Closed supertetelman closed 1 year ago
Did you try this format ?
containerd_insecure_registries:
docker.io:
- dockerhubcache.example.com
Hello, i try containerd_insecure_registries: 192.168.22.54:
here is the solution:
diff --git a/roles/container-engine/containerd/tasks/main.yml b/roles/container-engine/containerd/tasks/main.yml
index ecea9dd75..c057a08e2 100644
--- a/roles/container-engine/containerd/tasks/main.yml
+++ b/roles/container-engine/containerd/tasks/main.yml
@@ -117,7 +117,7 @@
state: directory
mode: 0755
recurse: true
- with_items: "{{ containerd_insecure_registries }}"
+ with_dict: "{{ containerd_insecure_registries }}"
when: containerd_insecure_registries is defined
- name: containerd | Write hosts.toml file
@@ -131,7 +131,7 @@
[host."{{ item.value }}"]
capabilities = ["pull", "resolve", "push"]
skip_verify = true
- with_items: "{{ containerd_insecure_registries }}"
+ with_dict: "{{ containerd_insecure_registries }}"
when: containerd_insecure_registries is defined
# you can sometimes end up in a state where everything is installed
Hello, Thanks for the tips, work for me Changing with_items by with_dict in roles/container-engine/containerd/tasks/main.yml This is solve the Ansible issue we have also an issue witch the new configuration file in cert.d in containerd
Hello, To solve the issue i also have to remove mirror line in /etc/containerd/config.toml To remove mirror
version = 2 root = "/var/lib/containerd" state = "/run/containerd" oom_score = 0
[grpc] max_recv_message_size = 16777216 max_send_message_size = 16777216
[debug] level = "info"
[metrics] address = "" grpc_histogram = false
[plugins] [plugins."io.containerd.grpc.v1.cri"] sandbox_image = "registry.k8s.io/pause:3.8" max_container_log_line_size = -1 enable_unprivileged_ports = false enable_unprivileged_icmp = false [plugins."io.containerd.grpc.v1.cri".containerd] default_runtime_name = "runc" snapshotter = "overlayfs" [plugins."io.containerd.grpc.v1.cri".containerd.runtimes] [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc] runtime_type = "io.containerd.runc.v2" runtime_engine = "" runtime_root = "" base_runtime_spec = "/etc/containerd/cri-base.json"
[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc.options]
systemdCgroup = true
[plugins."io.containerd.grpc.v1.cri".registry]
config_path = "/etc/containerd/certs.d"
~
With this config the ansible task is ok and pulling from unsecure registry is ok
So it looks like this is in fact a bug in the main.yml and not a misunderstanding on intended variable format. @teriyakichild, will you be submitting your fix as a PR?
here is the PR with the fix: #9729
here is the PR with the fix: #9729
Thanks for pointing this out. We can close this issue with https://github.com/kubernetes-sigs/kubespray/pull/9729
/close
@oomichi: Closing this issue.
I have a repo that does a full deployment of Kubernetes with a few various add-ons that has been running great for some time. I just went to bump to the Kubespray version we are consuming from v 1.19.0 to v1.21.0. It appears that either the format expected of
containerd_insecure_registries
has changed or there is a bug that has been introduced for this variable. This deployment was working fine with the group_vars as-is for the previous version, but when I try to deploy with the latest code it is unable parse the variable.I looked through the example configuraiton provided here and it does not appear as if the format there has changed https://github.com/kubernetes-sigs/kubespray/blob/master/inventory/sample/group_vars/all/containerd.yml.
Any help on what I might have wrong with my configuration and what this variable is now expected to look like?
Version Info:
Relevant configuration in group_vars:
I also tried it with an alternate format as shown in this code example with the same error https://github.com/kubernetes-sigs/kubespray/blob/34d0451585eab0dc2c0ba99f02341fe2d25ca300/roles/kubespray-defaults/defaults/main.yaml:
Error Message:
Example config:
Alternate example config:
Failing code block (https://github.com/kubernetes-sigs/kubespray/blob/8a03bb1bb4f6768c84a76571a75d9066b1087c1d/roles/container-engine/containerd/tasks/main.yml):