Enhancement: docker pull rate limits - missing option to set registry mirror during cri-o install / sysbox-k8s-deploy

[mawl]

Because of the docker subscription changes: https://www.docker.com/pricing/november-2024-subscription-changes/

Can you please provide an option to set custom docker registry mirrors? This would significantly lower the amount of pull requests against hub.docker.com/docker.io: https://www.docker.com/increase-rate-limits/

Here is the interesting part: https://github.com/nestybox/sysbox-pkgr/blob/72d84abd652983cf34b4b52f48ba9d027f9a1779/k8s/config/etc_containers_registries.conf#L69

This file gets copied to a k8s node when cri-o is initially installed: https://github.com/nestybox/sysbox-pkgr/blob/72d84abd652983cf34b4b52f48ba9d027f9a1779/k8s/scripts/crio-installer.sh#L134

By manually adding a custom registry mirror to /etc/containers/registries.conf and restarting cri-o service, images are pulled now from our custom registry mirror.

But we would like to automate this during sysbox k8s deploy: https://github.com/nestybox/sysbox/blob/master/docs/user-guide/install-k8s.md#installation-of-sysbox

Our idea/workaorund is to mount a custom registries.conf via ConfigMap into your sysbox-k8s-deploy daemonset to override the default one - but this only works for initial setups, as once deployed /etc/containers/registries.conf is left on the host during uninstall.

Are there plans on your side to add the missing functionality?

[ctalledo]

Hi @mawl, thanks for giving Sysbox a shot and filing the issue.

We don't have plans (or cycles) at this time to allow customizing the CRI-O containers-registries.conf file installed by sysbox-deploy-k8s (e.g., via a ConfigMap), but we would be happy to consider any contributions on this.

If you or your team are willing to contribute, happy to guide you through how sysbox-deploy-k8s works if needed.

Thanks!

[mawl]

Hi @ctalledo, let's see if other users vote for the feature. I would then be happy to share our solution with you.