containerd二进制安装

安装版本(在2024年9月10日是新版)

containerd 1.7.22

runc 1.1.12

cni 1.5.1

方式1:yum安装(不推荐)

设置主机名

hostnamectl set-hostname node1 

设置IP

vim /etc/sysconfig/network-scripts/ifcfg-enp0s3
重点设置以下几项

BOOTPROTO="static"
IPADDR=192.168.3.31
NETMASK=255.255.255.0
GATEWAY=192.168.3.1
DNS1=223.5.5.5

获取阿里YUM源

wget https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo -O /etc/yum.repos.d/docker-ce.repo

查询containerd

yum list | grep containerd

安装

yum install -y containerd.io

验证与启动服务

rpm -qa | grep containerd
systemctl enable containerd
systemctl start containerd
systemctl status containerd

测试命令

ctr version

方式2:二进制安装(推荐)

安装之前先了解containerd、cni、runc三者的关系

containerd 作为容器运行时,负责管理容器的生命周期和资源分配。它调用 RunC 来创建和运行容器,并通过调用 CNI 插件为容器配置网络。

54034d57ad166bcc91c0c0ec050995c9.png

设置主机名

hostnamectl set-hostname node1 

设置IP

vim /etc/sysconfig/network-scripts/ifcfg-enp0s3
重点设置以下几项

BOOTPROTO="static"
IPADDR=192.168.3.31
NETMASK=255.255.255.0
GATEWAY=192.168.3.1
DNS1=223.5.5.5

下载文件

containerd 1.7.22
runc 1.1.12
cni 1.5.1

containerd安装

$ tar Cxzvf /usr/local containerd-1.7.22-linux-amd64.tar.gz
bin/
bin/containerd-shim-runc-v2
bin/containerd-shim
bin/ctr
bin/containerd-shim-runc-v1
bin/containerd
bin/containerd-stress

创建containerd服务

mkdir -p /usr/local/lib/systemd/system/
touch /usr/local/lib/systemd/system/containerd.service
vim /usr/local/lib/systemd/system/containerd.service

将官方配置文件写入

官方配置文件

# Copyright The containerd Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

[Unit]
Description=containerd container runtime
Documentation=https://containerd.io
After=network.target local-fs.target

[Service]
ExecStartPre=-/sbin/modprobe overlay
ExecStart=/usr/local/bin/containerd

Type=notify
Delegate=yes
KillMode=process
Restart=always
RestartSec=5

# Having non-zero Limit*s causes performance problems due to accounting overhead
# in the kernel. We recommend using cgroups to do container-local accounting.
LimitNPROC=infinity
LimitCORE=infinity

# Comment TasksMax if your systemd version does not supports it.
# Only systemd 226 and above support this version.
TasksMax=infinity
OOMScoreAdjust=-999

[Install]
WantedBy=multi-user.target

设置开机自启

systemctl daemon-reload
systemctl enable --now containerd

runc安装

# runc安装
install -m 755 runc.amd64 /usr/local/sbin/runc

cni安装

mkdir -p /opt/cni/bin
tar Cxzvf /opt/cni/bin cni-plugins-linux-amd64-v1.5.1.tgz

旧版本配置config.toml

生成默认配置

mkdir /etc/containerd
containerd config default > /etc/containerd/config.toml
vim /etc/containerd/config.toml

修改

"https://xxxxxx.mirror.aliyuncs.com"自己登录阿里云换成自己的链接

# 原来是这样registry.k8s.io/pause:3.8
sandbox_image = "registry.aliyuncs.com/google_containers/pause:3.8"
# 原来是false
SystemdCgroup = true

# 镜像配置
[plugins."io.containerd.grpc.v1.cri".registry.mirrors]
  [plugins."io.containerd.grpc.v1.cri".registry.mirrors."docker.io"]
    endpoint = ["https://xxxxxxxxx.mirror.aliyuncs.com"]
  [plugins."io.containerd.grpc.v1.cri".registry.mirrors."k8s.gcr.io"]
    endpoint = ["registry.aliyuncs.com/google_containers"]
或者是这样
[plugins."io.containerd.grpc.v1.cri".registry.mirrors]
  [plugins."io.containerd.grpc.v1.cri".registry.mirrors."docker.io"]
    endpoint = ["https://xxxxxxxxx.mirror.aliyuncs.com","registry.aliyuncs.com/google_containers"]

高版本hostpath问题

WARN[0000] DEPRECATION: The `mirrors` property of `[plugins."io.containerd.grpc.v1.cri".registry]` is deprecated since containerd v1.5 and will be removed in containerd v2.1. Use `config_path` instead.

官方原文
原文解决方案链接

生成默认配置文件

mkdir /etc/containerd
containerd config default > /etc/containerd/config.toml
vim /etc/containerd/config.toml

创建镜像源配置文件

mkdir -p /etc/containerd/certs.d/docker.io/
cat>/etc/containerd/certs.d/docker.io/hosts.toml<<EOF
server = "https://docker.io"

[host."https://docker.m.daocloud.io"]
  capabilities = ["pull", "resolve"]
[host."https://dockerproxy.com/"]
  capabilities = ["pull", "resolve"]
EOF

systemctl restart containerd.service

设置配置文件位置

[plugins."io.containerd.grpc.v1.cri".registry]
config_path = "/etc/containerd/certs.d"

51a05dfa81df2dec981cbb578d57dc21.png

重启启动

systemctl restart containerd
systemctl status containerd

测试

# docker.io
ctr images pull docker.io/library/ubuntu:latest
ctr images del docker.io/library/ubuntu:latest

# k8s的镜像仓库叫k8s.gcr.io,没配镜像就要指定registry.cn-hangzhou.aliyuncs.com/google_containers
ctr images pull registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.2
ctr images del registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.2

成功

[root@node3 containerd]# ctr images pull docker.io/library/ubuntu:latest
docker.io/library/ubuntu:latest:                                                  resolved       |++++++++++++++++++++++++++++++++++++++|
index-sha256:8a37d68f4f73ebf3d4efafbcf66379bf3728902a8038616808f04e34a9ab63ee:    done           |++++++++++++++++++++++++++++++++++++++|
manifest-sha256:d35dfc2fe3ef66bcc085ca00d3152b482e6cafb23cdda1864154caf3b19094ba: done           |++++++++++++++++++++++++++++++++++++++|
layer-sha256:31e907dcc94a592a57796786399eb004dcbba714389fa615f5efa05a91316356:    done           |++++++++++++++++++++++++++++++++++++++|
config-sha256:edbfe74c41f8a3501ce542e137cf28ea04dd03e6df8c9d66519b6ad761c2598a:   done           |++++++++++++++++++++++++++++++++++++++|
elapsed: 9.9 s                                                                    total:  28.3 M (2.9 MiB/s)
unpacking linux/amd64 sha256:8a37d68f4f73ebf3d4efafbcf66379bf3728902a8038616808f04e34a9ab63ee...
done: 672.496318ms
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包

打赏作者

李南想做条咸鱼

你的鼓励将是我创作的最大动力

¥1 ¥2 ¥4 ¥6 ¥10 ¥20
扫码支付:¥1
获取中
扫码支付

您的余额不足,请更换扫码支付或充值

打赏作者

实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值