Kubernetes
[containerd] insecure registry
밝은숲
2023. 4. 5. 16:09
containerd 사용할 경우 insecure registry 설정 방법
버전 - containerd://1.6.15
1. 설정 변경
root@bee-master01:/etc/containerd# cat /etc/containerd/config.toml
version = 2
root = "/var/lib/containerd"
state = "/run/containerd"
oom_score = 0
[grpc]
max_recv_message_size = 16777216
max_send_message_size = 16777216
[debug]
level = "info"
[metrics]
address = ""
grpc_histogram = false
[plugins]
[plugins."io.containerd.grpc.v1.cri"]
sandbox_image = "registry.k8s.io/pause:3.8"
max_container_log_line_size = -1
enable_unprivileged_ports = false
enable_unprivileged_icmp = false
[plugins."io.containerd.grpc.v1.cri".containerd]
default_runtime_name = "runc"
snapshotter = "overlayfs"
[plugins."io.containerd.grpc.v1.cri".containerd.runtimes]
[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc]
runtime_type = "io.containerd.runc.v2"
runtime_engine = ""
runtime_root = ""
base_runtime_spec = "/etc/containerd/cri-base.json"
[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc.options]
systemdCgroup = true
[plugins."io.containerd.grpc.v1.cri".registry]
[plugins."io.containerd.grpc.v1.cri".registry.mirrors]
[plugins."io.containerd.grpc.v1.cri".registry.mirrors."docker.io"]
endpoint = ["https://registry-1.docker.io"]
[plugins."io.containerd.grpc.v1.cri".registry.mirrors."192.168.110.90:5000"] #추가
endpoint = ["http://192.168.110.90:5000"] #추가
[plugins."io.containerd.grpc.v1.cri".registry.configs] #추가
[plugins."io.containerd.grpc.v1.cri".registry.configs."192.168.110.90:5000".tls] #추가
insecure_skp_verify = true #추가
2. containerd 재기동
# systemctl restart containerd
3. image pull
root@bee-master01:/etc/containerd# crictl pull 192.168.110.90:5000/library/nginx:1.19
Image is up to date for sha256:f0b8a9a541369db503ff3b9d4fa6de561b300f7363920c2bff4577c6c24c5cf6
*ctr 명령어를 사용할 겨우에는 별도 옵션을 추가해야 함. 기본으로 containerd/config.toml 설정을 인식을 안한다고 함