containerd insecure registry support (#8298)
This commit is contained in:
parent
0e969c0b72
commit
4f27c763af
3 changed files with 23 additions and 0 deletions
|
@ -28,6 +28,14 @@
|
||||||
|
|
||||||
# containerd_metrics_grpc_histogram: false
|
# containerd_metrics_grpc_histogram: false
|
||||||
|
|
||||||
|
## An obvious use case is allowing insecure-registry access to self hosted registries.
|
||||||
|
## Can be ipaddress and domain_name.
|
||||||
|
## example define mirror.registry.io or 172.19.16.11:5000
|
||||||
|
## Port number is also needed if the default HTTPS port is not used.
|
||||||
|
# containerd_insecure_registries:
|
||||||
|
# - mirror.registry.io
|
||||||
|
# - 172.19.16.11:5000
|
||||||
|
|
||||||
# containerd_registries:
|
# containerd_registries:
|
||||||
# "docker.io": "https://registry-1.docker.io"
|
# "docker.io": "https://registry-1.docker.io"
|
||||||
|
|
||||||
|
|
|
@ -54,6 +54,12 @@ oom_score = {{ containerd_oom_score }}
|
||||||
[plugins."io.containerd.grpc.v1.cri".registry.mirrors."{{ registry }}"]
|
[plugins."io.containerd.grpc.v1.cri".registry.mirrors."{{ registry }}"]
|
||||||
endpoint = ["{{ ([ addr ] | flatten ) | join('","') }}"]
|
endpoint = ["{{ ([ addr ] | flatten ) | join('","') }}"]
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
|
{% for addr in containerd_insecure_registries %}
|
||||||
|
[plugins."io.containerd.grpc.v1.cri".registry.mirrors."{{ addr }}"]
|
||||||
|
endpoint = ["{{ ([ addr ] | flatten ) | join('","') }}"]
|
||||||
|
[plugins."io.containerd.grpc.v1.cri".registry.configs."{{ addr }}".tls]
|
||||||
|
insecure_skip_verify = true
|
||||||
|
{% endfor %}
|
||||||
{% for registry in containerd_registry_auth if registry['registry'] is defined %}
|
{% for registry in containerd_registry_auth if registry['registry'] is defined %}
|
||||||
{% if (registry['username'] is defined and registry['password'] is defined) or registry['auth'] is defined %}
|
{% if (registry['username'] is defined and registry['password'] is defined) or registry['auth'] is defined %}
|
||||||
[plugins."io.containerd.grpc.v1.cri".registry.configs."{{ registry['registry'] }}".auth]
|
[plugins."io.containerd.grpc.v1.cri".registry.configs."{{ registry['registry'] }}".auth]
|
||||||
|
|
|
@ -346,6 +346,15 @@ containerd_use_systemd_cgroup: true
|
||||||
# Docker options - this is relevant when container_manager == 'docker'
|
# Docker options - this is relevant when container_manager == 'docker'
|
||||||
docker_containerd_version: 1.4.12
|
docker_containerd_version: 1.4.12
|
||||||
|
|
||||||
|
## An obvious use case is allowing insecure-registry access to self hosted registries.
|
||||||
|
## Can be ipaddress and domain_name.
|
||||||
|
## example define mirror.registry.io or 172.19.16.11:5000
|
||||||
|
## Port number is also needed if the default HTTPS port is not used.
|
||||||
|
# containerd_insecure_registries:
|
||||||
|
# - mirror.registry.io
|
||||||
|
# - 172.19.16.11:5000
|
||||||
|
containerd_insecure_registries: []
|
||||||
|
|
||||||
# Settings for containerized control plane (etcd/kubelet/secrets)
|
# Settings for containerized control plane (etcd/kubelet/secrets)
|
||||||
# deployment type for legacy etcd mode
|
# deployment type for legacy etcd mode
|
||||||
etcd_deployment_type: host
|
etcd_deployment_type: host
|
||||||
|
|
Loading…
Reference in a new issue