首页 > 其他分享 >containerd 容器

containerd 容器

时间:2022-11-07 23:23:44浏览次数:40  
标签:容器 cgroup containerd nginx io vultr root amd64

#containerd管理操作

yum -y install libseccomp-devel
wget https://github.com/containerd/containerd/releases/download/v1.5.7/cri-containerd-cni-1.5.7-linux-amd64.tar.gz
tar -zxf cri-containerd-cni-1.5.7-linux-amd64.tar.gz -C /
mkdir -p /etc/containerd
containerd config default > /etc/containerd/config.toml
systemctl enable containerd --now
systemctl status containerd
systemctl restart containerd
ctr version
ctr plugin ls 查看插件列表
[plugins."io.containerd.grpc.v1.cri".registry.mirrors]
[plugins."io.containerd.grpc.v1.cri".registry.mirrors."docker.io"]
endpoint = ["https://bqr1dr1n.mirror.aliyuncs.com"]
[plugins."io.containerd.grpc.v1.cri".registry.mirrors."k8s.gcr.io"]
endpoint = ["https://registry.aliyuncs.com/k8sxio"]

 


[root@vultr ~]# ctr image pull docker.io/library/nginx:alpine
docker.io/library/nginx:alpine: resolved |++++++++++++++++++++++++++++++++++++++|
index-sha256:2452715dd322b3273419652b7721b64aa60305f606ef7a674ae28b6f12d155a3: exists |++++++++++++++++++++++++++++++++++++++|
manifest-sha256:fcba10206c0e29bc2c6c5ede2d64817c113de5bfaecf908b3b7b158a89144162: exists |++++++++++++++++++++++++++++++++++++++|
layer-sha256:2806408d582ebcfd09c12dc43d07148e367d606a72116630d31ed472feb59d62: exists |++++++++++++++++++++++++++++++++++++++|
config-sha256:b997307a58ab5b542359e567c9f77bb2a7cc3da1432baf6de2b3ae3e7b872070: exists |++++++++++++++++++++++++++++++++++++++|
layer-sha256:213ec9aee27d8be045c6a92b7eac22c9a64b44558193775a1a7f626352392b49: exists |++++++++++++++++++++++++++++++++++++++|
layer-sha256:ae98275d0ecb61b725943a77d453c4de98444b1752482861a5c1e57e350a70b5: exists |++++++++++++++++++++++++++++++++++++++|
layer-sha256:121e2d9f6af29eabd4ae2a52625c5a00d1208589259c989b4842f82b29aceff9: exists |++++++++++++++++++++++++++++++++++++++|
layer-sha256:6a07d505af0fac2dc907688187e796549a8d294dac1fa4ef0dbdcfea640b2f9b: exists |++++++++++++++++++++++++++++++++++++++|
layer-sha256:3e8957b70867da3e0f1f0a51f96c3c666fefb635648f6dc168f8fbc1b58e72c7: exists |++++++++++++++++++++++++++++++++++++++|
elapsed: 0.4 s total: 0.0 B (0.0 B/s)
unpacking linux/amd64 sha256:2452715dd322b3273419652b7721b64aa60305f606ef7a674ae28b6f12d155a3...
done: 8.007935ms

ctr image tag docker.io/library/nginx:alpine harbor.k8s.local/course/nginx:alpine 打标签
ctr image rm harbor.k8s.local/course/nginx:alpine 删除镜像
ctr image ls -q

[root@vultr ~]# ctr image mount docker.io/library/nginx:alpine /root/ctrdemo/ 挂载镜像到目录
sha256:43695da83088569e26588846489304f12e5fe836330b5e8e52e96276bf767159
/root/ctrdemo/

ctr i export --platform linux/amd64 nginx.tar.gz docker.io/library/nginx:alpine 导出镜像nginx.tar.gz

#创建容器
ctr c create docker.io/library/nginx:alpine nginx
#查看容器信息
ctr c info nginx
#启动容器
[root@vultr ~]# ctr task start -d nginx
/docker-entrypoint.sh: /docker-entrypoint.d/ is not empty, will attempt to perform configuration
/docker-entrypoint.sh: Looking for shell scripts in /docker-entrypoint.d/
/docker-entrypoint.sh: Launching /docker-entrypoint.d/10-listen-on-ipv6-by-default.sh
#查看容器进程
[root@vultr ~]# ctr task ls
TASK PID STATUS
nginx 13207 RUNNING
#进入容器
[root@vultr ~]# ctr task exec --exec-id 1 -t nginx sh

#暂停这个容器
[root@vultr ~]# ctr task pause nginx
#恢复容器
[root@vultr ~]# ctr task resume nginx

#查看容器内存 cpu信息
[root@vultr ~]# ctr task metrics nginx
ID TIMESTAMP
nginx 2022-11-07 04:35:59.11390163 +0000 UTC

METRIC VALUE
memory.usage_in_bytes 2727936
memory.limit_in_bytes 9223372036854771712
memory.stat.cache 1339392
cpuacct.usage 34855699
cpuacct.usage_percpu [34855699]
pids.current 2
pids.limit 0

#查看在宿主机的上的pid
[root@vultr ~]# ctr task ps nginx
PID INFO
13207 -
13244 -

#安装管理命令 nerdctl
wget https://github.com/containerd/nerdctl/releases/download/v1.0.0/nerdctl-1.0.0-linux-amd64.tar.gz
mv nerdctl usr/local/bin
[root@vultr ~]# ctr -n moby container ls
CONTAINER IMAGE RUNTIME


#安装网络插件cni
https://github.com/containernetworking/plugins/releases
下载安装cni,并解压到/usr/local/cni/bin目录下
root@containerd:/tools# mkdir /opt/cni/bin -p
root@containerd:/tools# tar xf cni-plugins-linux-amd64-v1.1.1.tgz -C /opt/cni/bin/

#nerdctl进入容器
[root@vultr ~]# ctr c ls
CONTAINER IMAGE RUNTIME
e5d4d004aa105f6675cc9d1f8fa850cef5ef034ac8c6cf6ec11921c89ee51063 docker.io/library/nginx:alpine io.containerd.runc.v2
nginx docker.io/library/nginx:alpine io.containerd.runc.v2
[root@vultr ~]# nerdctl exec -it e5d4d004aa105f6675cc9d1f8fa850cef5ef034ac8c6cf6ec11921c89ee51063 /bin/sh

#查看容器
[root@vultr ~]# nerdctl ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
e5d4d004aa10 docker.io/library/nginx:alpine "/docker-entrypoint.…" 9 minutes ago Up 0.0.0.0:80->80/tcp nginx
nginx docker.io/library/nginx:alpine "/docker-entrypoint.…" 2 hours ago Up

#查看日志
[root@vultr ~]# ctr c ls
CONTAINER IMAGE RUNTIME
e5d4d004aa105f6675cc9d1f8fa850cef5ef034ac8c6cf6ec11921c89ee51063 docker.io/library/nginx:alpine io.containerd.runc.v2
nginx docker.io/library/nginx:alpine io.containerd.runc.v2
[root@vultr ~]# nerdctl logs -f e5d4d004aa105f6675cc9d1f8fa850cef5ef034ac8c6cf6ec11921c89ee51063

#查看几行日志
[root@vultr ~]# nerdctl logs -f e5d4d004aa105f6675cc9d1f8fa850cef5ef034ac8c6cf6ec11921c89ee51063 -n 1200

#nerdctl 打标签
[root@vultr ~]# nerdctl images
REPOSITORY TAG IMAGE ID CREATED PLATFORM SIZE BLOB SIZE
busybox latest 6bdd92bf5240 5 minutes ago linux/amd64 1.3 MiB 759.1 KiB
harbor.k8s.io latest 2452715dd322 About a minute ago linux/amd64 26.4 MiB 9.8 MiB
harbor.k9s.io latest 2452715dd322 4 seconds ago linux/amd64 26.4 MiB 9.8 MiB
nginx alpine 2452715dd322 3 hours ago linux/amd64 26.4 MiB 9.8 MiB
harbor.k8s.local latest 2452715dd322 3 hours ago linux/amd64 26.4 MiB 9.8 MiB
[root@vultr ~]# nerdctl tag nginx:alpine harbor.k9s.io


#导出镜像nerdctl
[root@vultr ~]# nerdctl images
REPOSITORY TAG IMAGE ID CREATED PLATFORM SIZE BLOB SIZE
busybox latest 6bdd92bf5240 5 minutes ago linux/amd64 1.3 MiB 759.1 KiB
harbor.k8s.io latest 2452715dd322 About a minute ago linux/amd64 26.4 MiB 9.8 MiB
harbor.k9s.io latest 2452715dd322 4 seconds ago linux/amd64 26.4 MiB 9.8 MiB
nginx alpine 2452715dd322 3 hours ago linux/amd64 26.4 MiB 9.8 MiB
harbor.k8s.local latest 2452715dd322 3 hours ago linux/amd64 26.4 MiB 9.8 MiB
[root@vultr ~]# nerdctl tag nginx:alpine harbor.k9s.io^C
[root@vultr ~]# nerdctl save -o busybox.tar.gz busybox

#删除镜像
[root@vultr ~]# nerdctl rmi busybox
Untagged: docker.io/library/busybox:latest@sha256:6bdd92bf5240be1b5f3bf71324f5e371fe59f0e153b27fa1f1620f78ba16963c
Deleted: sha256:0438ade5aeea533b00cd75095bec75fbc2b307bace4c89bb39b75d428637bcd8
[root@vultr ~]# nerdctl images
REPOSITORY TAG IMAGE ID CREATED PLATFORM SIZE BLOB SIZE
harbor.k8s.io latest 2452715dd322 5 minutes ago linux/amd64 26.4 MiB 9.8 MiB
harbor.k9s.io latest 2452715dd322 4 minutes ago linux/amd64 26.4 MiB 9.8 MiB
nginx alpine 2452715dd322 3 hours ago linux/amd64 26.4 MiB 9.8 MiB
harbor.k8s.local latest 2452715dd322 3 hours ago linux/amd64 26.4 MiB 9.8 MiB

#导入镜像
[root@vultr ~]# nerdctl load -i busybox.tar.gz
unpacking docker.io/library/busybox:latest (sha256:6bdd92bf5240be1b5f3bf71324f5e371fe59f0e153b27fa1f1620f78ba16963c)...
Loaded image: docker.io/library/busybox:latest[root@vultr ~]# ls

[root@vultr ~]# nerdctl images
REPOSITORY TAG IMAGE ID CREATED PLATFORM SIZE BLOB SIZE
busybox latest 6bdd92bf5240 10 seconds ago linux/amd64 1.3 MiB 759.1 KiB
harbor.k8s.io latest 2452715dd322 6 minutes ago linux/amd64 26.4 MiB 9.8 MiB
harbor.k9s.io latest 2452715dd322 5 minutes ago linux/amd64 26.4 MiB 9.8 MiB
nginx alpine 2452715dd322 3 hours ago linux/amd64 26.4 MiB 9.8 MiB
harbor.k8s.local latest 2452715dd322 3 hours ago linux/amd64 26.4 MiB 9.8 MiB

#安装buildkit
https://github.com/moby/buildkit/releases/download/v0.10.5/buildkit-v0.10.5.linux-amd64.tar.gz
mv bin/* /usr/local/bin
cat > /etc/systemd/system/buildkit.service << 'EOF'
[Unit]
Description=BuildKit
Documentation=https://github.com/moby/buildkit

[Service]
ExecStart=/usr/local/bin/buildkitd --oci-worker=false --containerd-worker=true

[Install]
WantedBy=multi-user.target
EOF
[root@vultr ~]# systemctl daemon-reload
[root@vultr ~]# systemctl enable buildkit --now

#构建镜像
nerdctl build -t nginx:nerd -f Dockerfile .

#运行容器
[root@vultr ~]# nerdctl run -d -p 81:81 --name=ngixx nginx:nerd
a3f28f1babcb13beb7986f77be17658c0c4a002aefafaff5ca752672824b1927

#查看cgroup
[root@vultr ~]# cat /proc/cgroups
#subsys_name hierarchy num_cgroups enabled
cpuset 5 7 1
cpu 7 61 1
cpuacct 7 61 1
memory 8 61 1
devices 3 61 1
freezer 2 7 1
net_cls 6 7 1
blkio 4 61 1
perf_event 11 7 1
hugetlb 10 7 1
pids 9 61 1
net_prio 6 7 1
[root@vultr ~]# df -h |grep cgroup
tmpfs 496M 0 496M 0% /sys/fs/cgroup
[root@vultr ~]# mount --type cgroup
cgroup on /sys/fs/cgroup/systemd type cgroup (rw,nosuid,nodev,noexec,relatime,xattr,release_agent=/usr/lib/systemd/systemd-cgroups-agent,name=systemd)
cgroup on /sys/fs/cgroup/freezer type cgroup (rw,nosuid,nodev,noexec,relatime,freezer)
cgroup on /sys/fs/cgroup/devices type cgroup (rw,nosuid,nodev,noexec,relatime,devices)
cgroup on /sys/fs/cgroup/blkio type cgroup (rw,nosuid,nodev,noexec,relatime,blkio)
cgroup on /sys/fs/cgroup/cpuset type cgroup (rw,nosuid,nodev,noexec,relatime,cpuset)
cgroup on /sys/fs/cgroup/net_cls,net_prio type cgroup (rw,nosuid,nodev,noexec,relatime,net_prio,net_cls)
cgroup on /sys/fs/cgroup/cpu,cpuacct type cgroup (rw,nosuid,nodev,noexec,relatime,cpuacct,cpu)
cgroup on /sys/fs/cgroup/memory type cgroup (rw,nosuid,nodev,noexec,relatime,memory)
cgroup on /sys/fs/cgroup/pids type cgroup (rw,nosuid,nodev,noexec,relatime,pids)
cgroup on /sys/fs/cgroup/hugetlb type cgroup (rw,nosuid,nodev,noexec,relatime,hugetlb)
cgroup on /sys/fs/cgroup/perf_event type cgroup (rw,nosuid,nodev,noexec,relatime,perf_event)

标签:容器,cgroup,containerd,nginx,io,vultr,root,amd64
From: https://www.cnblogs.com/zhangcaiwang1/p/16867870.html

相关文章

  • Spring的IoC容器之BeanFactory
    SpringIoC容器之BeanFactory首先,Spring提供了两种容器类型:BeanFactory和ApplicationContext。BeanFactory:基础容器类型,提供了完整的IoC服务支持。默认采用延迟......
  • Docker 安装 nginx 并启动容器
    docker拉取Nginx镜像dockerpullnginx:latest拉取完成查看:dockerimages准备工作先在主机创建工作文件夹,为了挂载配置和静态文件的访问使用#启动一个容器docker......
  • Docker容器实战十四:Docker Compose介绍
    在前面的介绍中我们都是以单个容器为例来进行演示。但在实际的生产环境中,一个应用往往会有多个组件,并分别运行在不同的容器。在这种多容器的场景下,使用Docker客户端进行管理......
  • docker容器配置独立ip
    一般安装docker后都会通过端口转发的方式使用网络,比如“-p2294:22”就将2294抓发到22端口来提供sftp服务,这样使用起来没有问题。但端口号很难记忆,如果前边有nginx等......
  • docker容器中安装vim
    1.进入容器dockerexec-it<容器名称/id>bash 2.进入apt-get配置目录cd/etc/apt 3.执行备份命令cpsources.listsources.list.bak 4.查看版本cat/etc/o......
  • 跨主机Docker容器通信的学习
    背景骨折在家找自己的人比较少.又因为出不去也没法做运动,就不如将之前没学习深入的地方学习下先是进行Docker搭建rediscluster的处理.当时发现必须使用--net=host......
  • 自建docker hub 容器缓存加速器下 的nginx 配置
    文档说明:只记录关键地方;dockerhub加速器nginx配置要求加速器只允许GETHEAD请求方法只允许docker-library/official-images通过加速器控制允许通过加速器......
  • OpenEuler2203 基于容器和本地文件部署Redis Cluster的过程以及简单性能测试
    背景其实文件搭建和集群搭建没有任何区别这次用先用容器搭建出来,然后测试一下性能想着再使用本地部署的方式搭建一下.两项验证容器和基于文件的搭建的性能差异部分资......
  • holy shit CSDN 云容器
    holyshitCSDN云容器https://gitcode.net/-/snippets/2447https://blog.csdn.net/u010317382?type=collecthttps://bbs.csdn.net/topics/608979714容器为什么一直无......
  • docker构建容器时 容器内使用代理
    build容器时使用代理demo1使用前指定env使用后记得清空,否则会影响使用容器时的网络catdockerfile-->FROMjenkins/jenkins:2.289.2-lts-jdk11USERr......