碼上快樂

相關內容    簡體    繁體

containerd 使用

本文轉載自   查看原文   2020-12-16 17:46   1558    k8s-docker

下載:

 wget https://github.com/kubernetes-sigs/cri-tools/releases/download/v1.19.0/crictl-v1.19.0-linux-amd64.tar.gz
 wget https://github.com/containerd/containerd/releases/download/v1.4.3/containerd-1.4.3-linux-amd64.tar.gz
 wget https://github.com/opencontainers/runc/releases/download/v1.0.0-rc92/runc.amd64
 #wget https://github.com/containernetworking/plugins/releases/download/v0.9.0/cni-plugins-linux-amd64-v0.9.0.tgz  好像沒用

 

 

ctr 不支持http,必須使用https, 所有需要添加 --plain-http 參數

ctr images pull --plain-http --user admin:123456 192.168.20.11/source/coredns:1.2.0

 

ctr使用

查詢本地鏡像

ctr image ls

 

下載鏡像, docker.io/library/nginx:alpine 要提前去dockerhub上找到

ctr image  pull docker.io/library/nginx:alpine

 

鏡像導出

ctr image export   coredns.tar  192.168.20.11/source/coredns:1.2.0

 

鏡像導入

ctr image import coredns.tar

 

鏡像打tag

ctr image tag 192.168.20.11/source/coredns:1.2.0 192.168.20.11/test/coredns:1.2.0

 

推送鏡像

 ctr  image push --plain-http --user admin:123456  192.168.20.11/test/coredns:1.2.0

 

創建鏡像:

[root@master1 ~]# cat  /etc/containerd/config.toml 
version = 2
root = "/var/lib/containerd"
state = "/run/containerd"
plugin_dir = ""
disabled_plugins = []
required_plugins = []
oom_score = 0

[grpc]
  address = "/run/containerd/containerd.sock"
  tcp_address = ""
  tcp_tls_cert = ""
  tcp_tls_key = ""
  uid = 0
  gid = 0
  max_recv_message_size = 16777216
  max_send_message_size = 16777216

[ttrpc]
  address = ""
  uid = 0
  gid = 0

[debug]
  address = ""
  uid = 0
  gid = 0
  level = ""

[metrics]
  address = ""
  grpc_histogram = false

[cgroup]
  path = ""

[timeouts]
  "io.containerd.timeout.shim.cleanup" = "5s"
  "io.containerd.timeout.shim.load" = "5s"
  "io.containerd.timeout.shim.shutdown" = "3s"
  "io.containerd.timeout.task.state" = "2s"

[plugins]
  [plugins."io.containerd.gc.v1.scheduler"]
    pause_threshold = 0.02
    deletion_threshold = 0
    mutation_threshold = 100
    schedule_delay = "0s"
    startup_delay = "100ms"
  [plugins."io.containerd.grpc.v1.cri"]
    disable_tcp_service = true
    stream_server_address = "127.0.0.1"
    stream_server_port = "0"
    stream_idle_timeout = "4h0m0s"
    enable_selinux = false
    sandbox_image = "k8s.gcr.io/pause:3.1"
    stats_collect_period = 10
    systemd_cgroup = false
    enable_tls_streaming = false
    max_container_log_line_size = 16384
    disable_cgroup = false
    disable_apparmor = false
    restrict_oom_score_adj = false
    max_concurrent_downloads = 3
    disable_proc_mount = false
    [plugins."io.containerd.grpc.v1.cri".containerd]
      snapshotter = "overlayfs"
      default_runtime_name = "runc"
      no_pivot = false
      [plugins."io.containerd.grpc.v1.cri".containerd.default_runtime]
        runtime_type = ""
        runtime_engine = ""
        runtime_root = ""
        privileged_without_host_devices = false
      [plugins."io.containerd.grpc.v1.cri".containerd.untrusted_workload_runtime]
        runtime_type = ""
        runtime_engine = ""
        runtime_root = ""
        privileged_without_host_devices = false
      [plugins."io.containerd.grpc.v1.cri".containerd.runtimes]
        [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc]
          runtime_type = "io.containerd.runc.v1"
          runtime_engine = ""
          runtime_root = ""
          privileged_without_host_devices = false
    [plugins."io.containerd.grpc.v1.cri".cni]
      bin_dir = "/opt/cni/bin"
      conf_dir = "/etc/cni/net.d"
      max_conf_num = 1
      conf_template = ""
    [plugins."io.containerd.grpc.v1.cri".registry]
      [plugins."io.containerd.grpc.v1.cri".registry.mirrors]
        [plugins."io.containerd.grpc.v1.cri".registry.mirrors."docker.io"]
          endpoint = ["https://registry-1.docker.io"]
        [plugins."io.containerd.grpc.v1.cri".registry.mirrors."192.168.20.11"]
          endpoint = ["http://192.168.20.11"]
    [plugins."io.containerd.grpc.v1.cri".registry.configs]
        [plugins."io.containerd.grpc.v1.cri".registry.configs."192.168.20.11".tls]
          insecure_skip_verify = true
        [plugins."io.containerd.grpc.v1.cri".registry.configs."192.168.20.11".auth]
          username = "admin"
          password = "Senyint.rh13579"
    [plugins."io.containerd.grpc.v1.cri".x509_key_pair_streaming]
      tls_cert_file = ""
      tls_key_file = ""
  [plugins."io.containerd.internal.v1.opt"]
    path = "/opt/containerd"
  [plugins."io.containerd.internal.v1.restart"]
    interval = "10s"
  [plugins."io.containerd.metadata.v1.bolt"]
    content_sharing_policy = "shared"
  [plugins."io.containerd.monitor.v1.cgroups"]
    no_prometheus = false
  [plugins."io.containerd.runtime.v1.linux"]
    shim = "containerd-shim"
    runtime = "runc"
    runtime_root = ""
    no_shim = false
    shim_debug = false
  [plugins."io.containerd.runtime.v2.task"]
    platforms = ["linux/amd64"]
  [plugins."io.containerd.service.v1.diff-service"]
    default = ["walking"]
  [plugins."io.containerd.snapshotter.v1.devmapper"]
    root_path = ""
    pool_name = ""
    base_image_size = ""

 

 

[root@master1 ~]# cat  /etc/crictl.yaml 
runtime-endpoint: unix:///run/containerd/containerd.sock
image-endpoint: unix:///run/containerd/containerd.sock
timeout: 10
debug: false

 

 

Systemd 配置

/etc/systemd/system/containerd.service
# Copyright The containerd Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

[Unit]
Description=containerd container runtime
Documentation=https://containerd.io
After=network.target local-fs.target

[Service]
ExecStartPre=-/sbin/modprobe overlay
ExecStart=/usr/local/bin/containerd

Type=notify
Delegate=yes
KillMode=process
Restart=always
RestartSec=5
# Having non-zero Limit*s causes performance problems due to accounting overhead
# in the kernel. We recommend using cgroups to do container-local accounting.
LimitNPROC=infinity
LimitCORE=infinity
LimitNOFILE=1048576
# Comment TasksMax if your systemd version does not supports it.
# Only systemd 226 and above support this version.
TasksMax=infinity
OOMScoreAdjust=-999

[Install]
WantedBy=multi-user.target

 

  • Delegate : 這個選項允許 Containerd 以及運行時自己管理自己創建的容器的 cgroups。如果不設置這個選項,systemd 就會將進程移到自己的 cgroups 中,從而導致 Containerd 無法正確獲取容器的資源使用情況。

  • KillMode : 這個選項用來處理 Containerd 進程被殺死的方式。默認情況下,systemd 會在進程的 cgroup 中查找並殺死 Containerd 的所有子進程,這肯定不是我們想要的。KillMode字段可以設置的值如下。

    我們需要將 KillMode 的值設置為 process,這樣可以確保升級或重啟 Containerd 時不殺死現有的容器。

    • control-group(默認值):當前控制組里面的所有子進程,都會被殺掉
    • process:只殺主進程
    • mixed:主進程將收到 SIGTERM 信號,子進程收到 SIGKILL 信號
    • none:沒有進程會被殺掉,只是執行服務的 stop 命令。

 

 containerd 容器管理

1 創建container
ctr -a /var/run/docker/containerd/containerd.sock c create docker.io/libarary/redis:alpin redis

2. 查看
ctr -a /var/run/docker/containerd/containerd.sock c ls

3. 后台啟動
ctr -a /var/run/docker/containerd/containerd.sock t start -d redis

4. 查看容器
ctr -a /var/run/docker/containerd/containerd.sock t ls

5. 查看 -n  default 命名空間下的task
ctr -n default -a /var/run/docker/containerd/contaier.sock task ls

 

 

[root@master1 containerd]# ctr task start nginx
ctr: OCI runtime create failed: unable to retrieve OCI runtime error (open /run/containerd/io.containerd.runtime.v2.task/default/nginx/log.json: no such file or directory): exec: "runc": executable file not found in $PATH: unknown

 


免責聲明!

本站轉載的文章為個人學習借鑒使用,本站對版權不負任何法律責任。如果侵犯了您的隱私權益,請聯系本站郵箱yoyou2525@163.com刪除。



猜您在找 一文搞定 Containerd 的使用 Kubernetes 教程:在 Containerd 容器中使用 GPU 管理 Containerd 容器: ctr 命令使用 Containerd鏡像構建工具以及簡單使用 CentOS7使用yum方式安裝Containerd k8s containerd與docker命令使用對比 使用 Kubeadm+Containerd 部署一個 Kubernetes 集群 Containerd 學習 containerd 導入鏡像 containerd 全面攻略
 
粵ICP備18138465號   © 2018-2025 CODEPRJ.COM