本文主要是介绍containerd使用了解,希望对大家解决编程问题提供一定的参考价值,需要的开发者们随着小编来一起学习吧!
containerd使用了解
yum安装
[root@vm ~]# curl -o /etc/yum.repos.d/docker.repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
[root@vm ~]# yum list | grep containerd
containerd.io.x86_64 1.6.28-3.1.el7 docker-ce-stable
[root@vm ~]# yum -y install containerd.io.x86_64
[root@vm ~]# systemctl enable containerd --now
Created symlink from /etc/systemd/system/multi-user.target.wants/containerd.service to /usr/lib/systemd/system/containerd.service.
[root@vm ~]# systemctl status containerd
[root@vm ~]# ctr version
Client:Version: 1.6.28Revision: ae07eda36dd25f8a1b98dfbf587313b99c0190bbGo version: go1.20.13Server:Version: 1.6.28Revision: ae07eda36dd25f8a1b98dfbf587313b99c0190bbUUID: 852c205c-ca6d-475a-823b-b2069a2b183f
[root@vm ~]# ctr container ls
CONTAINER IMAGE RUNTIME
二进制方式安装
[root@vm ~]# wget https://github.com/containerd/containerd/releases/download/v1.6.0/cri-containerd-cni-1.6.0-linux-amd64.tar.gz# 查看etc目录,主要为containerd服务管理配置文件及cni虚拟网卡配置文件
# 查看opt目录,主要为gce环境中使用containerd配置文件及cni插件
# 查看usr目录,bin主要为containerd运行时文件,sbin包含runc[root@vm ~]# cat etc/systemd/system/containerd.service
# 将containerd放到对的目录里,将service放到对应的目录 使用system管理
创建配置文件目录
[root@vm ~]# containerd --help
[root@vm ~]# mkdir /etc/containerd #创建配置文件目录
[root@vm ~]# containerd config default > /etc/containerd/config.toml #生成配置文件
...
disabled_plugins = []
imports = []
oom_score = 0
plugin_dir = ""
required_plugins = []
root = "/var/lib/containerd"
state = "/run/containerd"
temp = ""
...
[plugins][plugins."io.containerd.gc.v1.scheduler"]deletion_threshold = 0mutation_threshold = 100pause_threshold = 0.02schedule_delay = "0s"startup_delay = "100ms"[plugins."io.containerd.grpc.v1.cri"]device_ownership_from_security_context = falsedisable_apparmor = falsesandbox_image = "registry.k8s.io/pause:3.6" # 配置可拉取到的[plugins."io.containerd.grpc.v1.cri".registry][plugins."io.containerd.grpc.v1.cri".registry.mirrors][plugins."io.containerd.grpc.v1.cri".registry.mirrors."docker.io"]endpoint = ["https://docker.mirrors.ustc.edu.cn","http://hub-mirror.c.163.com"][plugins."io.containerd.grpc.v1.cri".registry.mirrors."k8s.gcr.io"]endpoint = ["https://gcr.mirrors.ustc.edu.cn"] [plugins.cri.registry.mirrors."harbor.docker.com"] #此处添加了本地容器镜像仓库 Harbor,做为本地容器镜像仓库endpoint =["http://harbor.docker.com"]
[root@vm ~]# cp usr/local/bin/ctr /usr/bin/
[root@vm ~]# ctr version
containerd+runc 但是依赖系统中的seccomp
[root@vm ~]# # wget https://github.com/opencontainers/runc/releases/download/v1.1.0/runc.amd64
[root@vm ~]# chmod+x runc
[root@vm ~]# runc -v
docker&ctr&crictl区别
docker 使用 docker images 命令管理镜像
单机containerd 使用 ctr images 命令管理镜像(containerd本身的CLI工具)
k8s中containerd 使用 crictl images 命令管理镜像(Kubernetes社区的专用CLI工具)
[root@vm ~]# ctr --hepUSAGE:ctr [global options] command [command options] [arguments...]COMMANDSplugins, plugin provides information about containerd pluginsversion print the client and server versionscontainers, c, container manage containerscontent manage contentevents, event display containerd eventsimages, image, i manage imagesleases manage leasesnamespaces, namespace, ns manage namespacespprof provide golang pprof outputs for containerdrun run a containersnapshots, snapshot manage snapshotstasks, t, task manage tasksinstall install a new packageoci OCI toolsdeprecationsshim interact with a shim directlyhelp, h Shows a list of commands or help for one command
镜像操作
[root@vm ~]# ctr images --help
NAME:ctr images - manage imagesUSAGE:ctr images command [command options] [arguments...]COMMANDS:check check existing images to ensure all content is avail able locallyexport export imagesimport import imageslist, ls list images known to containerdmount mount an image to a target pathunmount unmount the image from the targetpull pull an image from a remotepush push an image to a remotedelete, del, remove, rm remove one or more images by referencetag tag an imagelabel set and clear labels for an imageconvert convert an image[root@vm ~]# ctr images pull docker.io/library/nginx:latest #根据平台统架构 自动下载符合的 uname -a
[root@vm ~]# ctr images pull --platform linux/amd64 docker.io/library/nginx:alpine # 指定架构的
[root@vm ~]# ctr images pull --all-platforms docker.io/library/nginx:alpine # 下所有的[root@vm ~]# ctr images mount docker.io/library/nginx:alpine /mnt
[root@vm ~]# ls /mnt
[root@vm ~]# umount /mnt[root@vm ~]# ctr i export nginx.img docker.io/library/nginx:alpine
[root@vm ~]# ls nginx.img
[root@vm ~]# ctr i export --al1-platforms nginx.img docker.io/library/nginx:alpine
[root@vm ~]# ctr i import
[root@vm ~]# ctr i rm [root@vm ~]# ctr i check # 显示镜像大小分层
[root@vm ~]# cri i tag docker.io/library/nginx:alpine docker.io/library/nginx:alpine-v1 #名字要完整,这种nginx:alpine-v1会不可用
容器操作.
ctr container --help
ctr c --help
[root@vm ~]# ctr container --help
NAME:ctr containers - manage containersUSAGE:ctr containers command [command options] [arguments...]COMMANDS:create create containerdelete, del, remove, rm delete one or more existing containersinfo get info about a containerlist, ls list containerslabel set and clear labels for a containercheckpoint checkpoint a containerrestore restore a container from checkpoint使用“ctr container create 命今创建容器后,容器并没有处于运行状态,其只是一个静态的容器。
这个 container 对象只是包含了运行一个容器所需的资源及配黑的数据结构。
例如: Tlamespaces、rootfs 和容器的配黑都已经初始化成功了,只是用户进程(本案为nginx)还没有启动。
需要使用ctr tasks~命令才能获取一个动态容器。# ctr container 需两步完成容器启动,所以使用不多。采用ctr run[root@vm ~]# ctr c ls 查看容器
[root@vm ~]# ctr task ls 查看任务,动态的[root@vm ~]# ctr container create docker.io/library/nginx:alpine my-nginx # 先镜像,后容器名。 镜像不存在时,创建失败
[root@vm ~]# ctr c ls
[root@vm ~]# ctr c info my-nginx
[root@vm ~]# ctr task ls #暂时没有动态的容器
[root@vm ~]# ctr task start -d my-nginx # runc,复制containerd连接runC垫片工具containerd-shim-runc-v2至/usr/bin
[root@vm ~]# ctr task ls # 显示容器所在宿主机进程,pid
[root@vm ~]# ctr task ps my-nginx #查看容器的进程(都是物理机的进程 master worker)
# 进入容器
[root@vm ~]# ctr task exec --exec-id 1 my-nginx /bin/bash # 1 随机写
curl localhost# 使用ctr run
[root@vm ~]# ctr run -d --net-host docker.io/library/nginx:latest nginx2
[root@vm ~]# ctr task exec --exec-id $RANDOM -t nginx2 /bin/bash
exit#暂停容器
[root@vm ~]# ctr task pause nginx2
[root@vm ~]# ctr task ls #再次查看容器状态,看到其状态为PAUSED,表示停止
[root@vm ~]# ctr task resume nginx2
[root@vm ~]# ctr task kill nginx2 # stop状态
[root@vm ~]# ctr task rm nginx2 #删除进程,容器还在不用再次 ctr create
[root@vm ~]# ctr task start -d nginx2#删除容器[root@vm ~]# ctr task delet nginx2
[root@vm ~]# ctr container delete nginx2
这篇关于containerd使用了解的文章就介绍到这儿,希望我们推荐的文章对编程师们有所帮助!