Inline registry mirror configuration is deprecated in containerd

[alex-berger]

What I'd like:

Inline registry mirror configuration as used by bottlerocket is deprecated since containerd version 1.5.0 and might be removed in containerd version 1.7.

Bottlerocket should be update to use the new approach to configure the image registries for containerd, as outlined in

• https://github.com/containerd/containerd/blob/v1.5.9/docs/cri/registry.md
• and https://github.com/containerd/containerd/blob/v1.5.9/docs/hosts.md

---

Setting config_path instead of inlining the mirror configuartion,

[plugins."io.containerd.grpc.v1.cri".registry]
   config_path = "/etc/containerd/certs.d"

and generating the corresponding directory structure and files

$ tree /etc/containerd/certs.d
/etc/containerd/certs.d
└── docker.io
    └── hosts.toml

$ cat /etc/containerd/certs.d/docker.io/hosts.toml
server = "https://docker.io"

[host."https://registry-1.docker.io"]
  capabilities = ["pull", "resolve"]

[phillebaba]

I think that this feature would be good to solve as there are a lot of other feature requests which would be solved by just updating the mirror configuration. Instead of having to expose every single parameter users would be able to write their own mirror configuration files which would be placed in the correct file path.

[dims]

FYI it's still there in 1.7.0 :)

https://github.com/containerd/containerd/blob/v1.7.0/pkg/cri/config/config.go#L209

[dims]

AND 2.0 beta

https://github.com/containerd/containerd/blob/v2.0.0-beta.0/pkg/cri/config/config.go#L189-L190

[empath-nirvana]

Is there any update on this? I'd really like to install "spegel" and can't because of this issue.

https://github.com/spegel-org/spegel/issues/47

[danielloader]

AND 2.0 beta

https://github.com/containerd/containerd/blob/v2.0.0-beta.0/pkg/cri/config/config.go#L189-L190

What if it's only hanging about because people keep using it and the maintainers are being overly cautious because people haven't stopped using it?