I have configured a Harbor (with SSL and FQDN: harbor.example.com) as a proxy cache for several docker registries (docker.io, quay.io and k8s.gcr.io). I can pull any images without any problem from any PC/VM which can access the Harbor netowrk, i.e.:
# From hub.docker.comdocker pull harbor.example.com/dockerhub/library/ubuntu:20.04# From quay.comdocker pull harbor.example.com/q/metallb/speaker:v0.12.1# From k8s.gcr.comdocker pull harbor.example.com/g/ingress-nginx/controller:v1.1.2@sha256:28b11ce69e57843de44e3db6413e98d09de0f6688e33d4bd384002a44f78405cI want to use this Harbor to, from a local k3s cluster (which was an airgap installation) and its only way to pull images is using the previously mentioned Harbor registry (because it has no way to reach the internet), pull images from every docker proxy cache created with, for example, and following the lasts examples:
k3s crictl pull ubuntu:20.04k3s crictl pull quay.io/metallb/controller:v0.12.1k3s crictl pull k8s.gcr.io/ingress-nginx/controller:v1.1.2@sha256:28b11ce69e57843de44e3db6413e98d09de0f6688e33d4bd384002a44f78405cIn order to get it done, and following the instructions from the rke2 official docx, I'm trying to modify the /etc/rancher/k3s/registries.yaml to rewrite the link , i.e., from docker.io to harbor.example.com/dockerhub, and/or from quay.io to harbor.example.com/q and or k8s.grc.io to harbor.example.com/g but I can't find a way to achieve correctly... I guess it should be something like the folowing (but for every Harbor's cache proxy):
mirrors: quay.io: endpoint: - "https://harbor.virtalus.com" rewrite:"\/(.*)": "q/$1"So the question is: how to properly configure containerd's registries.yaml to point it to several Harbor's proxy cache?