dragonflyoss
/
dragonfly
mirror of https://github.com/dragonflyoss/dragonfly.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
dragonfly/docs/zh-CN/runtime-integration/containerd/mirror.md

144 lines
3.6 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# 使用 dfdaemon 支持 Containerd
从 v1.1.0 开始Containerd 支持镜像仓库。
## 快速开始
### 步骤 1: 配置 dfdaemon
下面为镜像仓库的 dfdaemon 配置,在路径 `/etc/dragonfly/dfget.yaml`:
```yaml
proxy:
security:
insecure: true
tcpListen:
listen: 0.0.0.0
port: 65001
registryMirror:
# multiple registries support, if only mirror single registry, disable this
dynamic: true
url: https://index.docker.io
proxies:
- regx: blobs/sha256.*
```
运行 dfdaemon
```shell
dfget daemon
```
## 步骤 2: 配置 Containerd
### 选项 1: 单镜像仓库
启动 Containerd 镜像仓库配置 `/etc/containerd/config.toml`:
```toml
# explicitly use v2 config format, if already v2, skip the "version = 2"
version = 2
[plugins."io.containerd.grpc.v1.cri".registry.mirrors."docker.io"]
endpoint = ["http://127.0.0.1:65001","https://registry-1.docker.io"]
```
配置支持两个镜像仓库地址 `http://127.0.0.1:65001` 以及 `https://registry-1.docker.io`.
在 Containerd 配置文件中启用私有镜像注册中心,配置文件位于 `/etc/containerd/config.toml`:
```toml
# explicitly use v2 config format, if already v2, skip the "version = 2"
version = 2
[plugins."io.containerd.grpc.v1.cri".registry.mirrors."docker.io"]
endpoint = ["http://127.0.0.1:65001","https://registry-1.docker.io"]
[plugins."io.containerd.grpc.v1.cri".registry.configs."127.0.0.1:65001".auth]
username = "registry_username"
password = "registry_password"
```
在本配置文件中,注册中心的 auth 必须基于 `127.0.0.1:65001`
> 详细 Containerd 配置文档参照: <https://github.com/containerd/containerd/blob/v1.5.2/docs/cri/registry.md#configure-registry-endpoint>
> 镜像仓库配置参照文档: <https://github.com/containerd/containerd/blob/v1.5.2/docs/cri/config.md#registry-configuration>
### 选项 2: 多镜像仓库
1.5.0 以上版本 Containerd 支持多镜像仓库。
#### 1. 开启 Contianerd 配置
启动 Containerd 镜像仓库配置 `/etc/containerd/config.toml`:
```toml
# explicitly use v2 config format, if already v2, skip the "version = 2"
version = 2
[plugins."io.containerd.grpc.v1.cri".registry]
config_path = "/etc/containerd/certs.d"
```
#### 2. 生成每个仓库的 hosts.toml
##### 选项 1: 手动生成 hosts.toml
路径: `/etc/containerd/certs.d/example.com/hosts.toml`
根据不同的仓库替换 `example.com`
```toml
server = "https://example.com"
[host."http://127.0.0.1:65001"]
capabilities = ["pull", "resolve"]
[host."http://127.0.0.1:65001".header]
X-Dragonfly-Registry = ["https://example.com"]
```
##### 选项 2: 自动生成 hosts.toml
自动生成 hosts.toml 脚本为 <https://github.com/dragonflyoss/Dragonfly2/blob/main/hack/gen-containerd-hosts.sh>
```shell
bash gen-containerd-hosts.sh example.com
```
> 镜像仓库配置详细文档参照: <https://github.com/containerd/containerd/blob/main/docs/hosts.md#registry-configuration---examples>
## Step 3: 重启 Containerd
```shell
systemctl restart containerd
```
## Step 4: 拉取镜像
使用以下命令拉取镜像:
```shell
crictl pull docker.io/library/busybox
```
## Step 5: 验证 Dragonfly 拉取成功
可以查看日志,判断 busybox 镜像正常拉取。
```shell
grep 'register peer task result' /var/log/dragonfly/daemon/*.log
```
如果正常日志输出如下:
```shell
{
"level": "info",
"ts": "2021-02-23 20:03:20.306",
"caller": "client/client.go:83",
"msg": "register peer task result:true[200]",
"peerId": "10.15.233.91-65000-43096-1614081800301788000",
"errMsg": null
}
```
Reference in New Issue View Git Blame Copy Permalink