首先,需要在国外买一台虚拟机,一定要国外的,在这个机器上搭建一个nginx做反向代理,然后在需要的docker环境里配置自己的代理域名即可。nginx的安装方式我就不说了,有很多开源的。
wget https://soft.lnmp.com/lnmp/lnmp2.1.tar.gz -O lnmp2.1.tar.gz && tar zxf lnmp2.1.tar.gz && cd lnmp2.1 && ./install.sh nginx [root@phl vhost]# cat default.conf server { listen 80; listen 443 ssl; server_name hub-docker.wulaoer.org; index index.html index.htm index.php; root /home/wwwroot/default; set_real_ip_from 192.168.6.0/24; real_ip_header X-Forwarded-For; real_ip_recursive on; ssl_certificate "/usr/local/nginx/ssl/wulaoer.org.pem"; ssl_certificate_key "/usr/local/nginx/ssl/wulaoer.org.key"; ssl_session_timeout 10m; ssl_session_cache shared:SSL:10m; ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; #error_page 404 /404.html; #if ($scheme = http) { # return 301 https://$host$request_uri; # } # Deny access to PHP files in specific directory #location ~ /(wp-content|uploads|wp-includes|images)/.*\.php$ { deny all; } include enable-php.conf; location / { proxy_pass https://registry-1.docker.io; proxy_set_header Host registry-1.docker.io; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_buffering off; proxy_set_header Authorization $http_authorization; proxy_pass_header Authorization; proxy_intercept_errors on; recursive_error_pages on; error_page 301 302 307 = @handle_redirect; } location @handle_redirect { resolver 1.1.1.1; set $saved_redirect_location '$upstream_http_location'; proxy_pass $saved_redirect_location; } location /nginx_status { stub_status on; access_log off; } location ~ /.well-known { allow all; } location ~ /\. { deny all; } } [root@phl vhost]# /etc/init.d/nginx restart Stoping nginx... done Starting nginx... done
配置好nginx后重启,说明生效,这样代理就配置好了,那我使用一个我自己的客户端看一下是否可以拉取镜像。
[root@k8s-ingress ~]# cat /etc/docker/daemon.json { "registry-mirrors": ["https://hub-docker.wulaoer.org"], "exec-opts": ["native.cgroupdriver=systemd"], "log-driver": "json-file", "log-opts": { "max-size": "128m" }, "storage-driver": "overlay2" } [root@k8s-ingress ~]# systemctl enable docker Created symlink from /etc/systemd/system/multi-user.target.wants/docker.service to /usr/lib/systemd/system/docker.service. [root@k8s-ingress ~]# systemctl start docker [root@k8s-ingress ~]# docker pull wolf27w/k8s-dns-node-cache:1.22.28 1.22.28: Pulling from wolf27w/k8s-dns-node-cache 2cbc221dc464: Pull complete b0eea46bf369: Pull complete Digest: sha256:b9c3ae254f65a9b0cd0c8c3f11a19c81b601561d388035d0770d6f9a41be15c5 Status: Downloaded newer image for wolf27w/k8s-dns-node-cache:1.22.28 docker.io/wolf27w/k8s-dns-node-cache:1.22.28
镜像拉取成功,说明代理生效了,这个是docker的配置方法,看一下containerd的配置方法。
[root@k8s-node04 ~]# cat /etc/containerd/config.toml ........................ [plugins."io.containerd.grpc.v1.cri".registry] [plugins."io.containerd.grpc.v1.cri".registry.auths] [plugins."io.containerd.grpc.v1.cri".registry.configs] [plugins."io.containerd.grpc.v1.cri".registry.headers] [plugins."io.containerd.grpc.v1.cri".registry.mirrors] [plugins."io.containerd.grpc.v1.cri".registry.mirrors."docker.io"] endpoint = ["https://hub-docker.wulaoer.org"] .......................... [root@k8s-node04 ~]# systemctl enable containerd [root@k8s-node04 ~]# systemctl restart containerd [root@k8s-node04 ~]# crictl pull redis:alpine3.20 Image is up to date for sha256:38a44d79682281c78810ce4f57a9a6c65e2307a1c6c4c7719092814b1ab5170f [root@k8s-node04 ~]#
containerd也可以拉取镜像了,这样k8s也可以使用代理了,这就可以实现镜像随便拉取再也不用担心超时的问题了。
您可以选择一种方式赞助本站
支付宝扫一扫赞助
微信钱包扫描赞助
赏