更新时间:2025-08-07 GMT+08:00
配置镜像header能力
操作场景
镜像下载时,通过Annotation(cci.io/registry-headers)配置registry和header信息,增加自定义的信息说明来源。
使用说明
创建pod时,请求的Annotation里增加registry-headers配置(cci.io/registry-headers: "[{\"registry\":\"swr.cn-north-4.myhuaweicloud.com\",\"headers\":{\"key1\":\"value1\",\"key2\":\"value2\"}},{\"registry\":\"swr.cn-north-8.myhuaweicloud.com\",\"headers\":{\"key1\":\"value1\",\"key2\":\"value2\"}}]"),在对应pod的容器里使用registry-headers能力。
约束与限制
- 请求里的cci.io/registry-headers字段要校验registry和headers。
- 请求的cci.io/registry-headers字段内容从annotation获取。
通过ccictl创建pod
您可以通过对工作负载添加annotations控制是否为当前pod开启registry-headers能力,如下所示。
apiVersion: cci/v2
kind: Deployment
metadata:
annotations:
description: ''
labels: {}
name: nginx
spec:
replicas: 2
selector:
matchLabels:
app: nginx
template:
metadata:
annotations:
vm.cci.io/pod-size-specs: 2.00_4.0
resource.cci.io/pod-size-specs: 2.00_4.0
metrics.alpha.kubernetes.io/custom-endpoints: '[{api:'''',path:'''',port:'''',names:''''}]'
cci.io/registry-headers: "[{\"registry\":\"swr.cn-north-4.myhuaweicloud.com\",\"headers\":{\"key1\":\"value1\",\"key2\":\"value2\"}},{\"registry\":\"swr.cn-north-8.myhuaweicloud.com\",\"headers\":{\"key1\":\"value1\",\"key2\":\"value2\"}}]" # 配置开启registry-headers能力
log.stdoutcollection.kubernetes.io: '{"collectionContainers": ["container-0"]}'
labels:
app: nginx
spec:
containers:
- image: library/nginx:stable-alpine-perl
name: container-0
resources:
limits:
cpu: 2000m
memory: 4096Mi
requests:
cpu: 2000m
memory: 4096Mi
command: []
lifecycle: {}
dnsPolicy: ''
imagePullSecrets:
- name: imagepull-secret
dnsConfig: {}
minReadySeconds: 0
strategy:
type: RollingUpdate
rollingUpdate:
maxSurge: 0
maxUnavailable: 1
cci.io/registry-headers:Pod需要配置的registry-headers能力。
父主题: 运维管理
