Containerd容器运行时的私有仓库镜像推送push和镜像拉取问题解决

发布于:2022-12-07 ⋅ 阅读:(2155) ⋅ 点赞:(2)

本文记录Contanerd容器运行时,进行私有仓库的构建过程中,进行image镜像的推送push,和image镜像拉取的问题记录和解决方案

1. 镜像推送push问题

问题记录如下

使用nerdctl命令往私有仓库推送镜像,出现的问题如下

[root@k8s-master ~]# nerdctl push 192.168.23.160:5000/flink:1.15.0-scala_2.12-wordcount
manifest-sha256:23a421d7ea703af6c659c09d5abefe9f8c629493649c096483688a19bb266610: waiting        |--------------------------------------| 
layer-sha256:9fb5b36aafb93bcc52f03dd17cf420f6be4b081172eb13164563f5b20b374a59:    waiting        |--------------------------------------| 
config-sha256:8c6b3c27cc675895f9c28934a311ed8974202056b0564855e6960efc5bd22f6e:   waiting        |--------------------------------------| 
layer-sha256:67e8aa6c8bbc76b1f2bccb3864b0887671833b8667dc1f6c965fcb0eac7e6402:    waiting        |--------------------------------------| 
layer-sha256:627e6c1e105548ea4a08354eea581f137cf368d91aeb0ad47dcb706fca54fd8b:    waiting        |--------------------------------------| 
layer-sha256:0670968926f6461e3135c82ba2c0ad3ebdedc0d0f41b18bda4a1e41104b8be8a:    waiting        |--------------------------------------| 
layer-sha256:65e458027cc21c1550d8d2ca4b36cd45889abb22dc7945f460014254e4276c6a:    waiting        |--------------------------------------| 
layer-sha256:6e07b100903dfabd0c5ee512f754810fee8af4d6189459d873c8753a98663ad7:    waiting        |--------------------------------------| 
layer-sha256:bbf92622a61b817a7696e452f66d238710c0e7722f6fed7d0d8f4e224762a0a5:    waiting        |--------------------------------------| 
layer-sha256:e10b6fee624561f4f50bf5fd09c7734c75f559c8ba430bad0b6d756c62bb8e9e:    waiting        |--------------------------------------| 
layer-sha256:9f2d839593974441b014c89a092d74a6ed980bd8a5e558f29dce564926329620:    waiting        |--------------------------------------| 
layer-sha256:7a37825ce891ec0855e3992d806c99d2d9205b506e08b87d7ff466f805f3649a:    waiting        |--------------------------------------| 
layer-sha256:ddd741668e8e73c8ea5740c2a3a629f9b02b27e7ccb3de2eed1c990b6e0c48f1:    waiting        |--------------------------------------| 
layer-sha256:b4bbe30ab5e7a617dd4a2bedb493aa64be2da5ef624a6866b4d98be4aa832704:    waiting        |--------------------------------------| 
layer-sha256:e18ab33fd60ec489b647dc68b1f4250de47b21f35c96af95d47c175e2224abf7:    waiting        |--------------------------------------| 
layer-sha256:42daf0f51ba307f3cca3912bb9728600f197db66d624c2f60bc0077e056755c3:    waiting        |--------------------------------------| 
elapsed: 0.1 s                                                                    total:   0.0 B (0.0 B/s)                                         
FATA[0000] failed to do request: Head "https://192.168.23.160:5000/v2/flink/blobs/sha256:9fb5b36aafb93bcc52f03dd17cf420f6be4b081172eb13164563f5b20b374a59": http: server gave HTTP response to HTTPS client 
[root@k8s-master ~]#

向/etc/containerd/config.toml配置添加如下新的endpoint配置,然后重启containerd服务。也无法解决

......省略部分......
    [plugins."io.containerd.grpc.v1.cri".registry]
      [plugins."io.containerd.grpc.v1.cri".registry.mirrors]
        [plugins."io.containerd.grpc.v1.cri".registry.mirrors."docker.io"]
          #endpoint = ["https://registry-1.docker.io"]
          # 注释上面那行,添加下面两行
        [plugins."io.containerd.grpc.v1.cri".registry.mirrors."192.168.23.160:5000"]
          endpoint = ["http://192.168.23.160:5000"]
    [plugins."io.containerd.grpc.v1.cri".image_decryption]
      key_model = ""
    [plugins."io.containerd.grpc.v1.cri".x509_key_pair_streaming]
......省略部分......

解决办法

可以通过ctr命令进行镜像推送,这样推送就不会出现问题了

[root@k8s-master ~]# ctr images push --plain-http=true 192.168.23.160:5000/flink:1.15.0-scala_2.12-wordcount
manifest-sha256:23a421d7ea703af6c659c09d5abefe9f8c629493649c096483688a19bb266610: done           |++++++++++++++++++++++++++++++++++++++| 
layer-sha256:9fb5b36aafb93bcc52f03dd17cf420f6be4b081172eb13164563f5b20b374a59:    done           |++++++++++++++++++++++++++++++++++++++| 
config-sha256:8c6b3c27cc675895f9c28934a311ed8974202056b0564855e6960efc5bd22f6e:   done           |++++++++++++++++++++++++++++++++++++++| 
layer-sha256:67e8aa6c8bbc76b1f2bccb3864b0887671833b8667dc1f6c965fcb0eac7e6402:    done           |++++++++++++++++++++++++++++++++++++++| 
layer-sha256:627e6c1e105548ea4a08354eea581f137cf368d91aeb0ad47dcb706fca54fd8b:    done           |++++++++++++++++++++++++++++++++++++++| 
layer-sha256:0670968926f6461e3135c82ba2c0ad3ebdedc0d0f41b18bda4a1e41104b8be8a:    done           |++++++++++++++++++++++++++++++++++++++| 
layer-sha256:65e458027cc21c1550d8d2ca4b36cd45889abb22dc7945f460014254e4276c6a:    done           |++++++++++++++++++++++++++++++++++++++| 
layer-sha256:6e07b100903dfabd0c5ee512f754810fee8af4d6189459d873c8753a98663ad7:    done           |++++++++++++++++++++++++++++++++++++++| 
layer-sha256:bbf92622a61b817a7696e452f66d238710c0e7722f6fed7d0d8f4e224762a0a5:    done           |++++++++++++++++++++++++++++++++++++++| 
layer-sha256:e10b6fee624561f4f50bf5fd09c7734c75f559c8ba430bad0b6d756c62bb8e9e:    done           |++++++++++++++++++++++++++++++++++++++| 
layer-sha256:9f2d839593974441b014c89a092d74a6ed980bd8a5e558f29dce564926329620:    done           |++++++++++++++++++++++++++++++++++++++| 
layer-sha256:7a37825ce891ec0855e3992d806c99d2d9205b506e08b87d7ff466f805f3649a:    done           |++++++++++++++++++++++++++++++++++++++| 
layer-sha256:ddd741668e8e73c8ea5740c2a3a629f9b02b27e7ccb3de2eed1c990b6e0c48f1:    done           |++++++++++++++++++++++++++++++++++++++| 
layer-sha256:b4bbe30ab5e7a617dd4a2bedb493aa64be2da5ef624a6866b4d98be4aa832704:    done           |++++++++++++++++++++++++++++++++++++++| 
layer-sha256:e18ab33fd60ec489b647dc68b1f4250de47b21f35c96af95d47c175e2224abf7:    done           |++++++++++++++++++++++++++++++++++++++| 
layer-sha256:42daf0f51ba307f3cca3912bb9728600f197db66d624c2f60bc0077e056755c3:    done           |++++++++++++++++++++++++++++++++++++++| 
elapsed: 5.9 s                                                                    total:  537.3  (91.1 MiB/s)                                      
[root@k8s-master ~]#

2. 镜像拉取pull问题

问题记录

通过crictl为k8s拉取镜像,会出现rpc错误,如下所示

[root@k8s-master ~]# crictl pull 192.168.23.160:5000/flink:1.15.0-scala_2.12-wordcount
E0527 19:13:48.191793   32946 remote_image.go:218] "PullImage from image service failed" err="rpc error: code = Unknown desc = failed to pull and unpack image \"192.168.23.160:5000/flink:1.15.0-scala_2.12-wordcount\": failed to resolve reference \"192.168.23.160:5000/flink:1.15.0-scala_2.12-wordcount\": failed to do request: Head \"https://192.168.23.160:5000/v2/flink/manifests/1.15.0-scala_2.12-wordcount\": http: server gave HTTP response to HTTPS client" image="192.168.23.160:5000/flink:1.15.0-scala_2.12-wordcount"
FATA[0000] pulling image: rpc error: code = Unknown desc = failed to pull and unpack image "192.168.23.160:5000/flink:1.15.0-scala_2.12-wordcount": failed to resolve reference "192.168.23.160:5000/flink:1.15.0-scala_2.12-wordcount": failed to do request: Head "https://192.168.23.160:5000/v2/flink/manifests/1.15.0-scala_2.12-wordcount": http: server gave HTTP response to HTTPS client 
[root@k8s-master ~]#

解决办法
向/etc/containerd/config.toml配置添加如下新的endpoint配置,然后重启containerd服务

......省略部分......
    [plugins."io.containerd.grpc.v1.cri".registry]
      [plugins."io.containerd.grpc.v1.cri".registry.mirrors]
        [plugins."io.containerd.grpc.v1.cri".registry.mirrors."docker.io"]
          #endpoint = ["https://registry-1.docker.io"]
          # 注释上面那行,添加下面两行
        [plugins."io.containerd.grpc.v1.cri".registry.mirrors."192.168.23.160:5000"]
          endpoint = ["http://192.168.23.160:5000"]
    [plugins."io.containerd.grpc.v1.cri".image_decryption]
      key_model = ""
    [plugins."io.containerd.grpc.v1.cri".x509_key_pair_streaming]
......省略部分......

再次拉取镜像,就可以拉取了,如下所示:

[root@k8s-master ~]# crictl pull 192.168.23.160:5000/flink:1.15.0-scala_2.12-wordcount
Image is up to date for sha256:8c6b3c27cc675895f9c28934a311ed8974202056b0564855e6960efc5bd22f6e
[root@k8s-master ~]#
本文含有隐藏内容,请 开通VIP 后查看