mirrors
/
kubernetes-the-hard-way
mirror of https://github.com/kelseyhightower/kubernetes-the-hard-way
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

update containerd config

pull/863/head
Ruslan Savchuk 2025-03-30 22:40:41 +02:00
parent 09e3d0e5a1
commit 7f7c3d80f5
1 changed files with 47 additions and 49 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

96
docs/01-container-runtime.md
View File

@ -21,32 +21,28 @@ First of all we need to download runc binaries
```bash ```bash
wget -q --show-progress --https-only --timestamping \ wget -q --show-progress --https-only --timestamping \
https://github.com/opencontainers/runc/releases/download/v1.0.0-rc93/runc.amd64 https://github.com/opencontainers/runc/releases/download/v1.2.6/runc.amd64
``` ```
After the download process is complete, we need to move runc binaries to proper folder After the download process is complete, we need to move runc binaries to proper folder
```bash ```bash
{ mv runc.amd64 runc \
sudo mv runc.amd64 runc && chmod +x runc \
chmod +x runc && mv runc /usr/local/bin/
sudo mv runc /usr/local/bin/
}
``` ```
Now, as we have runc configured, we can run busybox container Now, as we have runc configured, we can run busybox container
```bash ```bash
{ mkdir -p busybox-container/rootfs/bin \
mkdir -p ~/busybox-container/rootfs/bin && cd busybox-container/rootfs/bin \
cd ~/busybox-container/rootfs/bin && wget https://www.busybox.net/downloads/binaries/1.31.0-defconfig-multiarch-musl/busybox-x86_64 \
wget https://www.busybox.net/downloads/binaries/1.31.0-defconfig-multiarch-musl/busybox-x86_64 && chmod +x busybox-x86_64 \
chmod +x busybox-x86_64 && ./busybox-x86_64 --install . \
./busybox-x86_64 --install . && cd ./../.. \
cd ~/busybox-container && runc spec \
runc spec && sed -i 's/"sh"/"echo","Hello from container runned by runc!","sleep","3600"/' config.json
sed -i 's/"sh"/"echo","Hello from container runned by runc!"/' config.json
}
``` ```
In this step, we downloaded the busybox image, unarchived it, and created the proper files, required by runc to run the container (including container configuration and files that will be accessible from the container). So, let's run our container In this step, we downloaded the busybox image, unarchived it, and created the proper files, required by runc to run the container (including container configuration and files that will be accessible from the container). So, let's run our container
@ -62,10 +58,8 @@ Hello from container runned by runc!
Great, we created our first container in this tutorial. Now we will clean up our workspace. Great, we created our first container in this tutorial. Now we will clean up our workspace.
```bash ```bash
{ cd .. \
cd ~ && rm -r busybox-container
rm -r busybox-container
}
``` ```
## containerd ## containerd
@ -80,18 +74,15 @@ In this tutorial, we will use [containerd](https://github.com/containerd/contain
To deploy containerd, first of all, we need to download it. To deploy containerd, first of all, we need to download it.
```bash ```bash
wget -q --show-progress --https-only --timestamping \ wget https://github.com/containerd/containerd/releases/download/v2.0.4/containerd-2.0.4-linux-amd64.tar.gz
https://github.com/containerd/containerd/releases/download/v1.4.4/containerd-1.4.4-linux-amd64.tar.gz
``` ```
After download process complete, we need to unzip and move containerd binaries to proper folder After download process complete, we need to unzip and move containerd binaries to proper folder
```bash ```bash
{ mkdir containerd \
mkdir containerd && tar -xvf containerd-2.0.4-linux-amd64.tar.gz -C containerd \
tar -xvf containerd-1.4.4-linux-amd64.tar.gz -C containerd && mv containerd/bin/* /bin/
sudo mv containerd/bin/* /bin/
}
``` ```
In comparison to the runc, containerd is a service that works like a service that can be called by someone to run a container. It means that we need to run it before we can start communicating with it. In comparison to the runc, containerd is a service that works like a service that can be called by someone to run a container. It means that we need to run it before we can start communicating with it.
@ -101,16 +92,25 @@ We will configure containerd as a service.
To do that, we need to create containerd configuration file To do that, we need to create containerd configuration file
```bash ```bash
{ {
sudo mkdir -p /etc/containerd/ mkdir -p /etc/containerd/
cat << EOF | tee /etc/containerd/config.toml
[debug]
level = "debug"
cat << EOF | sudo tee /etc/containerd/config.toml
[plugins] [plugins]
[plugins.cri.containerd] [plugins.'io.containerd.cri.v1.images']
snapshotter = "overlayfs" snapshotter = "native"
[plugins.cri.containerd.default_runtime] [plugins."io.containerd.cri.v1.runtime"]
runtime_type = "io.containerd.runtime.v1.linux" [plugins."io.containerd.cri.v1.runtime".containerd]
runtime_engine = "/usr/local/bin/runc" default_runtime_name = "runc"
runtime_root = "" [plugins."io.containerd.cri.v1.runtime".containerd.runtimes]
[plugins."io.containerd.cri.v1.runtime".containerd.runtimes.runc]
runtime_type = "io.containerd.runc.v2"
snapshotter = "native"
[plugins."io.containerd.cri.v1.runtime".containerd.runtimes.runc.options]
BinaryName = "/usr/local/bin/runc"
EOF EOF
} }
``` ```
@ -119,14 +119,13 @@ As we can see, we configured containerd to use runc (we installed before) to run
After configuration file create, we need to create containerd service After configuration file create, we need to create containerd service
```bash ```bash
cat <<EOF | sudo tee /etc/systemd/system/containerd.service cat <<EOF | tee /etc/systemd/system/containerd.service
[Unit] [Unit]
Description=containerd container runtime Description=containerd container runtime
Documentation=https://containerd.io Documentation=https://containerd.io
After=network.target After=network.target
[Service] [Service]
ExecStartPre=/sbin/modprobe overlay
ExecStart=/bin/containerd ExecStart=/bin/containerd
Restart=always Restart=always
RestartSec=5 RestartSec=5
@ -144,16 +143,14 @@ EOF
And now, run it And now, run it
```bash ```bash
{ systemctl daemon-reload \
sudo systemctl daemon-reload && systemctl enable containerd \
sudo systemctl enable containerd && systemctl start containerd
sudo systemctl start containerd
}
``` ```
To ensure that our service successfully started, run To ensure that our service successfully started, run
```bash ```bash
sudo systemctl status containerd systemctl status containerd
``` ```
Output: Output:
@ -177,7 +174,7 @@ To do that, we need the tool called [ctr](https://github.com/projectatomic/conta
First of all, we will pull busybox image First of all, we will pull busybox image
```bash ```bash
sudo ctr images pull docker.io/library/busybox:latest ctr images pull docker.io/library/busybox:latest
``` ```
After the pull process is complete - check our image After the pull process is complete - check our image
@ -193,7 +190,10 @@ docker.io/library/busybox:latest application/vnd.docker.distribution.manifest.li
Now, let's start our container Now, let's start our container
```bash ```bash
ctr run -t --rm --detach docker.io/library/busybox:latest busybox-container sh -c 'echo "Hello from container runned by containerd!"' ctr run --detach --snapshotter native docker.io/library/busybox:latest busybox-container sh -c 'echo "Hello"'
ctr run --detach docker.io/library/busybox:latest busybox-container sh -c 'echo "Hello"'
ctr run --detach --runtime io.containerd.runc.v2 --snapshotter native docker.io/library/busybox:latest busybox-container sh -c 'sleep 3600'
ctr run --detach docker.io/library/busybox:latest busybox-container sh -c 'echo "Hello from container runned by containerd!"'
``` ```
Output: Output:
@ -232,10 +232,8 @@ ctr containers rm busybox-container
We can check that list of containers and tasks should be empty We can check that list of containers and tasks should be empty
```bash ```bash
{ ctr task ls \
ctr task ls && ctr containers ls
ctr containers ls
}
``` ```
We should receive an empty output We should receive an empty output