add containerd registry mirror certificate configuration

Signed-off-by: KubeKyrie <[email protected]>

roles/container-engine/containerd/defaults/main.yml

@@ -62,6 +62,8 @@ containerd_registries_mirrors:
       - host: https://registry-1.docker.io
         capabilities: ["pull", "resolve"]
         skip_verify: false
+#        ca: ["/etc/certs/mirror.pem"]
+#        client: ["/etc/certs/client-1.pem", "/etc/certs/client-2.pem"]
 
 containerd_max_container_log_line_size: 16384
 

roles/container-engine/containerd/templates/hosts.toml.j2

@@ -4,4 +4,10 @@ server = "{{ item.server | default("https://" + item.prefix) }}"
   capabilities = ["{{ ([ mirror.capabilities ] | flatten ) | join('","') }}"]
   skip_verify = {{ mirror.skip_verify | default('false') | string | lower }}
   override_path = {{ mirror.override_path | default('false') | string | lower }}
+{% if mirror.ca is defined %}
+  ca = ["{{ ([ mirror.ca ] | flatten ) | join('","') }}"]
+{% endif %}
+{% if mirror.client is defined %}
+  client = ["{{ ([ mirror.client ] | flatten ) | join('","') }}"]
+{% endif %}
 {% endfor %}