跳到主要内容
版本:Next

Mirror 模式

使用 dfdaemon 支持 Containerd

从 v1.1.0 开始,Containerd 支持镜像仓库。

步骤 1: 配置 dfdaemon

下面为镜像仓库的 dfdaemon 配置,在路径 /etc/dragonfly/dfget.yaml:

proxy:
security:
insecure: true
tcpListen:
listen: 0.0.0.0
port: 65001
registryMirror:
# multiple registries support, if only mirror single registry, disable this
dynamic: true
url: https://index.docker.io
proxies:
- regx: blobs/sha256.*

运行 dfdaemon

dfget daemon

步骤 2: 配置 Containerd

选项 1: 单镜像仓库

启动 Containerd 镜像仓库配置 /etc/containerd/config.toml:

# explicitly use v2 config format, if already v2, skip the "version = 2"
version = 2

[plugins."io.containerd.grpc.v1.cri".registry.mirrors."docker.io"]
endpoint = ["http://127.0.0.1:65001","https://index.docker.io"]

配置支持两个镜像仓库地址 http://127.0.0.1:65001 以及 https://index.docker.io.

在 Containerd 配置文件中启用私有镜像注册中心,配置文件位于 /etc/containerd/config.toml:

# explicitly use v2 config format, if already v2, skip the "version = 2"
version = 2

[plugins."io.containerd.grpc.v1.cri".registry.mirrors."docker.io"]
endpoint = ["http://127.0.0.1:65001","https://index.docker.io"]

[plugins."io.containerd.grpc.v1.cri".registry.configs."127.0.0.1:65001".auth]
username = "registry_username"
password = "registry_password"

在本配置文件中,注册中心的 auth 必须基于 127.0.0.1:65001

详细 Containerd 配置文档参照: https://github.com/containerd/containerd/blob/v1.5.2/docs/cri/registry.md#configure-registry-endpoint 镜像仓库配置参照文档: https://github.com/containerd/containerd/blob/v1.5.2/docs/cri/config.md#registry-configuration

选项 2: 多镜像仓库

1.5.0 以上版本 Containerd 支持多镜像仓库。

1. 开启 Contianerd 配置

启动 Containerd 镜像仓库配置 /etc/containerd/config.toml:

# explicitly use v2 config format, if already v2, skip the "version = 2"
version = 2

[plugins."io.containerd.grpc.v1.cri".registry]
config_path = "/etc/containerd/certs.d"

2. 生成每个仓库的 hosts.toml

选项 1: 手动生成 hosts.toml

路径: /etc/containerd/certs.d/example.com/hosts.toml

根据不同的仓库替换 example.com

server = "https://example.com"

[host."http://127.0.0.1:65001"]
capabilities = ["pull", "resolve"]
[host."http://127.0.0.1:65001".header]
X-Dragonfly-Registry = ["https://example.com"]
选项 2: 自动生成 hosts.toml

自动生成 hosts.toml 脚本为 https://github.com/dragonflyoss/Dragonfly2/blob/main/hack/gen-containerd-hosts.sh

bash gen-containerd-hosts.sh example.com

镜像仓库配置详细文档参照: https://github.com/containerd/containerd/blob/main/docs/hosts.md#registry-configuration---examples

步骤 3: 重启 Containerd

systemctl restart containerd

步骤 4: 拉取镜像

使用以下命令拉取镜像:

crictl pull docker.io/library/busybox

步骤 5: 验证 Dragonfly 拉取成功

可以查看日志,判断 busybox 镜像正常拉取。

grep "peer task done" /var/log/dragonfly/daemon/core.log

如果正常日志输出如下:

{
"level":"info",
"ts":"2022-09-07 12:04:26.485",
"caller":"peer/peertask_conductor.go:1500",
"msg":"peer task done, cost: 1ms",
"peer":"10.140.2.175-5184-1eab18b6-bead-4b9f-b055-6c1120a30a33",
"task":"b423e11ddb7ab19a3c2c4c98e5ab3b1699a597e974c737bb4004edeef6016ed2",
"component":"PeerTask"
}