- 首页 > it技术 > >
- 参考文档
https://github.com/containerd/containerd/blob/master/README.md
https://github.com/opencontainers/runc/blob/master/README.md
https://github.com/opencontainers/runtime-spec/blob/master/config.md
https://godoc.org/github.com/containerd/containerd/cmd/ctr/commands
文章图片
containerd.png
- 编译containerd/runc
- 在云厂商购买一台虚拟机,绑fip(116.196.115.229)
- 登录vm安装go,并设置GOROOT/GOPATH环境变量
[root@containerd bin]# wget https://dl.google.com/go/go1.12.5.linux-amd64.tar.gz
[root@containerd bin]# tar -xvf go1.12.5.linux-amd64.tar.gz -C /usr/local
[root@containerd bin]# /usr/local/go/bin/go version
go version go1.12.5 linux/amd64
编辑/root/.bash_profile文件,添加如下设置后sourcePATH=$PATH:/usr/local/go/bin
export PATH
export GOROOT=/usr/local/go/
export GOPATH=/root/go[root@containerd ~]# source .bash_profile
- Build the development environment
[root@containerd ~]# go get github.com/containerd/containerd
[root@containerd ~]# wget -c https://github.com/google/protobuf/releases/download/v3.5.0/protoc-3.5.0-linux-x86_64.zip
[root@containerd ~]# unzip protoc-3.5.0-linux-x86_64.zip -d /usr/local
[root@containerd ~]# yum install -y btrfs-progs-devel libseccomp-devel
- 编译runc
[root@containerd ~]# go get github.com/opencontainers/runc[root@containerd containerd]# cd $GOPATH/src/github.com/opencontainers/runc
[root@containerd runc]# make
go build -buildmode=pie -ldflags "-X main.gitCommit="eb4aeed24ffbf8e2d740fafea39d91faa0ee84d0" -X main.version=1.0.0-rc8+dev " -tags "seccomp" -o runc .
[root@containerd runc]# make install
install -D -m0755 runc /usr/local/sbin/runc [root@containerd runc]# ls -rtl /usr/local/sbin
total 11752
-rwxr-xr-x 1 root root 12031832 May 10 17:33 runc
[root@containerd runc]# runc --version
runc version 1.0.0-rc8+dev
commit: eb4aeed24ffbf8e2d740fafea39d91faa0ee84d0
spec: 1.0.1-dev
- 编译containerd
[root@containerd runc]# cd $GOPATH/src/github.com/containerd/containerd
[root@containerd containerd]# make
+bin/ctr
+bin/containerd
+bin/containerd-stress
+bin/containerd-shim
+bin/containerd-shim-runc-v1
+bin/containerd-shim-runc-v2
+binaries
[root@containerd containerd]# make install
+install bin/ctr bin/containerd bin/containerd-stress bin/containerd-shim bin/containerd-shim-runc-v1 bin/containerd-shim-runc-v2
[root@containerd containerd]# ls -rtl /usr/local/bin
total 133152
-rwxr-x--- 1 root root 4433736 Nov 14 2017 protoc
-rwxr-xr-x 1 root root 29709728 May 10 17:35 ctr
-rwxr-xr-x 1 root root 51831136 May 10 17:35 containerd
-rwxr-xr-x 1 root root 25094688 May 10 17:35 containerd-stress
-rwxr-xr-x 1 root root 7302016 May 10 17:35 containerd-shim
-rwxr-xr-x 1 root root 8980256 May 10 17:35 containerd-shim-runc-v1
-rwxr-xr-x 1 root root 8980320 May 10 17:35 containerd-shim-runc-v2
[root@containerd containerd]# containerd --version
containerd github.com/containerd/containerd v1.2.0-551-g57fbb16 57fbb16234fa6c8a61e5e907a4148ea3b05bce1d
- containerd以daemon方式运行
a.准备containered.service文件
[root@containerd ~]# cat /usr/lib/systemd/system/containerd.service
[Unit]
Description=containerd container runtime
Documentation=https://containerd.io
After=network.target
[Service]
ExecStartPre=-/sbin/modprobe overlay
ExecStart=/usr/local/bin/containerd
Delegate=yes
KillMode=process
LimitNPROC=infinity
LimitCORE=infinity
LimitNOFILE=1048576
[Install]
WantedBy=multi-user.target
[Install]
WantedBy=multi-user.target
b.enable设置开机自启动
[root@containerd system]# systemctl enable containerd.service
Created symlink from /etc/systemd/system/multi-user.target.wants/containerd.service to /usr/lib/systemd/system/containerd.service.
c.准备containerd配置文件
[root@containerd ~]# cat /etc/containerd/config.toml
subreaper = true
oom_score = -999
[debug]
level = "debug"
[metrics]
address = "127.0.0.1:1338"
[plugins.linux]
runtime = "runc"
shim_debug = true
d.启动containerd服务
[root@containerd system]# systemctl start containerd.service
- 准备rootfs和spec
找另外一台安装了整套docker的机器(此处用本地oracle linux vm 10.12.162.67),制作测试所需的rootfs(bundle)文件
1.创建 busybox/rootfs目录
[root@localhost ~]# mkdir -p busybox/rootfs
2.拉取busybox镜像
[root@localhost ~]# docker pull busybox
Using default tag: latest
latest: Pulling from library/busybox
53071b97a884: Pull complete
Digest: sha256:32f65f5aae307c171fc69ce52be3c8b09675164a610a88efa607449311186378
Status: Downloaded newer image for busybox:latest
3.创建docker
[root@localhost ~]# docker create --name tempbusybox busybox
85b6e32db75da001669656b452a9a65fc2de7f1a9faac95c5aedf6de1127fa15
4.导出rootfs和spec
[root@localhost ~]# docker export tempbusybox | tar -C busybox/rootfs -xf -
[root@localhost ~]# cd busybox/ && /usr/bin/docker-runc spec
[root@localhost busybox]# ls
config.json rootfs
[root@localhost busybox]# ls rootfs/
bin dev etc home proc root sys tmp usr var
5.将rootfs和spec 拷贝到containered测试节点 116.196.115.229
[root@localhost ~]# scp -r busybox/ root@116.196.115.229:/root
- 测试
【containerd学习】1.[root@containerd busybox]# cd /root/busybox
2.利用containerd cli (/usr/local/bin/ctr)运行容器
[root@containerd busybox]# ctr run -t -d --rootfs rootfs busybox /bin/sh
[root@containerd busybox]# ctr container list
CONTAINER IMAGE RUNTIME
busybox - io.containerd.runtime.v1.linux
[root@containerd busybox]# ps -ef |grep container
root 9539 1 0 21:22 ? 00:00:03 /usr/local/bin/containerd
root 15285 9539 0 22:02 ? 00:00:00 containerd-shim -namespace default -workdir /var/lib/containerd/io.containerd.runtime.v1.linux/default/busybox -address /run/containerd/containerd.sock -containerd-binary /usr/local/bin/containerd -debug
3.登录容器验证
[root@containerd busybox]# ctr tasks list
TASK PID STATUS
busybox 15301 RUNNING
[root@containerd busybox]# ctr tasks exec -t --exec-id 15301 busybox /bin/sh
/ # hostname
containerd
/ # ip a
1: lo: mtu 65536 qdisc noqueue qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
4.stop容器
[root@containerd busybox]# ctr tasks kill --signal 9 busybox
[root@containerd busybox]# ctr tasks list
TASK PID STATUS
busybox 15301 STOPPED
5.删除容器
[root@containerd busybox]# ctr container delete busybox
[root@containerd busybox]# ctr container list
CONTAINER IMAGE RUNTIME
推荐阅读
