microk8s/kubernetes: Configure proxy for containerd #218
Conversation
lathiat
force-pushed
the
containerd_proxy
branch
2 times, most recently
from
86c051f to
e2dee17
Compare
lathiat
changed the title
| @@ -8,3 +8,5 @@ | |||
|
|
|||
| MOD_PARAMS[__MICROK8S_CHANNEL__]="latest/edge" | |||
| MOD_PARAMS[__NUM_MICROK8S_UNITS__]=1 | |||
| MOD_PARAMS[__CONTAINERD_PROXY__]='http://squid.internal:3128' | |||
| MOD_PARAMS[__CONTAINERD_NO_PROXY__]='127.0.0.1,localhost,::1,10.149.0.0/16,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16' | |||
There was a problem hiding this comment.
+=registry.jujucharms.com,rocks.canonical.com
There was a problem hiding this comment.
I got these added to the proxy rules instead so it's not required
| --containerd-no-proxy) #__OPT__type:<str> (default=127.0.0.1,localhost,::1,10.149.0.0/16,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16) | ||
| MOD_PARAMS[__CONTAINERD_NO_PROXY__]=$2 | ||
| shift | ||
| ;; | ||
| --calico) |
There was a problem hiding this comment.
We should also add options, for users to configure the docker user and password. The following config worked for me:
juju config containerd custom_registries='[{"url": "registry-1.docker.io", "username": "sombrafam", "password": "********"}]'
We should also print a warning if the user does not set those, since newer users will likely not know that this is almost mandatory and it's hard to diagnose once the deployment fails.
There was a problem hiding this comment.
I did a bunch of deployments without hitting these limits.. any idea what you need to deploy how many times to hit this?
There was a problem hiding this comment.
Think I'd prefer to address this in a separate commit to get this main one in first
There was a problem hiding this comment.
Maybe it's related to which of the pain you're connected to? I hit these many times.
Allow configuration of the containerd proxy server usign --containerd-proxy and --containerd-no-proxy as it's not possible to pull from most images repositories without it in SE Cloud. Will default to http://squid.internal:3128 if that hostname resolves.
lathiat
force-pushed
the
containerd_proxy
branch
from
e2dee17 to
87c19b3
Compare
|
Updated PR to auto-set proxy based on whether the hostname squid.internal resolves. Intentionally left the DockerHub credentials out for now, will look to address that in a separate PR. Ready for review/merge. |
Configure the containerd proxy server, as it's not possible to pull from
most image repositories without it in se-cloud.
Defaults to the required settings for the se-cloud environment. Can be
overridden with --containerd-proxy and --containerd-no-proxy.
For those using stsstack-bundles outside of the se-cloud environment,
use --containerd-use-proxy false to skip it. This is required as passing
a blank ("") argument to --containerd-proxy is not parsed correctly.