Kubernetes officially released an announcement, announcing that the support Docker Currently, the Docker support function in Kubelet is now deprecated and will be removed in a later version.
Look at the picture below (source network)
It can be seen from the above figure that the management and operation of the container by docker So, if you want to docker , then Containerd is a very good first choice.
Today, the migrant worker brother will chat with you about this open source technology Containerd.
Containerd overview
Docker Engine a long time ago, but now it is separated from the Docker Engine. As an independent open source project, the goal is to provide a more open and stable container operation infrastructure. The separated containerd will have more functions, cover all the requirements of the entire container runtime management, and provide stronger support.
Simply put, containerd is an industry-standard container runtime, which emphasizes simplicity, robustness, and portability. containerd can manage the complete container life cycle in the host, including the transmission and storage of container images, the execution and management of containers, storage and networking .
Address: https://github.com/containerd/containerd/
containerd architecture
Among them, the grpc module provides a service interface to the upper layer, and metrics provides monitoring data (cgroup-related data), and both provide services to the upper layer. containerd contains a daemon process that exposes the grpc interface through a local UNIX socket.
The storage part is responsible for the storage, management, and pull of the image. Metadata manages the container and the metadata of the image. It is stored on the disk through bootio. Task - manages the logical structure of the container, interacts with low-level event - events for container operations, The upper level can know what happened through the subscription Runtimes - low-level runtime (connected to runc)
What can Containerd do? ?
- Manage the life cycle of containers (from container creation to container destruction)
- Pull/push container image
- Storage management (manage the storage of image and container data)
- Call runC to run the container (interact with container runtimes such as runC)
- Manage container network interface and network
From the perspective of k8s, containerd is selected as the runtime component, which has a shorter call chain, fewer components, more stability, and takes up less node resources.
The above picture is from the official website of containerd. Containerd can be used as a daemon for Linux and Windows. It manages the complete container life cycle of its host system, from image transmission and storage to container execution and supervision, to low-level storage to network attachments, and so on.
installation
Download : 160cabac16e859 https://containerd.io/downloads/
[root@centos7 ~]# wget https://github.com/containerd/containerd/releases/download/v1.5.2/containerd-1.5.2-linux-amd64.tar.gz
[root@centos7 ~]# tar zxf containerd-1.5.2-linux-amd64.tar.gz -C /usr/local/
#通过上面的操作,将containerd 安装至/usr/local/bin目录下
[root@centos7 ~]# cd /usr/local/bin/
[root@centos7 bin]# ll
total 98068
-rwxr-xr-x 1 root root 214432 Mar 29 05:20 bpytop
-rwxr-xr-x 1 1001 116 49049696 May 19 12:56 containerd
-rwxr-xr-x 1 1001 116 6434816 May 19 12:56 containerd-shim
-rwxr-xr-x 1 1001 116 8671232 May 19 12:57 containerd-shim-runc-v1
-rwxr-xr-x 1 1001 116 8683520 May 19 12:57 containerd-shim-runc-v2
-rwxr-xr-x 1 1001 116 27230976 May 19 12:56 ctr
lrwxrwxrwx 1 root root 6 Mar 28 00:13 nc -> netcat
-rwxr-xr-x 1 root root 126800 Mar 28 00:13 netcatGenerate default configuration file
[root@centos7 bin]# containerd config default > /etc/containerd/config.toml
[root@centos7 bin]# ll /etc/containerd/config.toml
-rw-r--r-- 1 root root 6069 Jun 4 14:47 /etc/containerd/config.tomlConfigure containerd to run as a service
[root@centos7 ~]# touch /lib/systemd/system/containerd.service
[root@centos7 bin]# vim /lib/systemd/system/containerd.service
[Unit]
Description=containerd container runtime
Documentation=https://containerd.io
After=network.target
[Service]
ExecStartPre=/sbin/modprobe overlay
ExecStart=/usr/local/bin/containerd
Delegate=yes
KillMode=process
LimitNOFILE=1048576
# Having non-zero Limit*s causes performance problems due to accounting overhead
# in the kernel. We recommend using cgroups to do container-local accounting.
LimitNPROC=infinity
LimitCORE=infinity
[Install]
WantedBy=multi-user.targetStart service
[root@centos7 ~]# systemctl daemon-reload
[root@centos7 ~]# systemctl start containerd.service
[root@centos7 ~]# systemctl status containerd.service
containerd use
In fact, history of the lightest Kubernetes release K3s default including the containerd, Flannel, CoreDNS components.
- ctr: is the CLI of containerd itself
- crictl: is a specialized CLI tool defined by the Kubernetes community
[root@centos7 ~]# ctr version
Client:
Version: v1.5.2
Revision: 36cc874494a56a253cd181a1a685b44b58a2e34a
Go version: go1.16.4
Server:
Version: v1.5.2
Revision: 36cc874494a56a253cd181a1a685b44b58a2e34a
UUID: ebe42dac-40ae-4af1-99b0-52e61728c918help information
[root@centos7 ~]# ctr --help
NAME:
ctr -
__
_____/ /______
/ ___/ __/ ___/
/ /__/ /_/ /
\___/\__/_/
containerd CLI
USAGE:
ctr [global options] command [command options] [arguments...]
VERSION:
v1.5.2
DESCRIPTION:
ctr is an unsupported debug and administrative client for interacting
with the containerd daemon. Because it is unsupported, the commands,
options, and operations are not guaranteed to be backward compatible or
stable from release to release of the containerd project.
COMMANDS:
plugins, plugin provides information about containerd plugins
version print the client and server versions
containers, c, container manage containers
content manage content
events, event display containerd events
images, image, i manage images
leases manage leases
namespaces, namespace, ns manage namespaces
pprof provide golang pprof outputs for containerd
run run a container
snapshots, snapshot manage snapshots
tasks, t, task manage tasks
install install a new package
oci OCI tools
shim interact with a shim directly
help, h Shows a list of commands or help for one command
GLOBAL OPTIONS:
--debug enable debug output in logs
--address value, -a value address for containerd's GRPC server (default: "/run/containerd/containerd.sock") [$CONTAINERD_ADDRESS]
--timeout value total timeout for ctr commands (default: 0s)
--connect-timeout value timeout for connecting to containerd (default: 0s)
--namespace value, -n value namespace to use with commands (default: "default") [$CONTAINERD_NAMESPACE]
--help, -h show help
--version, -v print the versionView and delete
[root@centos7 ~]# ctr container list
CONTAINER IMAGE RUNTIME
nginx docker.io/library/nginx:alpine io.containerd.runc.v2
[root@centos7 ~]# ctr container del nginx
[root@centos7 ~]# ctr container list
CONTAINER IMAGE RUNTIME pull image file
[root@centos7 ~]# ctr images pull docker.io/library/nginx:alpineView the list of image files
[root@centos7 ~]# ctr images list
REF TYPE DIGEST SIZE PLATFORMS LABELS
docker.io/library/nginx:alpine application/vnd.docker.distribution.manifest.list.v2+json sha256:0f8595aa040ec107821e0409a1dd3f7a5e989501d5c8d5b5ca1f955f33ac81a0 9.4 MiB linux/386,linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64/v8,linux/ppc64le,linux/s390x - Run the container
[root@centos7 ~]# ctr run -d docker.io/library/nginx:alpine nginx
[root@centos7 ~]# ctr container list
CONTAINER IMAGE RUNTIME
nginx docker.io/library/nginx:alpine io.containerd.runc.v2 After a round of use, it is basically the same as the docker command . There is no big learning cost in use. Therefore, whether Kubernetes supports docker , for our users, there is no big problem.
For more related introductions and practical operation guides, you can refer to the official documents, which have detailed instructions for use.
程序员
**粗体** _斜体_ [链接](http://example.com) `代码` - 列表 > 引用。你还可以使用@来通知其他用户。