Harbor + containerd v2: Fixing HTTP Registry Errors

Table of Contents

The Error

After upgrading to containerd v2, image pulls from a private Harbor registry over HTTP failed:

http: server gave HTTP response to HTTPS client

The Fix

Create the hosts config directory for your registry IP:

mkdir -p /etc/containerd/certs.d/192.168.108.200

Create /etc/containerd/certs.d/192.168.108.200/hosts.toml:

server = "http://192.168.108.200"

[host."http://192.168.108.200"]
  capabilities = ["pull", "resolve", "push"]
  skip_verify = true

Restart containerd on all nodes:

systemctl restart containerd

Verify with:

crictl pull 192.168.108.200/library/nginx:latest