containerd接入harbor仓库
1.说明
在使用容器时,避免不了会使用到私有仓库,一般都是采用 harbor 作为私有仓库,docker 对接 harbor 仓库非常简单,哪 containerd 如何对接 harbor 呢?
在内网使用 harbor 根据个人习惯,一般都是非 http 并且是通过IP 直接访问,如下:
harbor仓库地址为:http://192.168.199.102:80 ,containerd 如何上传或者下载镜像呢?
2.配置说明
2.1 生成配置文件
mkdir -p /etc/containerd/ containerd config default > /etc/containerd/config.toml
2.2 修改配置
大概从144行开始 vim +144 /etc/containerd/config.toml 144 [plugins."io.containerd.grpc.v1.cri".registry] 145 config_path = "/etc/containerd/certs.d" #修改该行的配置信息
创建该目录
上面的目录+harbor仓库地址mkdir -p /etc/containerd/certs.d/192.168.199.102:80
编写 harbor 配置
vim /etc/containerd/certs.d/192.168.199.102\:80/hosts.toml server = "http://192.168.199.102:80" [host."http://192.168.199.102:80"] capabilities = ["pull", "resolve", "push"] skip_verify = true
重启服务
systemctl restart containerd
3.验证上传下载
3.1 准备镜像
首先,从网络上下载一个镜像
nerdctl pull nginx:alpine nerdctl images REPOSITORY TAG IMAGE ID CREATED PLATFORM SIZE BLOB SIZE nginx alpine c94a22b036af 2 seconds ago linux/amd64 42.7 MiB 16.0 MiB
为该镜像打TAG
nerdctl tag nginx:alpine 192.168.199.102:80/library/nginx:alpine nerdctl images REPOSITORY TAG IMAGE ID CREATED PLATFORM SIZE BLOB SIZE 192.168.199.102:80/library/nginx alpine c94a22b036af 6 minutes ago linux/amd64 42.7 MiB 16.0 MiB nginx alpine c94a22b036af 7 minutes ago linux/amd64 42.7 MiB 16.0 MiB
3.2 登录harbor
nerdctl login 192.168.199.102:80 Enter Username: admin Enter Password: WARNING: Your password will be stored unencrypted in /root/.docker/config.json. Configure a credential helper to remove this warning. See https://docs.docker.com/engine/reference/commandline/login/#credentials-store Login Succeeded
3.3 上传镜像
上传到 harbor 仓库
nerdctl push 192.168.199.102:80/library/nginx:alpine INFO[0000] pushing as a reduced-platform image (application/vnd.docker.distribution.manifest.list.v2+json, sha256:3d7805c209c8f28a172fc1b6adea4db8d68ca54d0e1696a655ef0c75333add45) index-sha256:3d7805c209c8f28a172fc1b6adea4db8d68ca54d0e1696a655ef0c75333add45: done |++++++++++++++++++++++++++++++++++++++| manifest-sha256:01ccf4035840dd6c25042b2b5f6b09dd265b4ed5aa7b93ccc4714027c0ce5685: done |++++++++++++++++++++++++++++++++++++++| config-sha256:8e75cbc5b25c8438fcfe2e7c12c98409d5f161cbb668d6c444e02796691ada70: done |++++++++++++++++++++++++++++++++++++++| elapsed: 0.9 s total: 18.0 K (20.0 KiB/s)
3.4 harbor仓库查看镜像
可以看到,镜像已经上传到 harbor 仓库了。
3.5 删除本地镜像
nerdctl rmi 192.168.199.102:80/library/nginx:alpine nginx:alpine nerdctl images REPOSITORY TAG IMAGE ID CREATED PLATFORM SIZE BLOB SIZE
3.6 启动容器
目前本地是没有镜像的,直接通过 nerdctl run 启动容器。当本地没有镜像时,会直接从 harbor 拉取镜像。
nerdctl images REPOSITORY TAG IMAGE ID CREATED PLATFORM SIZE BLOB SIZE nerdctl run --name ngx -d -p 80:80 192.168.199.102:80/library/nginx:alpine 192.168.199.102:80/library/nginx:alpine: resolved |++++++++++++++++++++++++++++++++++++++| index-sha256:3d7805c209c8f28a172fc1b6adea4db8d68ca54d0e1696a655ef0c75333add45: done |++++++++++++++++++++++++++++++++++++++| manifest-sha256:01ccf4035840dd6c25042b2b5f6b09dd265b4ed5aa7b93ccc4714027c0ce5685: done |++++++++++++++++++++++++++++++++++++++| config-sha256:8e75cbc5b25c8438fcfe2e7c12c98409d5f161cbb668d6c444e02796691ada70: done |++++++++++++++++++++++++++++++++++++++| layer-sha256:c23b4f8cf279507bb1dd3d6eb2d15ca84fac9eac215ab5b529aa8b5a060294c8: done |++++++++++++++++++++++++++++++++++++++| layer-sha256:f56be85fc22e46face30e2c3de3f7fe7c15f8fd7c4e5add29d7f64b87abdaa09: done |++++++++++++++++++++++++++++++++++++++| layer-sha256:2ce963c369bc5690378d31c51dc575c7035f6adfcc1e286051b5a5d9a7b0cc5c: done |++++++++++++++++++++++++++++++++++++++| layer-sha256:59b9d2200e632e457f800814693b3a01adf09a244c38ebe8d3beef5c476c4c55: done |++++++++++++++++++++++++++++++++++++++| layer-sha256:3e1e579c95fece6bbe0cb9c8c2949512a3f8caaf9dbe6219dc6495abb9902040: done |++++++++++++++++++++++++++++++++++++++| layer-sha256:547a97583f72a32903ca1357d48fa302e91e8f83ffa18e0c40fd87adb5c06025: done |++++++++++++++++++++++++++++++++++++++| layer-sha256:1f21f983520d9a440d410ea62eb0bda61a2b50dd79878071181b56b82efa9ef3: done |++++++++++++++++++++++++++++++++++++++| elapsed: 2.1 s total: 16.0 M (7.6 MiB/s) bfd2c9c9078966b6709f457586da83e604eb6c05055cc6a04febe8659d47bfb1 nerdctl images REPOSITORY TAG IMAGE ID CREATED PLATFORM SIZE BLOB SIZE 192.168.199.102:80/library/nginx alpine 3d7805c209c8 28 seconds ago linux/amd64 42.7 MiB 16.0 MiB >nerdctl ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES bfd2c9c90789 192.168.199.102:80/library/nginx:alpine "/docker-entrypoint.…" 29 seconds ago Up 0.0.0.0:80->80/tcp ngx
3.7 验证查看
>curl -I localhost HTTP/1.1 200 OK Server: nginx/1.23.4 Date: Thu, 06 Apr 2023 06:41:25 GMT Content-Type: text/html Content-Length: 615 Last-Modified: Tue, 28 Mar 2023 17:09:24 GMT Connection: keep-alive ETag: "64231f44-267" Accept-Ranges: bytes
OK,nginx启动成功。
4.配置镜像加速
通过上面的配置,不难启发我们配置国内镜像加速的方式,例如为 docker.io 配置镜像加速
mkdir -p /etc/containerd/docker.io vim /etc/containerd/docker.io/hosts.toml server = "https://docker.io" [host."https://xxx.mirror.aliyuncs.com"] #注册阿里云可查看个人加速源
重启服务
systemctl restart containerd
测试拉取镜像
nerdctl pull mysql nerdctl images REPOSITORY TAG IMAGE ID CREATED PLATFORM SIZE BLOB SIZE busybox stable 5acba83a746c 17 minutes ago linux/amd64 1.2 MiB 758.9 KiB java 8u111-jdk-alpine d49bf8c44670 15 minutes ago linux/amd64 140.3 MiB 49.3 MiB mysql latest e9027fe4d91c 2 seconds ago linux/amd64 504.6 MiB 144.4 MiB nginx alpine eb05700fe7ba 23 minutes ago linux/amd64 25.2 MiB 9.7 MiB
浙公网安备 33010602011771号