K3s中registries.yaml配置的镜像仓库不生效

1.25.0+k3s1生效

离线安装v1.25.0+k3s1

mv k3s /usr/local/bin
chmod +x /usr/local/bin/k3s
mkdir -p /var/lib/rancher/k3s/agent/images/
cp ./k3s-airgap-images-amd64.tar.gz /var/lib/rancher/k3s/agent/images/
chmod +x install.sh
INSTALL_K3S_SKIP_DOWNLOAD=true ./install.sh

配置镜像仓库v1.25.0+k3s1-生效

ps -ef | grep containerd
cat > /etc/rancher/k3s/registries.yaml <<EOF
mirrors:
  docker.io:
    endpoint:
      - "https://fsp2sfpr.mirror.aliyuncs.com/"
      - "https://registry.cn-hangzhou.aliyuncs.com/"
EOF
systemctl restart k3s
crictl info | grep -A 5 "registry"
/usr/local/bin/k3s-uninstall.sh

v1.28.7k3s1失败

在线安装 v1.28.7k3s1

curl –sfL \
     https://rancher-mirror.oss-cn-beijing.aliyuncs.com/k3s/k3s-install.sh | \
     sed 's/rancher.cn/oss-cn-beijing.aliyuncs.com/g' | \
     INSTALL_K3S_MIRROR=cn sh -

配置镜像仓库v1.28.7k3s1-失败1

ps -ef | grep containerd
cat > /etc/rancher/k3s/registries.yaml <<EOF
mirrors:
  docker.io:
    endpoint:
      - "https://fsp2sfpr.mirror.aliyuncs.com/"
      - "https://registry.cn-hangzhou.aliyuncs.com/"
EOF
systemctl restart k3s
crictl info | grep -A 5 "registry"

配置镜像仓库v1.28.7k3s1-失败2

cp /var/lib/rancher/k3s/agent/etc/containerd/config.toml /var/lib/rancher/k3s/agent/etc/containerd/config.toml.tmpl
vi /var/lib/rancher/k3s/agent/etc/containerd/config.toml.tmpl #追加
[plugins."io.containerd.grpc.v1.cri".registry.mirrors]
  [plugins."io.containerd.grpc.v1.cri".registry.mirrors."docker.io"]
    endpoint = ["https://fsp2sfpr.mirror.aliyuncs.com/","https://registry.cn-hangzhou.aliyuncs.com/"]
systemctl restart k3s
crictl info | grep -A 5 registry 

配置镜像仓库v1.28.7k3s1-configs可以 mirros不行

rm -rf /var/lib/rancher/k3s/agent/etc/containerd/config.toml.tmpl
cat > /etc/rancher/k3s/registries.yaml <<EOF
mirrors:
  docker.io:
    endpoint:
      - "https://fsp2sfpr.mirror.aliyuncs.com/"
      - "https://registry.cn-hangzhou.aliyuncs.com/"
  registry.my.io: # 这里并不是像官方写的那样,docker.io 为 key endpoint 为私有仓库其实是一种镜像加速的意思
    endpoint:
      - "http://registry.my.io"
configs:
  "registry.my.io": # 如果仓库是完全开放没有私有项目的则不需要配置 configs 
    auth:
      username: admin
      password: Harbor12345
EOF
systemctl restart k3s
crictl info | grep -A 5 registry

参考文档:

在K3s中配置镜像仓库

创建pod, 拉取registry 私有库镜像 报错:x509

k3s 私有仓库问题

K3s Server 配置参考

Private Registry Configuration

貌似一个 bug,我在确认下,多谢反馈

[root@k8s-worker01 ~]# cat > /etc/rancher/k3s/registries.yaml <<EOF
> mirrors:
>   docker.io:
>     endpoint:
>       - "https://fsp2sfpr.mirror.aliyuncs.com/"
>       - "https://registry.cn-hangzhou.aliyuncs.com/"
>   192.168.46.170:5000:
>     endpoint:
>       - "http://192.168.46.170:5000"
> EOF
[root@k8s-worker01 ~]# systemctl restart k3s
[root@k8s-worker01 ~]# crictl info | grep -A 5 "registry"
    "registry": {
      "configPath": "/var/lib/rancher/k3s/agent/etc/containerd/certs.d",
      "mirrors": null,
      "configs": null,
      "auths": null,
      "headers": null
[root@k8s-worker01 ~]# crictl pull 192.168.46.170:5000/ruoyi-ui:v3.8
Image is up to date for sha256:bd94927f11e2779dde2e0ee8112880f5b8f966891734c2b01697f456978ef70e
[root@k8s-worker01 ~]# crictl images
IMAGE                                        TAG                    IMAGE ID            SIZE
192.168.46.170:5000/ruoyi-ui                 v3.8                   bd94927f11e27       60.4MB
[root@k8s-worker01 ~]# uname -a
Linux k8s-worker01 5.4.271-1.el7.elrepo.x86_64 #1 SMP Wed Mar 6 14:47:25 EST 2024 x86_64 x86_64 x86_64 GNU/Linux

虽然不生效,但是确能从私有仓库中拉取镜像。 :grinning:

可参考:Mirrors configured in /etc/rancher/k3s/registries.yaml do not take effect · Issue #9626 · k3s-io/k3s · GitHub

1 个赞

hello,我有点笨,没看明白新版应该怎么设置,您能再给说详细点吗,谢谢您

我也遇到这个问题,大家是如何解决的

类似的问题,但是我好像是配置的Auth:nil 无法被识别