k8s搭配containerd:如何从harbor私有仓库pull镜像

时间:2025-05-14 08:20:03

k8s搭配containerd:如何从harbor私有仓库pull镜像

containerd 实现了 kubernetes 的 Container Runtime Interface (CRI) 接口,提供容器运行时核心功能,如镜像管理、容器管理等,相比 dockerd 更加简单、健壮和可移植。
从docker过度还是需要一点时间慢慢习惯的,今天来探讨containerd 如何从私有仓库harbor下载镜像!
containerd 不能像docker一样 docker login 登录到镜像仓库。无法从harbor拉取到镜像。
解决办法:
更改containerd 的文件
可通过命令:containerd config default> /etc/containerd/ 生成默认配置文件!
文件路径:

[root@k8s02 containerd]# pwd
/etc/containerd
[root@k8s02 containerd]# ls
  
[root@k8s02 containerd]#

添加如下内容:

[plugins.".".registry]
  [plugins.".".]
    [plugins."."..""]
      endpoint = [""]
  [plugins.".".]
    [plugins.".".."".tls]
      insecure_skip_verify = true
    [plugins.".".."".auth]
      username = "admin"
      password = "Harbor12345"

完整内容如下:

[root@k8s02 containerd]# cat 
version = 2
root = "/data/k8s/containerd/root"
state = "/data/k8s/containerd/state"

[plugins]
  [plugins."."]
    sandbox_image = "/images_k8s/pause-amd64:3.1"
    [plugins.".".cni]
      bin_dir = "/opt/k8s/bin"
      conf_dir = "/etc/cni/"
    [plugins.".".registry]
      [plugins.".".]
        [plugins."."..""]
          endpoint = [""]
      [plugins.".".]
        [plugins.".".."".tls]
          insecure_skip_verify = true
        [plugins.".".."".auth]
          username = "admin"
          password = "Harbor12345"
  [plugins."."]
    shim = "containerd-shim"
    runtime = "runc"
    runtime_root = ""
    no_shim = false
    shim_debug = false

修改完之后重启containerd服务

systemctl status

最后查看pod 状态,已成功拉取到harbor镜像!
kubectl describe pod rabbitmq-0

[root@k8s01 containerd]# kubectl get pod -o wide
Events:
  Type     Reason     Age                From               Message
  ----     ------     ----               ----               -------
  Normal   Scheduled  27m                default-scheduler  Successfully assigned default/rabbitmq-0 to k8s01
  Normal   Pulling    27m (x2 over 27m)  kubelet, k8s01     Pulling image "/ops/centos7.5-erlang-rabbitmq2.8"
  Warning  Failed     27m (x2 over 27m)  kubelet, k8s01     Failed to pull image "/ops/centos7.5-erlang-rabbitmq2.8": rpc error: code = Unknown desc = failed to pull and unpack image "/ops/centos7.5-erlang-rabbitmq2.8:latest": failed to resolve reference "/ops/centos7.5-erlang-rabbitmq2.8:latest": failed to do request: Head /v2/ops/centos7.5-erlang-rabbitmq2.8/manifests/latest: x509: certificate signed by unknown authority
  Warning  Failed     27m (x2 over 27m)  kubelet, k8s01     Error: ErrImagePull
  Normal   BackOff    27m (x3 over 27m)  kubelet, k8s01     Back-off pulling image "/ops/centos7.5-erlang-rabbitmq2.8"
  Warning  Failed     27m (x3 over 27m)  kubelet, k8s01     Error: ImagePullBackOff
  Normal   Pulling    26m                kubelet, k8s01     Pulling image "/ops/centos7.5-erlang-rabbitmq2.8"
  Normal   Pulled     26m                kubelet, k8s01     Successfully pulled image "/ops/centos7.5-erlang-rabbitmq2.8"
  Normal   Created    26m                kubelet, k8s01     Created container rabbitmq
  Normal   Started    26m                kubelet, k8s01     Started container rabbitmq

参考连接:/p/aa0f49ad614f
参考连接:/laomeng2019/article/details/90300866

相关文章