Add support for using a host registry dir in cri
This will be used instead of the cri registry config in the main config toml. --- Also pulls in changes from containerd/cri@d0b4eecbb3 Signed-off-by: Brian Goff <cpuguy83@gmail.com>
This commit is contained in:
Brian Goff
@@ -145,15 +145,21 @@ type TLSConfig struct {
|
||||
|
||||
// Registry is registry settings configured
|
||||
type Registry struct {
|
||||
// ConfigPath is a path to the root directory containing registry-specific
|
||||
// configurations.
|
||||
// If ConfigPath is set, the rest of the registry specific options are ignored.
|
||||
ConfigPath string `toml:"config_path" json:"configPath"`
|
||||
// Mirrors are namespace to mirror mapping for all namespaces.
|
||||
// This option will not be used when ConfigPath is provided.
|
||||
// DEPRECATED: Use ConfigPath instead. Remove in containerd 1.7.
|
||||
Mirrors map[string]Mirror `toml:"mirrors" json:"mirrors"`
|
||||
// Configs are configs for each registry.
|
||||
// The key is the domain name or IP of the registry.
|
||||
// This option will be fully deprecated for ConfigPath in the future.
|
||||
Configs map[string]RegistryConfig `toml:"configs" json:"configs"`
|
||||
|
||||
// Auths are registry endpoint to auth config mapping. The registry endpoint must
|
||||
// be a valid url with host specified.
|
||||
// DEPRECATED: Use Configs instead. Remove in containerd 1.4.
|
||||
// DEPRECATED: Use ConfigPath instead. Remove in containerd 1.6.
|
||||
Auths map[string]AuthConfig `toml:"auths" json:"auths"`
|
||||
// Headers adds additional HTTP headers that get sent to all registries
|
||||
Headers map[string][]string `toml:"headers" json:"headers"`
|
||||
@@ -165,6 +171,8 @@ type RegistryConfig struct {
|
||||
Auth *AuthConfig `toml:"auth" json:"auth"`
|
||||
// TLS is a pair of CA/Cert/Key which then are used when creating the transport
|
||||
// that communicates with the registry.
|
||||
// This field will not be used when ConfigPath is provided.
|
||||
// DEPRECATED: Use ConfigPath instead. Remove in containerd 1.7.
|
||||
TLS *TLSConfig `toml:"tls" json:"tls"`
|
||||
}
|
||||
|
||||
@@ -351,6 +359,27 @@ func ValidatePluginConfig(ctx context.Context, c *PluginConfig) error {
|
||||
}
|
||||
}
|
||||
|
||||
useConfigPath := c.Registry.ConfigPath != ""
|
||||
if len(c.Registry.Mirrors) > 0 {
|
||||
if useConfigPath {
|
||||
return errors.Errorf("`mirrors` cannot be set when `config_path` is provided")
|
||||
}
|
||||
log.G(ctx).Warning("`mirrors` is deprecated, please use `config_path` instead")
|
||||
}
|
||||
var hasDeprecatedTLS bool
|
||||
for _, r := range c.Registry.Configs {
|
||||
if r.TLS != nil {
|
||||
hasDeprecatedTLS = true
|
||||
break
|
||||
}
|
||||
}
|
||||
if hasDeprecatedTLS {
|
||||
if useConfigPath {
|
||||
return errors.Errorf("`configs.tls` cannot be set when `config_path` is provided")
|
||||
}
|
||||
log.G(ctx).Warning("`configs.tls` is deprecated, please use `config_path` instead")
|
||||
}
|
||||
|
||||
// Validation for deprecated auths options and mapping it to configs.
|
||||
if len(c.Registry.Auths) != 0 {
|
||||
if c.Registry.Configs == nil {
|
||||
@@ -370,7 +399,7 @@ func ValidatePluginConfig(ctx context.Context, c *PluginConfig) error {
|
||||
config.Auth = &auth
|
||||
c.Registry.Configs[endpoint] = config
|
||||
}
|
||||
log.G(ctx).Warning("`auths` is deprecated, please use registry`configs` instead")
|
||||
log.G(ctx).Warning("`auths` is deprecated, please use `configs` instead")
|
||||
}
|
||||
|
||||
// Validation for stream_idle_timeout
|
||||
|
||||
Reference in New Issue
Block a user