当前位置：网站首页>Container container runtime (2): which is better for you, yum installation or binary installation?

Container container runtime (2): which is better for you, yum installation or binary installation?

2022-06-22 20:31:00 【51CTO】

Containerd Container runtime （2）：yum Installation and binary installation , Which is more suitable for you ？_ Cloud native

One 、 Preface

Containerd Installation , If you use yum It's going to be a lot easier to install , But the installed version is basically fixed , It is not suitable for the actual business scenario .

Binary installation , Relatively flexible .

Two 、yum Way to install

install containerd It will be installed automatically runc.

2.1 Download the alicloud image source

      
      
       
       $ wget 
       
       -O /etc/yum.repos.d/docker-ce.repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
      
      
      
      
       
       1.

2.2 Search for containerd Software

       
       $ yum list | 
       
       grep containerd
       
containerd.io.x86_64         
       
       1.4.9-3.1.el7       installed
       
containerd.x86_64            
       
       1.2.14-1.el7        epel
       
containerd.io.x86_64         
       
       1.6.4-3.1.el7       docker-ce-stable
      
1.
2.
3.
4.

2.3 install

       
       $ yum install  
       
       -y containerd
       
       $ rpm 
       
       -qa |  
       
       grep containerd
       
containerd.io-1.4.9-3.1.el7.x86_64
      
1.
2.
3.

2.4 start-up containerd service

       
       $ systemctl 
       
       start  containerd
       
       $ systemctl enable  containerd
       
       $ systemctl status  containerd
      
1.
2.
3.

2.5 View service information

       
       $ ctr version
       
Client:
       
  Version:  
       
       1.4.9       
       
       # Client version number 
       
  Revision: e25210fe30a0a703442421b0f60afac609f950a3
       
  Go version: go1.15.14
       
Server:
       
  Version:  
       
       1.4.9    
       
       # Server version number 
       
  Revision:  e25210fe30a0a703442421b0f60afac609f950a3
       
  UUID: 3a988dc2-25d5-4753-914c-3344e4cb3c6e
      
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.

3、 ... and 、 Binary installation

3.1 Download binary package

Containerd There are two kinds of packages ：

containerd-xxx： This package can be used for stand-alone testing , It doesn't contain runC, It needs to be installed in advance .
cri-containerd-cni-xxxx： contain runc and k8s Relevant documents required in .k8s This package is required in the cluster . Although included runC, But it depends on seccomp（ Secure computing mode , Is a pattern that restricts containers from invoking system resources .）

       
       $ wget https://github.com/containerd/containerd/releases/download/v1.6.5/cri-containerd-1.6.5-linux-amd64.tar.gz
       
       $ tar zxvf cri-containerd-1.6.5-linux-amd64.tar.gz
       
       $ ls  
       
       -l
       
drwxr-xr-x  
       
       4 root root        
       
       51 
       
       4 month   
       
       26 
       
       07:52 etc
       
drwxr-xr-x  
       
       4 root root        
       
       35 
       
       4 month   
       
       26 
       
       07:51 opt
       
drwxr-xr-x  
       
       3 root root        
       
       19 
       
       4 month   
       
       26 
       
       07:50 usr
      
1.
2.
3.
4.
5.
6.

etc Catalog ： Mainly for containerd Service management profile and cni Virtual network card configuration file ;
opt Catalog ： Mainly for gce Use in the environment containerd Configuration files and cni plug-in unit ;

usr Catalog ： Mainly for containerd Runtime binaries , contain runc;

containerd There are five files in the installation package of , With the above command, they are installed in /usr/local/bin Directory ：

containerd： The runtime of the container , With gRPC The form of agreement is provided to meet OCI The standard API;
containerd-release：containerd Project release release tools ;
containerd-stress：containerd Pressure test tools ;
containerd-shim： This is the runtime carrier for each container , We are docker Seen on the host shim It also represents one by one through the call containerd Starting up docker Containers ;
ctr： It's a simple CLI Interface , Used as a containerd Some debugging purposes of itself , When put into production, it should be coordinated docker perhaps cri-containerd Deploy ;

3.2 Copy binary executable to `$PATH` in

After unpacking the installation package , After decompression usr/local/bin、 There are related binary executable files in the directory , Copy it to $PATH Environment .

      
      
       
       $ ls usr/local/bin/
       
       
containerd  containerd-shim  containerd-shim-runc-v1  containerd-shim-runc-v2  containerd-stress  crictl 
       
       
critest  ctd-decoder  ctr
       
       

       
       $ cp usr/local/bin/* 
       
       
/usr/local/bin/
      
      
      
      
       
       1.
       
       2.
       
       3.
       
       4.
       
       5.

Containerd Container runtime （2）：yum Installation and binary installation , Which is more suitable for you ？_ Cloud native _02

3.3 create profile

Containerd The default profile for is /etc/containerd/config.toml

       
       $ mkdir 
       
       -p /etc/containerd/
       
       $ containerd config default > /etc/containerd/config.toml
      
1.
2.

3.4 Create a service management profile

Copy the service management profile to /usr/lib/systemd/system/ Catalog

       
       $ grep 
       
       -v ^
       
       # etc/systemd/system/containerd.service
       
       $ cp etc/systemd/system/containerd.service
       
/usr/lib/systemd/system/containerd.service
      
1.
2.
3.

3.5 start-up containerd service

       
       $ sudo systemctl daemon-reload
       
       $ sudo systemctl enable 
       
       --now containerd.service
       
       $ sudo systemctl status containerd.service
      
1.
2.
3.

View version

      
      
       
       $ containerd  
       
       --version
       
       
containerd github.com/containerd/containerd v1.6.3
       
       
f830866066ed06e71bad64871bccfd34daf6309c
      
      
      
      
       
       1.
       
       2.
       
       3.

3.6 install runc（ Binary system ）

Due to the runC By default, you need to install seccomp Support , Separate installation required , And different versions runC Yes seccomp Version requirements are inconsistent , Therefore, it is recommended to download separately runC Binary package for installation , It contains seccomp Module support .

       
       $ cp usr/local/sbin/runc  /usr/bin/
       
       $ runc 
       
       -version
       
runc: symbol lookup error: runc: undefined symbol: seccomp_notify_respond
      
1.
2.
3.

Containerd Container runtime （2）：yum Installation and binary installation , Which is more suitable for you ？_ Operation and maintenance _03

【 Error reason 】 Lack of dependency packages libseccomp（2.4 Above version ）

【 terms of settlement 】 install libseccomp 2.5.1

       
       $ wget http://rpmfind.net/linux/centos/8-stream/BaseOS/x86_64/os/Packages/libseccomp-2.5.1-1.el8.x86_64.rpm
       
       $ rpm 
       
       -ivh libseccomp-2.5.1-1.el8.x86_64.rpm
       
       $ rpm 
       
       -qa |  
       
       grep libseccomp
       
libseccomp-2.5.1-1.el8.x86_64
       
       $ runc  
       
       -version
       
runc version 
       
       1.1.2
       
commit: v1.1.2-0-ga916309f
       
spec: 
       
       1.0.2-dev
       
go: go1.17.11
       
libseccomp: 
       
       2.5.1
      
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.