Container安装与常用命令

二进制安装

安装Containerd

1. 下载Containerd安装包

   下载地址: https://github.com/containerd/containerd/releases

   下载命令

   wget containerd/ https://github.com/containerd/containerd/releases/download/v1.7.19/cri-containerd-cni-1.7.19-linux-amd64.tar.gz

2. 解压Containerd安装包

   mkdir containerd
   tar -zxf cri-containerd-cni-1.7.19-linux-amd64.tar.gz -C /

3. 创建Containerd配置文件

   mkdir -pv /etc/containerd
   containerd config default > /etc/containerd/config.toml

   修改驱动配置

   # 配置systemd为cgroup驱动程序, 140行左右
   SystemdCgroup = true

4. 启动Containerd

   systemctl daemon-reload
   systemctl enable containerd
   systemctl start containerd
   systemctl status containerd

5. 配置镜像加速

   # 创建镜像加速配置目录
   mkdir -pv /etc/containerd/certs.d
   
   # 修改config.toml配置文件, 163行左右, 配置config_path
   vim /etc/containerd/config.toml
   [plugins."io.containerd.grpc.v1.cri".registry]
       config_path = "/etc/containerd/certs.d"
   
   # docker加速
   mkdir -p /etc/containerd/certs.d/docker.io
   cat > /etc/containerd/certs.d/docker.io/hosts.toml << EOF
   server = "https://docker.io"
   [host."https://dockerproxy.com"]
     capabilities = ["pull", "resolve"]
   
   [host."https://docker.m.daocloud.io"]
     capabilities = ["pull", "resolve"]
   
   [host."https://reg-mirror.qiniu.com"]
     capabilities = ["pull", "resolve"]
   
   [host."https://registry.docker-cn.com"]
     capabilities = ["pull", "resolve"]
   
   [host."http://hub-mirror.c.163.com"]
     capabilities = ["pull", "resolve"]
   EOF

6. 验证

   # 使用ctr命令下载镜像, 需要自定加速目录, 这个非常关键
   ctr i pull docker.io/library/busybox:latest
   ctr i pull --hosts-dir=/etc/containerd/certs.d docker.io/library/busybox:latest
   
   或者指定平台
   ctr i pull --hosts-dir=/etc/containerd/certs.d --platform linux/amd64 docker.io/library/nginx:latest
   ctr i pull --hosts-dir=/etc/containerd/certs.d --all-platforms docker.io/library/nginx:latest

安装runC

1. 下载runc

   下载地址: https://github.com/opencontainers/runc/releases

   下载命令:

   wget https://github.com/opencontainers/runc/releases/download/v1.2.0-rc.2/runc.amd64

2. 复制runc命令

   rsync -av runc.amd64  /usr/local/sbin/runc
   chmod +x /usr/local/sbin/runc

常用命令

镜像相关

• 查看/挂载/检查镜像

# 查看镜像
ctr images ls
ctr i ls

#挂载镜像
mkdir /data/mnt
ctr i mount docker.io/library/busybox:latest /data/mnt/
umount /data/mnt

# 检查镜像
ctr i check

• 下载/删除镜像

# 下载
ctr i pull --platform linux/amd64 docker.io/library/nginx:latest
ctr i pull --all-platforms docker.io/library/nginx:latest
或者指定加速目录
ctr i pull --hosts-dir=/etc/containerd/certs.d --platform linux/amd64 docker.io/library/nginx:latest
ctr i pull --hosts-dir=/etc/containerd/certs.d --all-platforms docker.io/library/busybox:latest

#删除
ctr i rm docker.io/library/busybox:latest
ctr i remove docker.io/library/busybox:latest
ctr i delete docker.io/library/busybox:latest

• 导出/导入镜像

# 导出镜像, 指定平台
ctr i export --platform linux/amd64 nginx_amd64.img docker.io/library/nginx:latest

# 导入镜像, 指定平台
ctr i import --platform linux/amd64 nginx_amd64.img

• 修改tag

# 单tag修改
ctr i tag docker.io/library/nginx:latest nginx:latest
# 多tag修改
ctr i tag docker.io/library/nginx:latest nginx:v1.22 192.168.1.2:8005/library/nginx:latest

容器相关

# 查看容器
ctr container ls
ctr c ls
ctr c info nginx

# 管理容器
ctr task ls
ctr t ls
ctr t ps nginx

# 停止容器(动态容器)
ctr t kill nginx

# 删除动态容器
ctr t rm nginx

# 删除静态容器(同时删除动态容器)
ctr c rm nginx

静态容器

# 创建静态容器(使用主机网络)
ctr c create --net-host docker.io/library/nginx:latest nginx

# 查看容器
ctr c ls

# 启动静态容器
ctr t start -d  nginx

# 查看启动容器
ctr t ls

# 进入容器(--exec-id为随机id, 可以用echo $RANDOM生成)
ctr t exec --exec-id 1 nginx /bin/sh

动态容器

# 创建容器
ctr run -d --net-host docker.io/library/nginx:latest nginx

# 查看容器
ctr t ls

# 进入容器
ctr t exec --exec-id 1 nginx /bin/sh