containerd安装部署

安装

https://containerd.io

下载 containerd

containerd 下载

runrc 下载地址

cni 网络下载

nerdctl 下载

buildkit 下载

文件准备

​

containerd-2.0.4-linux-amd64.tar.gz
runc.amd64

​

mkdir -p /usr/local/containerd
tar xvf containerd-2.0.4-linux-amd64.tar.gz -C /usr/local/containerd/
# 使用 systemctl 管理
cat > /usr/lib/systemd/system/containerd.service << EOF
# Copyright The containerd Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

[Unit]
Description=containerd container runtime
Documentation=https://containerd.io
After=network.target dbus.service

[Service]
ExecStartPre=-/sbin/modprobe overlay
ExecStart=/usr/local/containerd/bin/containerd

Type=notify
Delegate=yes
KillMode=process
Restart=always
RestartSec=5

# Having non-zero Limit*s causes performance problems due to accounting overhead
# in the kernel. We recommend using cgroups to do container-local accounting.
LimitNPROC=infinity
LimitCORE=infinity

# Comment TasksMax if your systemd version does not supports it.
# Only systemd 226 and above support this version.
TasksMax=infinity
OOMScoreAdjust=-999

[Install]
WantedBy=multi-user.target
EOF
# 重新加载并设置开机启动
systemctl daemon-reload
systemctl enable --now containerd

安装 runc

install -m 755 runc.amd64 /usr/local/sbin/runc

安装 cni 插件

mkdir -p /opt/cni/bin
tar xvf cni-plugins-linux-amd64-v1.6.2.tgz -C /opt/cni/bin/

nerdctl 安装

适用于 containerd 的 Docker 兼容 CLI

tar xvf nerdctl-2.0.4-linux-amd64.tar.gz -C /usr/local/containerd/bin/

安装 buildkit

tar xvf buildkit-v0.21.0.linux-amd64.tar.gz -C /usr/local/containerd/
cat > /usr/lib/systemd/system/buildkit.service<< EOF
[Unit]
Description=BuildKit
Requires=buildkit.socket
After=buildkit.socket
Documentation=https://github.com/moby/buildkit

[Service]
Type=notify
ExecStart=/usr/local/containerd/bin/buildkitd --addr fd://

[Install]
WantedBy=multi-user.target
EOF
cat > /usr/lib/systemd/system/buildkit.socket<< EOF
[Unit]
Description=BuildKit
Documentation=https://github.com/moby/buildkit

[Socket]
ListenStream=%t/buildkit/buildkitd.sock
SocketMode=0660

[Install]
WantedBy=sockets.target
EOF
systemctl daemon-reload
systemctl enable --now buildkit

系统环境变量设置

cat >> /etc/profile << EOF
export PATH=/usr/local/containerd/bin/:\$PATH
EOF
source /etc/profile

启动服务

mkdir -p /etc/containerd
# 默认配置文件加载 
containerd config default > /etc/containerd/config.toml
systemctl start containerd
systemctl start buildkit

启动容器

nerdctl run -p 88:80 -d swr.cn-north-4.myhuaweicloud.com/ddn-k8s/docker.io/library/nginx:1.27.2
nerdctl run  -it  swr.cn-north-4.myhuaweicloud.com/ddn-k8s/quay.io/centos/centos:7.6.1810
[root@edc3835a0940 /]# curl nginx-3c02b
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
html {color-scheme: light dark;}
body { width: 35em; margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif; }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>

<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>

<p><em>Thank you for using nginx.</em></p>
</body>
</html>
[root@edc3835a0940 /]# 

containerd 部署完成