dragonflyoss · jim3ma · Jul 22, 2021 · Jul 21, 2021
@@ -181,6 +181,7 @@ dfdaemon:
         # port in configmap is generated from $.Values.dfdaemon.hostPort
         # port: 65001
       registryMirror:
+        dynamic: true
         url: https://index.docker.io
       proxies:
       - regx: blobs/sha256.*
@@ -162,6 +162,8 @@ proxy:
   #     start: 65020
   #     end: 65029
   registryMirror:
+    # when enable, using header "X-Dragonfly-Registry" for remote instead of url
+    dynamic: true
     # url for the registry mirror
     url: https://index.docker.io
     # whether to ignore https certificate errors

@@ -5,46 +5,57 @@ daemon as `DaemonSets`.
 
 Table of contents:
 
-* [Kustomize](#kustomize-support)
 * [Helm](#helm-support)
+* [Kustomize](#kustomize-support)
 * [TODO Upgrade Guide](#upgrade-guide)
 
-## Kustomize Support
+## Helm Support
 
 ### Prepare Kubernetes Cluster
 
 If there is no available Kubernetes cluster for testing, [minikube](https://minikube.sigs.k8s.io/docs/start/) is
 recommended. Just run `minikube start`.
 
-### Build and Apply Kustomize Configuration
+### Clone Chart
 
 ```shell
 git clone https://github.com/dragonflyoss/Dragonfly2.git
-kustomize build Dragonfly2/deploy/kustomize/single-cluster-native/overlays/sample | kubectl apply -f -
+```
+
+### Install
+
+```shell
+helm install --namespace dragonfly-system dragonfly Dragonfly2/deploy/charts/dragonfly
 ```
 
 ### Wait Dragonfly Ready
 
 Wait all pods running
 
 ```
-kubectl -n dragonfly wait --for=condition=ready --all --timeout=10m pod
+kubectl -n dragonfly-system wait --for=condition=ready --all --timeout=10m pod
 ```
 
 ### Configure Runtime
 
 Use Containerd with CRI as example, more runtimes can be found [here](../user-guide/quick-start.md)
 
+> This example is for single registry, multiple registries configuration is [here](../user-guide/registry-mirror/cri-containerd.md)
+
 For private registry:
 
 ```toml
+# explicitly use v2 config format, if already v2, skip the "version = 2"
+version = 2
 [plugins."io.containerd.grpc.v1.cri".registry.mirrors."harbor.example.com"]
 endpoint = ["http://127.0.0.1:65001", "https://harbor.example.com"]
 ```
 
 For docker public registry:
 
 ```toml
+# explicitly use v2 config format, if already v2, skip the "version = 2"
+version = 2
 [plugins."io.containerd.grpc.v1.cri".registry.mirrors."docker.io"]
 endpoint = ["http://127.0.0.1:65001", "https://registry-1.docker.io"]
 ```
@@ -81,31 +92,32 @@ Example output:
 {"level":"info","ts":"2021-06-28 06:02:30.924","caller":"peer/peertask_stream_callback.go:77","msg":"stream peer task done, cost: 2838ms","peer":"172.17.0.9-1-ed7a32ae-3f18-4095-9f54-6ccfc248b16e","task":"3c658c488fd0868847fab30976c2a079d8fd63df148fb3b53fd1a418015723d7","component":"streamPeerTask"}
 ```
 
-## Helm Support
+## Kustomize Support
 
-### Clone Chart
+### Prepare Kubernetes Cluster
 
-```shell
-git clone https://github.com/dragonflyoss/Dragonfly2.git
-```
+If there is no available Kubernetes cluster for testing, [minikube](https://minikube.sigs.k8s.io/docs/start/) is
+recommended. Just run `minikube start`.
 
-### Install
+### Build and Apply Kustomize Configuration
 
 ```shell
-helm install --namespace dragonfly-system dragonfly Dragonfly2/deploy/charts/dragonfly
+git clone https://github.com/dragonflyoss/Dragonfly2.git
+kustomize build Dragonfly2/deploy/kustomize/single-cluster-native/overlays/sample | kubectl apply -f -
 ```
 
 ### Wait Dragonfly Ready
 
 Wait all pods running
 
 ```
-kubectl -n dragonfly-system wait --for=condition=ready --all --timeout=10m pod
+kubectl -n dragonfly wait --for=condition=ready --all --timeout=10m pod
 ```
 
 ### Next Steps
 
 Following [Configure Runtime](#configure-runtime) to configure runtime.
+
 Following [Using Dragonfly](#using-dragonfly) to use Dragonfly.
 
 ## Upgrade Guide
@@ -16,6 +16,8 @@ proxy:
     listen: 0.0.0.0
     port: 65001
   registryMirror:
+    # multiple registries support, if only mirror single registry, disable this
+    dynamic: true
     url: https://index.docker.io
   proxies:
     - regx: blobs/sha256.*
@@ -29,10 +31,15 @@ dfget daemon
 
 ## Step 2: Configure Containerd
 
-Then, enable mirrors in Containerd registries configuration in
+### Option 1: Single Registry
+
+Enable mirrors in Containerd registries configuration in
 `/etc/containerd/config.toml`:
 
 ```toml
+# explicitly use v2 config format, if already v2, skip the "version = 2"
+version = 2
+
 [plugins."io.containerd.grpc.v1.cri".registry.mirrors."docker.io"]
   endpoint = ["http://127.0.0.1:65001","https://registry-1.docker.io"]
 ```
@@ -44,6 +51,52 @@ If `http://127.0.0.1:65001` is not available, the default `https://registry-1.do
 
 > Containerd has deprecated the above config from v1.4.0, new format for reference: https://github.com/containerd/containerd/blob/v1.5.2/docs/cri/config.md#registry-configuration
 
+### Option 2: Multiple Registries
+
+This option only supports Containerd 1.5.0+.
+
+#### 1. Enable Containerd Registries Config Path
+
+Enable mirrors in Containerd registries config path in
+`/etc/containerd/config.toml`:
+
+```toml
+# explicitly use v2 config format, if already v2, skip the "version = 2"
+version = 2
+
+[plugins."io.containerd.grpc.v1.cri".registry]
+  config_path = "/etc/containerd/certs.d"
+```
+
+#### 2. Generate Per Registry hosts.toml
+
+##### Option 1: Generate hosts.toml manually
+
+Path: `/etc/containerd/certs.d/example.com/hosts.toml`
+
+Replace `example.com` according the different registry domains.
+
+Content:
+
+```toml
+server = "https://example.com"
+
+[host."http://127.0.0.1:65001"]
+  capabilities = ["pull", "resolve"]
+  [host."http://127.0.0.1:65001".header]
+    X-Dragonfly-Registry = ["https://example.com"]
+```
+
+##### Option 2: Generate hosts.toml automatically
+
+You can also generate hosts.toml with https://github.com/dragonflyoss/Dragonfly2/blob/main/hack/gen-containerd-hosts.sh
+
+```shell
+bash gen-containerd-hosts.sh example.com
+```
+
+> More details about registry configuration: https://github.com/containerd/containerd/blob/main/docs/hosts.md#registry-configuration---examples
+
 ## Step 3: Restart Containerd Daemon
 
 ```