]
          endpoint = ["http://10.130.59.18:5000"]

3. docker 登录仓库,推送镜像

docker login -u admin 10.130.59.18:5000
# 输入密码 admin

# 10.130.59.18  是内网IP
docker pull alpine:3.12 
docker tag alpine:3.12  10.130.59.18:5000/library/alpine:3.12
docker push  10.130.59.18:5000/library/alpine:3.12

echo "10.130.59.18 test-registry.study-k8s.com" >> /etc/hosts

4. k8s 验证

apiVersion: apps/v1
kind: Deployment
metadata:
  name: my-deployment
  namespace: default
spec:
  replicas: 1
  selector:
    matchLabels:
      app: my-app
  template:
    metadata:
      labels:
        app: my-app
    spec:
      containers:
      - command:
        - sh
        - -c
        - sleep 99999
        image: test-registry.study-k8s.com/library/alpine:3.12
        imagePullPolicy: IfNotPresent
        name: alpine-container1
      - command:
        - sh
        - -c
        - sleep 99999
        image: 10.130.59.18:5000/library/alpine:3.12
        imagePullPolicy: IfNotPresent
        name: alpine-container2

5. 参考

正文完
 0
评论(没有评论)