下载
下载地址:github.com/containerd/…
tar Cxzvvf /usr/local nerdctl-full-1.5.0-linux-amd64.tar.gz
包含如下组件:
- nerdctl: v1.5.0
- containerd: v1.7.3
- runc: v1.1.8
- CNI plugins: v1.3.0
- BuildKit: v0.12.0
- Stargz Snapshotter: v0.14.3
- imgcrypt: v1.1.7
- RootlessKit: v1.1.0
- slirp4netns: v1.2.0
- bypass4netns: v0.3.0
- fuse-overlayfs: v1.12
- containerd-fuse-overlayfs: v1.0.6
- Kubo (IPFS): v0.21.0
- Tini: v0.19.0
- buildg: v0.4.1
rootless
cyxinda@oldsix:~/Downloads$ containerd-rootless-setuptool.sh install
[INFO] Checking RootlessKit functionality
[rootlesskit:parent] error: failed to setup UID/GID map: newuidmap 10270 [0 1000 1 1 100000 65536] failed: : exec: "newuidmap": executable file not found in $PATH
[ERROR] RootlessKit failed, see the error messages and https://rootlesscontaine.rs/getting-started/common/ .
cyxinda@oldsix:~/Downloads$ sudo apt-get install uidmap
正在读取软件包列表... 完成
正在分析软件包的依赖关系树... 完成
正在读取状态信息... 完成
下列【新】软件包将被安装:
uidmap
升级了 0 个软件包,新安装了 1 个软件包,要卸载 0 个软件包,有 10 个软件包未被升级。
需要下载 22.4 kB 的归档。
解压缩后会消耗 147 kB 的额外空间。
获取:1 http://cn.archive.ubuntu.com/ubuntu jammy-updates/universe amd64 uidmap amd64 1:4.8.1-2ubuntu2.1 [22.4 kB]
已下载 22.4 kB,耗时 1秒 (20.6 kB/s)
正在选中未选择的软件包 uidmap。
(正在读取数据库 ... 系统当前共安装有 210443 个文件和目录。)
准备解压 .../uidmap_1%3a4.8.1-2ubuntu2.1_amd64.deb ...
正在解压 uidmap (1:4.8.1-2ubuntu2.1) ...
正在设置 uidmap (1:4.8.1-2ubuntu2.1) ...
正在处理用于 man-db (2.10.2-1) 的触发器 ...
cyxinda@oldsix:~/Downloads$ containerd-rootless-setuptool.sh install
[INFO] Checking RootlessKit functionality
[INFO] Checking cgroup v2
[WARNING] The cgroup v2 controller "cpu" is not delegated for the current user ("/sys/fs/cgroup/user.slice/user-1000.slice/user@1000.service/cgroup.controllers"), see https://rootlesscontaine.rs/getting-started/common/cgroup2/
[INFO] Checking overlayfs
[INFO] Requirements are satisfied
[INFO] Creating "/home/cyxinda/.config/systemd/user/containerd.service"
[INFO] Starting systemd unit "containerd.service"
+ systemctl --user start containerd.service
+ sleep 3
+ systemctl --user --no-pager --full status containerd.service
● containerd.service - containerd (Rootless)
Loaded: loaded (/home/cyxinda/.config/systemd/user/containerd.service; disabled; vendor preset: enabled)
Active: active (running) since Thu 2023-08-10 11:29:46 CST; 3s ago
Main PID: 10657 (rootlesskit)
Tasks: 36
Memory: 20.7M
CPU: 187ms
CGroup: /user.slice/user-1000.slice/user@1000.service/app.slice/containerd.service
├─10657 rootlesskit --state-dir=/run/user/1000/containerd-rootless --net=slirp4netns --mtu=65520 --slirp4netns-sandbox=auto --slirp4netns-seccomp=auto --disable-host-loopback --port-driver=builtin --copy-up=/etc --copy-up=/run --copy-up=/var/lib --propagation=rslave /usr/local/bin/containerd-rootless.sh
├─10667 /proc/self/exe --state-dir=/run/user/1000/containerd-rootless --net=slirp4netns --mtu=65520 --slirp4netns-sandbox=auto --slirp4netns-seccomp=auto --disable-host-loopback --port-driver=builtin --copy-up=/etc --copy-up=/run --copy-up=/var/lib --propagation=rslave /usr/local/bin/containerd-rootless.sh
├─10685 slirp4netns --mtu 65520 -r 3 --disable-host-loopback --enable-sandbox --enable-seccomp 10667 tap0
└─10693 containerd
8月 10 11:29:46 oldsix containerd-rootless.sh[10693]: time="2023-08-10T11:29:46.362428006+08:00" level=info msg="using experimental NRI integration - disable nri plugin to prevent this"
8月 10 11:29:46 oldsix containerd-rootless.sh[10693]: time="2023-08-10T11:29:46.362629014+08:00" level=info msg="Get image filesystem path \"/var/lib/containerd/io.containerd.snapshotter.v1.overlayfs\""
8月 10 11:29:46 oldsix containerd-rootless.sh[10693]: time="2023-08-10T11:29:46.362671553+08:00" level=warning msg="Running containerd in a user namespace typically requires disable_cgroup, disable_apparmor, restrict_oom_score_adj set to be true"
8月 10 11:29:46 oldsix containerd-rootless.sh[10693]: time="2023-08-10T11:29:46.363464054+08:00" level=warning msg="failed to load plugin io.containerd.grpc.v1.cri" error="failed to create CRI service: failed to create cni conf monitor for default: failed to watch cni conf dir /etc/cni/net.d: permission denied"
8月 10 11:29:46 oldsix containerd-rootless.sh[10693]: time="2023-08-10T11:29:46.363517224+08:00" level=info msg="loading plugin \"io.containerd.tracing.processor.v1.otlp\"..." type=io.containerd.tracing.processor.v1
8月 10 11:29:46 oldsix containerd-rootless.sh[10693]: time="2023-08-10T11:29:46.363570954+08:00" level=info msg="skip loading plugin \"io.containerd.tracing.processor.v1.otlp\"..." error="no OpenTelemetry endpoint: skip plugin" type=io.containerd.tracing.processor.v1
8月 10 11:29:46 oldsix containerd-rootless.sh[10693]: time="2023-08-10T11:29:46.363616023+08:00" level=info msg="loading plugin \"io.containerd.internal.v1.tracing\"..." type=io.containerd.internal.v1
8月 10 11:29:46 oldsix containerd-rootless.sh[10693]: time="2023-08-10T11:29:46.363649908+08:00" level=info msg="skipping tracing processor initialization (no tracing plugin)" error="no OpenTelemetry endpoint: skip plugin"
8月 10 11:29:46 oldsix containerd-rootless.sh[10693]: time="2023-08-10T11:29:46.364111969+08:00" level=info msg=serving... address=/run/containerd/containerd.sock.ttrpc
8月 10 11:29:46 oldsix containerd-rootless.sh[10693]: time="2023-08-10T11:29:46.364269495+08:00" level=info msg=serving... address=/run/containerd/containerd.sock
+ systemctl --user enable containerd.service
Created symlink /home/cyxinda/.config/systemd/user/default.target.wants/containerd.service → /home/cyxinda/.config/systemd/user/containerd.service.
[INFO] Installed "containerd.service" successfully.
[INFO] To control "containerd.service", run: `systemctl --user (start|stop|restart) containerd.service`
[INFO] To run "containerd.service" on system startup automatically, run: `sudo loginctl enable-linger cyxinda`
[INFO] ------------------------------------------------------------------------------------------
[INFO] Use `nerdctl` to connect to the rootless containerd.
[INFO] You do NOT need to specify $CONTAINERD_ADDRESS explicitly.
cyxinda@oldsix:~/Downloads$ nerdctl ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
cyxinda@oldsix:~/Downloads$
自动补齐命令
[root@containerd ~]
[root@containerd ~]
[root@containerd ~]
[root@containerd ~]
[root@containerd ~]
[root@containerd ~]
rm rmi run
[root@containerd ~]
