magitekbay 我是用KK装的,containerd的命令都没有,config.toml配置找到了,在/var/lib/rancher/k3s/agent/etc/containerd/config.toml,这个配置重启后会刷新掉,根据官方修改/etc/rancher/k3s/registries.yaml也没有刷新config.toml不知道kk做了什么,我现在是配置不生效,不知道去哪里配。。。。。。

      Alice 咦kk居然支持containerd了,这个就不清楚了,我一直是手动部署环境,再这个基础上部署ks的 :

          magitekbay ok,多谢啦,那我再研究一下,我是基于3.0自己改的kk的源码,手动部署还好,都是官方的配置就行

              magitekbay 破案了,刚看了2.0kk的源码,这个config写在了源码里,每次都会更新,我去更新一下源码就行

                  Alice : 嗯,不客气,kk部署比较省事,3.0的时候用过,但是不怎么符合我的场景,我就自己手动部署了,就是每次升级都得自己改镜像,签证书的是一个二级ca,ks-installer不支持就很头疼

                    Alice
                    k3s的话,kk没有去装容器运行时。然后是k3s会自己装containerd,使用命令是k3s ctr xxx
                    看你的报错应该是需要配置走http去上传镜像到私有镜像仓库,可以试试这样配置:

                    registry:
    registryMirrors: []
    insecureRegistries: []
    privateRegistry: "192.168.5.61:1080"
    planHTTP: true

                        24sama 恩我现在是设置了http,配置不生效,我试试用新版的kk我看有pr修复这个问题了

                          改了v2.2.1的版本仍然不行
                          Warning FailedCreatePodSandBox 0s (x5 over 49s) kubelet, node1 Failed to create pod sandbox: rpc error: code = Unknown desc = failed to get sandbox image "192.168.5.61:1080/kubesphere/pause:3.2": failed to pull image "192.168.5.61:1080/kubesphere/pause:3.2": failed to pull and unpack image "192.168.5.61:1080/kubesphere/pause:3.2": failed to resolve reference "192.168.5.61:1080/kubesphere/pause:3.2": failed to do request: Head https://192.168.5.61:1080/v2/kubesphere/pause/manifests/3.2: http: server gave HTTP response to HTTPS client

                            config.yaml
                            registry:

                            privateRegistry: "192.168.5.61:1080"

namespaceOverride: ""

registryMirrors: []

insecureRegistries: [192.168.5.61:1080]

auths: # if docker add by \`docker login\`, if containerd append to \`/etc/containerd/config.toml\`

  "192.168.5.61:1080":

    username: "admin"

    password: "Harbor12345"

    skipTLSVerify: false # Allow contacting registries over HTTPS with failed TLS verification.

    plainHTTP: true # Allow contacting registries over HTTP.

                            addons: []

                            24sama 这个我确实设置了。。。还是不生效,就很离谱,我去github问问社区的人

                              24sama
                              [plugins.opt]

                              path = "/var/lib/rancher/k3s/agent/containerd"

                              [plugins.cri]

                              stream_server_address = "127.0.0.1"

                              stream_server_port = "10010"

                              enable_selinux = false

                              sandbox_image = "192.168.5.61:1080/kubesphere/pause:3.2"

                              [plugins.cri.containerd.runtimes.runc]

                              runtime_type = "io.containerd.runc.v2"

                              [plugins.cri.registry.mirrors]

                              [plugins.cri.registry.mirrors."192.168.5.61:1080"]

                              endpoint = ["http://192.168.5.61:1080"]

                              [plugins.cri.registry.configs."192.168.5.61:1080".auth]

                              username = "admin"

                              password = "Harbor12345"