-
Notifications
You must be signed in to change notification settings - Fork 6.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix containerd config_path mirrors and remove nerdctl insecure_registry #10196
Fix containerd config_path mirrors and remove nerdctl insecure_registry #10196
Conversation
Hi @yckaolalala. Thanks for your PR. I'm waiting for a kubernetes-sigs member to verify that this patch is reasonable to test. If it is, they should reply with Once the patch is verified, the new status will be reflected by the I understand the commands that are listed here. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
/ok-to-test |
Hi @yckaolalala could you rebase your PR 🙏? I can't get the CI to pass because of some changes that reaches master :(. |
4236156
to
45cf910
Compare
packet_debian11-calico-upgrade test failed, This job used old config.toml and can not use new |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks! Could you just rewrite the release notes accordingly then? Apart from that looks good, many thanks for this nice contribution 🙏
/lgtm
4307851
to
fd2caa2
Compare
Thanks for the rebase 🙏 |
fd2caa2
to
d004c6f
Compare
rebased |
Thanks 🙏 |
d004c6f
to
151b513
Compare
8650531
to
c9ba6a6
Compare
…tl global insecure_registry setting
…ass packet_debian11-calico-upgrade
c9ba6a6
to
048df79
Compare
/lgtm |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@yckaolalala Sorry for the delay, thank you for the PR !
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: floryut, MrFreezeex, yckaolalala The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
This is a breaking change. Can it me marked as such in the release notes? |
Thanks @sathieu , |
Thanks @yankay. Maybe it should be added to the Deprecation / Removal section too ? |
HI @sathieu I'm not sure, the |
Thanks @yankay This is great! |
…ry (kubernetes-sigs#10196) * Fix containerd_registries in config_path for mirrors and remove nerdctl global insecure_registry setting * Make containerd hosts.toml mode 0640 * Add containerd_registries_mirrors and keep containerd_registries to pass packet_debian11-calico-upgrade
@yankay the releases note is not detailled enough. |
…ry (kubernetes-sigs#10196) * Fix containerd_registries in config_path for mirrors and remove nerdctl global insecure_registry setting * Make containerd hosts.toml mode 0640 * Add containerd_registries_mirrors and keep containerd_registries to pass packet_debian11-calico-upgrade
What type of PR is this?
What this PR does / why we need it:
Currently,
containerd_use_config_path
disable use mirrors config .Add
containerd_registries_mirrors
is similar ascrio_registries
Currently, it appears that nerdctl is not reading the mirrors config in /etc/containerd/config.toml. nerdctl issue#981. However, nerdctl can read the mirrors config if
hosts_dir
is set in /etc/nerdctl/nerdctl.toml. Therefore, I have removed the check forcontainerd_use_config_path
when writing to hosts.toml.Remove the
nerdctl_extra_flags
andinsecure_registry
settings. Instead, nerdctl can pull from an insecure registry by configuring thecontainerd_registries_mirrors
.Which issue(s) this PR fixes:
Fixes #9743
Special notes for your reviewer:
Should change default
containerd_use_config_path
to true?Alternatively, can add a variable such as containerd_config_path_required_version: "1.5".
Does this PR introduce a user-facing change?: