安裝Containerd.io
1、Containerd.io 要求 CentOS 系統的內核版本高於 3.10 ,查看本頁面的前提條件來驗證你的CentOS 版本是否支持 Containerd.io 。
通過 **uname -r **命令查看你當前的內核版本
[root@k8s-master ~]# uname -r
4.18.0-80.el8.x86_64
2、使用 root 權限登錄 Centos。確保 yum 包更新到最新。
[root@k8s-master ~]# yum updateRepository AppStream is listed more than once in the configuration
Repository BaseOS is listed more than once in the configuration
Repository extras is listed more than once in the configuration
Repository PowerTools is listed more than once in the configuration
Repository centosplus is listed more than once in the configuration
Last metadata expiration check: 0:09:18 ago on Fri 25 Dec 2020 09:04:58 PM CST.
Dependencies resolved.
Nothing to do.
Complete!
[root@k8s-master ~]#
3、爲了解決 podman 衝突的問題 ,可以先執行如下命令:
[root@k8s-master ~]# yum erase podman buildah -y
4、安裝containerd.io
[root@k8s-master ~]# yum install https://download.docker.com/linux/centos/8/x86_64/stable/Packages/containerd.io-1.4.9-3.1.el8.x86_64.rpm -y
⚠️此命令可能由於下載超時無法安裝,可以先本地下載好安裝包,進行離線安裝,命令 yum install containerd.io-1.4.9-3.1.el8.x86_64.rpm -y
5、生成默認配置,並修改默認鏡像地址
[root@k8s-master ~]# cd /etc/containerd
[root@k8s-master ~]# ls
config.toml
[root@k8s-master ~]# containerd config default | tee config.toml
..........
............
# 重啓 containerd
[root@k8s-master ~]# systemctl restart containerd
Failed to restart containerd.service: Access denied
See system logs and 'systemctl status containerd.service' for details.
# 如果出現上面的錯誤,則執行如下命令
[root@k8s-master ~]# kill -TERM 1
# 然後再次執行重啓
[root@k8s-master ~]# systemctl restart containerd
使用 systemdcgroup 驅動程序
結合runc使用systemdcgroup 驅動,在/etc/containerd/config.toml中設置
[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc]
...
[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc.options]
SystemdCgroup = true
endpoint = ["https://gj9l74ds.mirror.aliyuncs.com"]
如果您應用此更改,請確保再次重新啓動 containerd:
systemctl restart containerd
6、運行命令並驗證
containerd 相比於docker , 多了namespace概念, 每個image和container 都會在各自的namespace下可見, 目前k8s會使用k8s.io 作爲命名空間:ctr ns ls 可以查看命名空間
ctr 是containerd 提供的命令行工具,更多命令說明請執行:ctr -h
[root@k8s-master ~]# ctr -h
NAME:
ctr -
__
_____/ /______
/ ___/ __/ ___/
/ /__/ /_/ /
\___/\__/_/
containerd CLI
USAGE:
ctr [global options] command [command options] [arguments...]
VERSION:
1.4.9
DESCRIPTION:
ctr is an unsupported debug and administrative client for interacting
with the containerd daemon. Because it is unsupported, the commands,
options, and operations are not guaranteed to be backward compatible or
stable from release to release of the containerd project.
COMMANDS:
plugins, plugin provides information about containerd plugins
version print the client and server versions
containers, c, container manage containers
content manage content
events, event display containerd events
images, image, i manage images
leases manage leases
namespaces, namespace, ns manage namespaces
pprof provide golang pprof outputs for containerd
run run a container
snapshots, snapshot manage snapshots
tasks, t, task manage tasks
install install a new package
oci OCI tools
shim interact with a shim directly
help, h Shows a list of commands or help for one command
GLOBAL OPTIONS:
--debug enable debug output in logs
--address value, -a value address for containerd's GRPC server (default: "/run/containerd/containerd.sock") [$CONTAINERD_ADDRESS]
--timeout value total timeout for ctr commands (default: 0s)
--connect-timeout value timeout for connecting to containerd (default: 0s)
--namespace value, -n value namespace to use with commands (default: "default") [$CONTAINERD_NAMESPACE]
--help, -h show help
--version, -v print the version
[root@k8s-master ~]#