Mirroring to docker registry does not work with containerd #8840
Unanswered
ryadav-asapp
asked this question in
Q&A
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Current solution that works for us on 1.23
k8s - 1.23
I have local docker registry running as daemon sets on all nodes. All image pull from my k8s nodes are hit to local docker registry which in turn backs it up on s3
FLOW: Node -- > local docker registry ---> points to remoteurl: https://registry-1.docker.io (Local docker registry has s3 as backend)
docker daemon.json config
cat <<'EOF' > /etc/docker/daemon.json
{
"registry-mirrors": ["http://localhost:5000"],
"insecure-registries" : ["localhost:5000"],
"metrics-addr" : "0.0.0.0:9323",
"experimental" : true,
"bridge": "none",
"log-driver": "json-file",
"log-opts": {
"max-size": "10m",
"max-file": "10"
},
"live-restore": true,
"max-concurrent-downloads": 10
}
EOF
Current Scenario : We have upgraded to 1.25 so docker offcourse.
I am trying to implement same using containerd
My /etc/containerd/config.toml
version = 2
root = "/var/lib/containerd"
state = "/run/containerd"
[grpc]
address = "/run/containerd/containerd.sock"
[plugins."io.containerd.grpc.v1.cri".containerd]
default_runtime_name = "runc"
[plugins."io.containerd.grpc.v1.cri"]
sandbox_image = "602401143452.dkr.ecr.us-east-1.amazonaws.com/eks/pause:3.5"
[plugins."io.containerd.grpc.v1.cri".registry]
[plugins."io.containerd.grpc.v1.cri".registry.mirrors]
[plugins."io.containerd.grpc.v1.cri".registry.mirrors."localhost:5000"]
endpoint = ["http://localhost:5000/"]
config_path = "/etc/containerd/certs.d:/etc/docker/certs.d"
[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc]
runtime_type = "io.containerd.runc.v2"
[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc.options]
SystemdCgroup = true
[plugins."io.containerd.grpc.v1.cri".cni]
bin_dir = "/opt/cni/bin"
conf_dir = "/etc/cni/net.d"
When i hit the below command no request on pods running local docker registry
/usr/local/bin/crictl -r /run/containerd/containerd.sock pull rabbitmq:latest
When i run ctr images pull localhost:5000/library/rabbitmq:latest I can see request on local docker registry pods as well as i can see rabbitmq image is getting backed up on s3.
My hunch is config.toml is not correctly fetched by conatinerd.
Any help from community will be very helpful
Thanks
Beta Was this translation helpful? Give feedback.
All reactions