containerd学习第一章：CentOS上安装containerd和使用

风行無痕

已于 2022-10-31 13:00:00 修改

阅读量3.1k

点赞数

分类专栏： K8S 文章标签： centos containerd

于 2022-10-30 22:04:10 首次发布

本文链接：https://blog.csdn.net/gmaaa123/article/details/127605123

版权

K8S 专栏收录该内容

5 篇文章

订阅专栏

五、创建containerd systemd service启动管理文件

六、基本用法

七、报错处理

一、环境说明

系统：CentOS 7.3

软件：containerd 1.6.6

二、下载containerd安装包

这里采用二进制安装的方式。自己去github官网 https://github.com/containerd/containerd/releases 选择并下载对应版本

Containerd GitHub上提供了两种类型的压缩包，containerd-1.6.6-linux-amd64.tar.gz 只包含containerd，不包含依赖包。cri-containerd-cni-1.6.6-linux-amd64.tar.gz 包含containerd以及cri runc等相关工具包。由于 containerd 需要调用 runc，所以我们也需要先安装 runc，所以还是下载cri-containerd-cni-xxx.tar.gz类型的包。本文章是采用单独安装containerd和run，请注意。

服务器可以联网，建议使用 wget命令下载到当前目录

wget https://github.com/containerd/containerd/releases/download/v1.6.6/containerd-1.6.6-linux-amd64.tar.gz

三、解压安装包

解压安装包并复制bin文件夹里面内容到指定目录

tar xvf containerd-1.6.6-linux-amd64.tar.gz
cp /file/containerd/bin/* /usr/bin/

四、生成默认的配置文件

mkdir /etc/containerd
containerd config default > /etc/containerd/config.toml

这里根据需求也可以配置一下镜像加速

五、创建containerd systemd service启动管理文件

vi /usr/lib/systemd/system/containerd.service

下面是文件内容：

[Unit]
Description=containerd container runtime
Documentation=https://containerd.io
After=network.target local-fs.target

[Service]
#uncomment to enable the experimental sbservice (sandboxed) version of containerd/cri integration
#Environment="ENABLE_CRI_SANDBOXES=sandboxed"
ExecStartPre=-/sbin/modprobe overlay
ExecStart=/usr/bin/containerd

Type=notify
Delegate=yes
KillMode=process
Restart=always
RestartSec=5
# Having non-zero Limit*s causes performance problems due to accounting overhead
# in the kernel. We recommend using cgroups to do container-local accounting.
LimitNPROC=infinity
LimitCORE=infinity
LimitNOFILE=infinity
# Comment TasksMax if your systemd version does not supports it.
# Only systemd 226 and above support this version.
TasksMax=infinity
OOMScoreAdjust=-999

[Install]
WantedBy=multi-user.target

启动containerd设置开机自启

systemctl enable containerd --now

查看containerd运行状态

systemctl status containerd

查看containerd版本

containerd --version

安装runc

同样可以通过github直接下载 https://github.com/opencontainers/runc/releases

我们通过wget已经下载到/usr/bin/runc

wget https://github.com/opencontainers/runc/releases/download/v1.1.3/runc.amd64 -O /usr/bin/runc
chmod +x /usr/bin/runc

[root@localhost containerd]# wget https://github.com/opencontainers/runc/releases/download/v1.1.3/runc.amd64 -O /usr/bin/runc
--2022-10-30 10:33:35--  https://github.com/opencontainers/runc/releases/download/v1.1.3/runc.amd64
Resolving github.com (github.com)... 20.205.243.166
Connecting to github.com (github.com)|20.205.243.166|:443... connected.
HTTP request sent, awaiting response... 302 Found
Location: https://objects.githubusercontent.com/github-production-release-asset-2e65be/36960321/49140741-ee77-4524-bbaf-70ec00fd6ffc?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIWNJYAX4CSVEH53A%2F20221030%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20221030T143336Z&X-Amz-Expires=300&X-Amz-Signature=80aeccf1b1540b71a2828bbcc786c47fbf48372c426f60ed2540e250fdaf74bb&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=36960321&response-content-disposition=attachment%3B%20filename%3Drunc.amd64&response-content-type=application%2Foctet-stream [following]
--2022-10-30 10:33:36--  https://objects.githubusercontent.com/github-production-release-asset-2e65be/36960321/49140741-ee77-4524-bbaf-70ec00fd6ffc?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIWNJYAX4CSVEH53A%2F20221030%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20221030T143336Z&X-Amz-Expires=300&X-Amz-Signature=80aeccf1b1540b71a2828bbcc786c47fbf48372c426f60ed2540e250fdaf74bb&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=36960321&response-content-disposition=attachment%3B%20filename%3Drunc.amd64&response-content-type=application%2Foctet-stream
Resolving objects.githubusercontent.com (objects.githubusercontent.com)... 185.199.110.133, 185.199.111.133, 185.199.109.133
Connecting to objects.githubusercontent.com (objects.githubusercontent.com)|185.199.110.133|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 9423264 (9.0M) [application/octet-stream]
Saving to: ?usr/bin/runc?

100%[===============================================================================================================================================================================================================>] 9,423,264    138KB/s   in 3m 35s 

2022-10-30 10:37:12 (42.9 KB/s) - ?usr/bin/runc?saved [9423264/9423264]

[root@localhost containerd]# chmod +x /usr/bin/runc
[root@localhost containerd]#

六、基本用法

6.1拉取镜像

拉取nginx镜像，与docker区别在于拉取官方镜像必须指定镜像的完整名称包括镜像仓库地址

ctr images pull docker.io/library/nginx:latest

[root@localhost containerd]# ctr images pull docker.io/library/nginx:latest
docker.io/library/nginx:latest:                                                   resolved       |++++++++++++++++++++++++++++++++++++++| 
index-sha256:943c25b4b66b332184d5ba6bb18234273551593016c0e0ae906bab111548239f:    done           |++++++++++++++++++++++++++++++++++++++| 
manifest-sha256:06aa2038b42f1502b59b3a862b1f5980d3478063028d8e968f0810b9b0502380: done           |++++++++++++++++++++++++++++++++++++++| 
layer-sha256:8e3ed6a9e43aaf17bc2175fa2c7ae2ee24cff4d32bf82adf1ea689db4dcf15e1:    done           |++++++++++++++++++++++++++++++++++++++| 
config-sha256:76c69feac34e85768b284f84416c3546b240e8cb4f68acbbe5ad261a8b36f39f:   done           |++++++++++++++++++++++++++++++++++++++| 
layer-sha256:e9995326b091af7b3ce352fad4d76cf3a3cb62b7a0c35cc5f625e8e649d23c50:    done           |++++++++++++++++++++++++++++++++++++++| 
layer-sha256:71689475aec267fae8891b2b3d2bef78c6b3d57c077129ff9cd69b6e5253dfa7:    done           |++++++++++++++++++++++++++++++++++++++| 
layer-sha256:f88a23025338bc64e97dc350efac90275df227949d7c835b8b1f6fbc4d2439c0:    done           |++++++++++++++++++++++++++++++++++++++| 
layer-sha256:0df440342e265c89de536643c3376dadf44c810fe2fb2b2ee44711f8661ce531:    done           |++++++++++++++++++++++++++++++++++++++| 
layer-sha256:eef26ceb3309d6e72a4402c3f16b047416adecaf91bc5360ebd4205d1ef5e310:    done           |++++++++++++++++++++++++++++++++++++++| 
elapsed: 35.8s                                                                    total:  54.2 M (1.5 MiB/s)                                       
unpacking linux/amd64 sha256:943c25b4b66b332184d5ba6bb18234273551593016c0e0ae906bab111548239f...
done: 3.023744194s
[root@localhost containerd]#

6.2查看本地的镜像

ctr images ls

[root@localhost containerd]# ctr images ls
REF                            TYPE                                                      DIGEST                                                                  SIZE     PLATFORMS                                                                                               LABELS 
docker.io/library/nginx:latest application/vnd.docker.distribution.manifest.list.v2+json sha256:943c25b4b66b332184d5ba6bb18234273551593016c0e0ae906bab111548239f 54.2 MiB linux/386,linux/amd64,linux/arm/v5,linux/arm/v7,linux/arm64/v8,linux/mips64le,linux/ppc64le,linux/s390x -      
[root@localhost containerd]#

6.3创建容器

ctr c create docker.io/library/nginx:latest nginx-container

6.4后台启动容器

ctr t start -d nginx-container

6.5查看运行的容器

ctr t ls

6.6查看容器

ctr c ls

6.7运行容器

ctr run -t  docker.io/library/nginx:latest container-test bash

七、报错处理

如果运行容器出现下面的报错

[root@localhost containerd]# ctr run -t  docker.io/library/nginx:latest container1 bash
ctr: failed to create shim task: OCI runtime create failed: unable to retrieve OCI runtime error (open /run/containerd/io.containerd.runtime.v2.task/default/container1/log.json: no such file or directory): exec: "runc": executable file not found in $PATH: <nil>: unknown
[root@localhost containerd]#

请确定runc是否已经安装，由于 containerd 需要调用 runc，所以我们也需要先安装 runc。