如何更改kubernetes默认暂停容器下载地址

由于网络问题，我想将默认的 google pause 容器从官方地址更改为镜像地址。我试图v1.28.3像这样更改 kubernetes 中的默认暂停容器地址：

root@k8sslave01:/var/lib/kubelet# cat /var/lib/kubelet/kubeadm-flags.env
KUBELET_KUBEADM_ARGS="--container-runtime-endpoint=unix:///var/run/containerd/containerd.sock --pod-infra-container-image=registry.aliyuncs.com/google_containers/pause:3.9"

当我重新启动 kubelet 服务时，该地址似乎不起作用。我应该怎么做才能更改 google pause 容器的默认地址？我也尝试添加--pod-infra-container-image=registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.6，但仍然无法解决问题，kubelet 日志显示错误：

root@k8sslave01:/etc/containerd# systemctl status kubelet -l --no-pager
● kubelet.service - kubelet: The Kubernetes Node Agent
     Loaded: loaded (/lib/systemd/system/kubelet.service; enabled; preset: enabled)
    Drop-In: /usr/lib/systemd/system/kubelet.service.d
             └─10-kubeadm.conf
     Active: active (running) since Sun 2023-11-12 00:48:39 CST; 1min 21s ago
       Docs: https://kubernetes.io/docs/
   Main PID: 2436 (kubelet)
      Tasks: 10 (limit: 2025)
     Memory: 35.7M
        CPU: 1.871s
     CGroup: /system.slice/kubelet.service
             └─2436 /usr/bin/kubelet --bootstrap-kubeconfig=/etc/kubernetes/bootstrap-kubelet.conf --kubeconfig=/etc/kubernetes/kubelet.conf --config=/var/lib/kubelet/config.yaml --container-runtime-endpoint=unix:///var/run/containerd/containerd.sock --pod-infra-container-image=registry.aliyuncs.com/google_containers/pause:3.9 --pod-infra-container-image=registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.6

Nov 12 00:49:55 k8sslave01 kubelet[2436]: E1112 00:49:55.679287    2436 kuberuntime_sandbox.go:72] "Failed to create sandbox for pod" err="rpc error: code = Unknown desc = failed to get sandbox image \"registry.k8s.io/pause:3.6\": failed to pull image \"registry.k8s.io/pause:3.6\": failed to pull and unpack image \"registry.k8s.io/pause:3.6\": failed to resolve reference \"registry.k8s.io/pause:3.6\": failed to do request: Head \"https://us-west2-docker.pkg.dev/v2/k8s-artifacts-prod/images/pause/manifests/3.6\": dial tcp 64.233.188.82:443: i/o timeout" pod="reddwarf-monitor/prometheus-prometheus-node-exporter-j78z6"
Nov 12 00:49:55 k8sslave01 kubelet[2436]: E1112 00:49:55.679310    2436 kuberuntime_manager.go:1166] "CreatePodSandbox for pod failed" err="rpc error: code = Unknown desc = failed to get sandbox image \"registry.k8s.io/pause:3.6\": failed to pull image \"registry.k8s.io/pause:3.6\": failed to pull and unpack image \"registry.k8s.io/pause:3.6\": failed to resolve reference \"registry.k8s.io/pause:3.6\": failed to do request: Head \"https://us-west2-docker.pkg.dev/v2/k8s-artifacts-prod/images/pause/manifests/3.6\": dial tcp 64.233.188.82:443: i/o timeout" pod="reddwarf-monitor/prometheus-prometheus-node-exporter-j78z6"
Nov 12 00:49:55 k8sslave01 kubelet[2436]: E1112 00:49:55.679358    2436 pod_workers.go:1300] "Error syncing pod, skipping" err="failed to \"CreatePodSandbox\" for \"prometheus-prometheus-node-exporter-j78z6_reddwarf-monitor(786d8b9f-483f-4868-a7e9-42c43997a204)\" with CreatePodSandboxError: \"Failed to create sandbox for pod \\\"prometheus-prometheus-node-exporter-j78z6_reddwarf-monitor(786d8b9f-483f-4868-a7e9-42c43997a204)\\\": rpc error: code = Unknown desc = failed to get sandbox image \\\"registry.k8s.io/pause:3.6\\\": failed to pull image \\\"registry.k8s.io/pause:3.6\\\": failed to pull and unpack image \\\"registry.k8s.io/pause:3.6\\\": failed to resolve reference \\\"registry.k8s.io/pause:3.6\\\": failed to do request: Head \\\"https://us-west2-docker.pkg.dev/v2/k8s-artifacts-prod/images/pause/manifests/3.6\\\": dial tcp 64.233.188.82:443: i/o timeout\"" pod="reddwarf-monitor/prometheus-prometheus-node-exporter-j78z6" podUID="786d8b9f-483f-4868-a7e9-42c43997a204"
Nov 12 00:49:55 k8sslave01 kubelet[2436]: E1112 00:49:55.747517    2436 remote_runtime.go:193] "RunPodSandbox from runtime service failed" err="rpc error: code = DeadlineExceeded desc = failed to get sandbox image \"registry.k8s.io/pause:3.6\": failed to pull image \"registry.k8s.io/pause:3.6\": failed to pull and unpack image \"registry.k8s.io/pause:3.6\": failed to resolve reference \"registry.k8s.io/pause:3.6\": failed to do request: Head \"https://us-west2-docker.pkg.dev/v2/k8s-artifacts-prod/images/pause/manifests/3.6\": dial tcp 64.233.188.82:443: i/o timeout"
Nov 12 00:49:55 k8sslave01 kubelet[2436]: E1112 00:49:55.747582    2436 kuberuntime_sandbox.go:72] "Failed to create sandbox for pod" err="rpc error: code = DeadlineExceeded desc = failed to get sandbox image \"registry.k8s.io/pause:3.6\": failed to pull image \"registry.k8s.io/pause:3.6\": failed to pull and unpack image \"registry.k8s.io/pause:3.6\": failed to resolve reference \"registry.k8s.io/pause:3.6\": failed to do request: Head \"https://us-west2-docker.pkg.dev/v2/k8s-artifacts-prod/images/pause/manifests/3.6\": dial tcp 64.233.188.82:443: i/o timeout" pod="kube-system/kube-proxy-cvrtf"
Nov 12 00:49:55 k8sslave01 kubelet[2436]: E1112 00:49:55.747610    2436 kuberuntime_manager.go:1166] "CreatePodSandbox for pod failed" err="rpc error: code = DeadlineExceeded desc = failed to get sandbox image \"registry.k8s.io/pause:3.6\": failed to pull image \"registry.k8s.io/pause:3.6\": failed to pull and unpack image \"registry.k8s.io/pause:3.6\": failed to resolve reference \"registry.k8s.io/pause:3.6\": failed to do request: Head \"https://us-west2-docker.pkg.dev/v2/k8s-artifacts-prod/images/pause/manifests/3.6\": dial tcp 64.233.188.82:443: i/o timeout" pod="kube-system/kube-proxy-cvrtf"
Nov 12 00:49:55 k8sslave01 kubelet[2436]: E1112 00:49:55.747691    2436 pod_workers.go:1300] "Error syncing pod, skipping" err="failed to \"CreatePodSandbox\" for \"kube-proxy-cvrtf_kube-system(175f3730-2bf2-4b56-8bbb-992b603edc93)\" with CreatePodSandboxError: \"Failed to create sandbox for pod \\\"kube-proxy-cvrtf_kube-system(175f3730-2bf2-4b56-8bbb-992b603edc93)\\\": rpc error: code = DeadlineExceeded desc = failed to get sandbox image \\\"registry.k8s.io/pause:3.6\\\": failed to pull image \\\"registry.k8s.io/pause:3.6\\\": failed to pull and unpack image \\\"registry.k8s.io/pause:3.6\\\": failed to resolve reference \\\"registry.k8s.io/pause:3.6\\\": failed to do request: Head \\\"https://us-west2-docker.pkg.dev/v2/k8s-artifacts-prod/images/pause/manifests/3.6\\\": dial tcp 64.233.188.82:443: i/o timeout\"" pod="kube-system/kube-proxy-cvrtf" podUID="175f3730-2bf2-4b56-8bbb-992b603edc93"
Nov 12 00:49:57 k8sslave01 kubelet[2436]: E1112 00:49:57.053066    2436 pod_workers.go:1300] "Error syncing pod, skipping" err="network is not ready: container runtime network not ready: NetworkReady=false reason:NetworkPluginNotReady message:Network plugin returns error: cni plugin not initialized" pod="calico-system/csi-node-driver-mgdpk" podUID="cf30fa63-9367-44fc-92da-9abaaec31115"
Nov 12 00:49:59 k8sslave01 kubelet[2436]: E1112 00:49:59.053229    2436 pod_workers.go:1300] "Error syncing pod, skipping" err="network is not ready: container runtime network not ready: NetworkReady=false reason:NetworkPluginNotReady message:Network plugin returns error: cni plugin not initialized" pod="calico-system/csi-node-driver-mgdpk" podUID="cf30fa63-9367-44fc-92da-9abaaec31115"
Nov 12 00:50:01 k8sslave01 kubelet[2436]: E1112 00:50:01.052851    2436 pod_workers.go:1300] "Error syncing pod, skipping" err="network is not ready: container runtime network not ready: NetworkReady=false reason:NetworkPluginNotReady message:Network plugin returns error: cni plugin not initialized" pod="calico-system/csi-node-driver-mgdpk" podUID="cf30fa63-9367-44fc-92da-9abaaec31115"

/etc/containerd/config.toml我像这样覆盖了 containerd 配置：

[plugins."io.containerd.grpc.v1.cri"]
  #sandbox_image = "k8s.m.daocloud.io/pause:3.6"
  sandbox_image = "registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.6"

仍然没有修复此问题。这是kubeadm-flags.env配置：

[root@k8s ~]# cat /var/lib/kubelet/kubeadm-flags.env
KUBELET_KUBEADM_ARGS="--container-runtime-endpoint=unix:///var/run/containerd/containerd.sock --pod-infra-container-image=registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.6"