一、问题背景
1. 配置完socks5代理之后,执行 nerdctl pull deibian 可以下载下来镜像
代理配置方式为:在 /etc/profile 文件中添加环境变量:
export http_proxy="socks5://127.0.0.1:1080"
export https_proxy="socks5://127.0.0.1:1080"
export ftp_proxy="socks5://127.0.0.1:1080"
export no_proxy="localhost,127.0.0.1,10.2.24.0/24"
2. 通过buildkitd 构建镜像时,报错如下:
[+] Building 30.1s (2/2) FINISHED
=> [internal] load build definition from Dockerfile 0.0s
=> => transferring dockerfile: 343B 0.0s
=> ERROR [internal] load metadata for docker.io/library/debian:bullseye 30.0s
------
> [internal] load metadata for docker.io/library/debian:bullseye:
------
Dockerfile:1
--------------------
1 | >>> FROM debian:bullseye
2 | LABEL xxxxxx
3 | WORKDIR /root
--------------------
error: failed to solve: DeadlineExceeded: DeadlineExceeded: DeadlineExceeded: debian:bullseye: failed to resolve source metadata for docker.io/library/debian:bullseye: failed to do request: Head "https://registry-1.docker.io/v2/library/debian/manifests/bullseye": dial tcp 173.255.209.47:443: i/o timeout
FATA[0030] unrecognized image format
[+] Building 30.2s (2/2) FINISHED
=> [internal] load build definition from Dockerfile 0.0s
=> => transferring dockerfile: 343B 0.0s
=> ERROR [internal] load metadata for docker.io/library/debian:bullseye 30.0s
------
> [internal] load metadata for docker.io/library/debian:bullseye:
------
Dockerfile:1
--------------------
1 | >>> FROM debian:bullseye
2 | LABEL xxxxxx
3 | WORKDIR /root
--------------------
error: failed to solve: debian:bullseye: failed to resolve source metadata for docker.io/library/debian:bullseye: failed to do request: Head "https://registry-1.docker.io/v2/library/debian/manifests/bullseye": dial tcp 173.255.209.47:443: i/o timeout
FATA[0030] unrecognized image format
二、解决方案
通过查看buildkitd 的systemd 服务文件如下:
[Unit]
Description=/usr/bin/buildkitd
ConditionPathExists=/usr/bin/buildkitd
After=containerd.service
[Service]
Type=simple
ExecStart=/usr/bin/buildkitd
User=root
Restart=on-failure
RestartSec=1500ms
[Install]
WantedBy=multi-user.target
这里我们需要了解一个知识点:
/etc/profile和用户 shell 环境:/etc/profile是为登录 shell 提供的环境配置,通常在你通过命令行登录时(例如使用bash)加载。它影响的是用户的 shell 会话环境,但对于启动的 后台服务(如buildkitd) 来说,这些配置并不自动生效。systemd环境:systemd启动服务时,实际上是以 独立的环境 运行的,通常不会自动加载登录 shell 中的配置文件(如/etc/profile或~/.bashrc)。因此,systemd启动的进程需要显式地配置环境变量才能让其生效。
了解完这个知识点,之后,我们修改 buildkitd 的systemd服务文件如下:
[Unit]
Description=/usr/bin/buildkitd
ConditionPathExists=/usr/bin/buildkitd
After=containerd.service
[Service]
Environment="HTTP_PROXY=socks5h://127.0.0.1:1080"
Environment="HTTPS_PROXY=socks5h://127.0.0.1:1080"
Type=simple
ExecStart=/usr/bin/buildkitd
User=root
Restart=on-failure
RestartSec=1500ms
[Install]
WantedBy=multi-user.target
问题解决。
