containerd managed opt 目录为用户提供了一种使用现有分发基础架构安装 containerd 依赖项的方法。
随着运行时 v2 和新 shim 的不断构建,将各种 shim 或运行时依赖项下载到一台机器上是一项挑战。
containerd的托管 /opt 目录允许用户创建提供这些依赖项的映像,并使用containerd客户端 API 将它们安装到系统上。
配置:
default: /opt/containerd
containerd config:
version = 2
[plugins."io.containerd.internal.v1.opt"]
path = "/opt/mypath"
用法:
代码:
image, err := client.Pull(ctx, "docker.io/crosbymichael/runc:latest")
client.Install(ctx, image)
选项:
// WithInstallLibs 安装来自镜像的库
func WithInstallLibs(c *InstallConfig) {
}
// WithInstallReplace 替换存在的文件
func WithInstallReplace(c *InstallConfig) {
}
ctr:
ctr content fetch docker.io/crosbymichael/runc:latest
ctr install docker.io/crosbymichael/runc:latest
您可以通过标准镜像命令管理版本并查看运行情况。
镜像:
这些镜像必须小巧,只包含二进制文件和所需的库。
FROM scratch
Add runc /bin/runc
Containerd 默认只提取镜像中 /bin 中的文件,可以添加 Opts 来替换或安装 libs/。
不过,我们建议这些二进制文件是静态的,以减少链接依赖。
该代码添加了一项服务,用于管理 /opt/containerd 目录,并通过自省服务向调用者提供该路径。
如何测试:
从系统中删除 runc.
> sudo ctr run --rm docker.io/library/redis:alpine redis
ctr: OCI runtime create failed: unable to retrieve OCI runtime error (open /run/containerd/io.containerd.runtime.v1.linux/default/redis/log.json: no such file or directory): exec: "runc": executable file not found in $PATH: unknown
> sudo ctr content fetch docker.io/crosbymichael/runc:latest
> sudo ctr install docker.io/crosbymichael/runc:latest
> sudo ctr run --rm docker.io/library/redis:alpine redis
1:C 01 Aug 15:59:52.864 # oO0OoO0OoO0Oo Redis is starting oO0OoO0OoO0Oo
1:C 01 Aug 15:59:52.864 # Redis version=4.0.10, bits=64, commit=00000000, modified=0, pid=1, just started
1:C 01 Aug 15:59:52.864 # Warning: no config file specified, using the default config. In order to specify a config file use redis-server /path/to/redis.conf
1:M 01 Aug 15:59:52.866 # You requested maxclients of 10000 requiring at least 10032 max file descriptors.
1:M 01 Aug 15:59:52.866 # Server can't set maximum open files to 10032 because of OS error: Operation not permitted.
1:M 01 Aug 15:59:52.866 # Current maximum open files is 1024. maxclients has been reduced to 992 to compensate for low ulimit. If you need higher maxclients increase 'ulimit -n'.
1:M 01 Aug 15:59:52.870 * Running mode=standalone, port=6379.
1:M 01 Aug 15:59:52.870 # WARNING: The TCP backlog setting of 511 cannot be enforced because /proc/sys/net/core/somaxconn is set to the lower value of 128.
1:M 01 Aug 15:59:52.870 # Server initialized
1:M 01 Aug 15:59:52.870 # WARNING overcommit_memory is set to 0! Background save may fail under low memory condition. To fix this issue add 'vm.overcommit_memory = 1' to /etc/sysctl.conf and then reboot or run the command 'sysctl vm.overcommit_memory=1' for this to take effect.
1:M 01 Aug 15:59:52.870 # WARNING you have Transparent Huge Pages (THP) support enabled in your kernel. This will create latency and memory usage issues with Redis. To fix this issue run the command 'echo never > /sys/kernel/mm/transparent_hugepage/enabled' as root, and add it to your /etc/rc.local in order to retain the setting after a reboot. Redis must be restarted after THP is disabled.
1:M 01 Aug 15:59:52.870 * Ready to accept connections
^C1:signal-handler (1533139193) Received SIGINT scheduling shutdown...
1:M 01 Aug 15:59:53.472 # User requested shutdown...
1:M 01 Aug 15:59:53.472 * Saving the final RDB snapshot before exiting.
1:M 01 Aug 15:59:53.484 * DB saved on disk
1:M 01 Aug 15:59:53.484 # Redis is now ready to exit, bye bye...
windows平台:
FROM mcr.microsoft.com/windows/nanoserver:1809
ADD runhcs.exe /bin/runhcs.exe
> ctr content fetch docker.io/ameyagawde/runhcs:1809 #containerd 不支持的镜像示例
> ctr install docker.io/ameyagawde/runhcs:1809
windows上对应的 /opt/containerd 是$env:ProgramData\containerd\root\opt
1311
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
