Update crio.sls (#171)

* Update crio.sls * Create crio-registries.conf
2024-11-06 02:15:20 +00:00 · 2021-02-15 14:19:41 +03:00 · 2021-02-15 14:19:41 +03:00 · 28fa07357f
commit 28fa07357f
parent b1e3107658
2 changed files with 31 additions and 0 deletions
--- a/sls/k8s-master/crio.sls
+++ b/sls/k8s-master/crio.sls
@ -10,6 +10,12 @@
    - require:
      - pkg: k8s_deps

+/etc/containers/registries.conf:
+  file.managed:
+    - source: salt://{{ slspath }}/files/crio-registries.conf
+    - require:
+      - pkg: k8s_deps
+
 /etc/crictl.yaml:
  file.managed:
    - source: salt://{{ slspath }}/files/crictl.yaml
--- a/sls/k8s-master/files/crio-registries.conf
+++ b/sls/k8s-master/files/crio-registries.conf
@ -0,0 +1,25 @@
+# This is a system-wide configuration file used to
+# keep track of registries for various container backends.
+# It adheres to TOML format and does not support recursive
+# lists of registries.
+
+# The default location for this configuration file is /etc/containers/registries.conf.
+
+# The only valid categories are: 'registries.search', 'registries.insecure', 
+# and 'registries.block'.
+
+[registries.search]
+registries = ['docker.io']
+
+# If you need to access insecure registries, add the registry's fully-qualified name.
+# An insecure registry is one that does not have a valid SSL certificate or only does HTTP.
+[registries.insecure]
+registries = []
+
+
+# If you need to block pull access from a registry, uncomment the section below
+# and add the registries fully-qualified name.
+#
+# Docker only
+[registries.block]
+registries = []