ctr的使用

安装完containerd之后,ctr也安装好

  • ctr上containerd提供的客户端,内置在containerd中

查看支持命令

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
[root@iZbp1ebizftw2vpbpm737wZ ~]# ctr --help                                                                                                                                                               
NAME:                                                                                                                                                                                                      
   ctr -                                                                                                                                                                                                   
        __                                                                                                                                                                                                 
  _____/ /______                                                                                                                                                                                           
 / ___/ __/ ___/                                                                                                                                                                                           
/ /__/ /_/ /                                                                                                                                                                                               
\___/\__/_/                                                                                                                                                                                                
                                                                                                                                                                                                           
containerd CLI                                                                                                                                                                                             
                                                                                                                                                                                                           
                                                                                                                                                                                                           
USAGE:                                                                                                                                                                                                     
   ctr [global options] command [command options] [arguments...]                                                                                                                                           
                                                                                                                                                                                                           
VERSION:                                                                                                                                                                                                   
   v1.7.24                                                                                                                                                                                                 
                                                                                                                                                                                                           
DESCRIPTION:                                                                                                                                                                                               
                                                                                                                                                                                                           
ctr is an unsupported debug and administrative client for interacting                                                                                                                                      
with the containerd daemon. Because it is unsupported, the commands,                                                                                                                                       
options, and operations are not guaranteed to be backward compatible or                                                                                                                                    
stable from release to release of the containerd project.                                                                                                                                                  
                                                                                                                                                                                                           
COMMANDS:                                                                                                                                                                                                  
   plugins, plugin            Provides information about containerd plugins                                                                                                                                
   version                    Print the client and server versions                                                                                                                                         
   containers, c, container   Manage containers                                                                                                                                                            
   content                    Manage content                                                                                                                                                               
   events, event              Display containerd events                                                                                                                                                    
   images, image, i           Manage images                                                                                                                                                                
   leases                     Manage leases                                                                                                                                                                
   namespaces, namespace, ns  Manage namespaces                                                                                                                                                            
   pprof                      Provide golang pprof outputs for containerd                                                                                                                                  
   run                        Run a container                                                                                                                                                              
   snapshots, snapshot        Manage snapshots                                                                                                                                                             
   tasks, t, task             Manage tasks                                                                                                                                                                 
   install                    Install a new package                                                                                                                                                        
   oci                        OCI tools                                                                                                                                                                    
   sandboxes, sandbox, sb, s  Manage sandboxes                                                                                                                                                             
   info                       Print the server info                                                                                                                                                        
   deprecations                                                                                                                                                                                            
   shim                       Interact with a shim directly                                                                                                                                                
   help, h                    Shows a list of commands or help for one command                                                                                                                             
                                                                                                                                                                                                           
GLOBAL OPTIONS:                                                                                                                                                                                            
   --debug                      Enable debug output in logs                                                                                                                                                
   --address value, -a value    Address for containerd's GRPC server (default: "/run/containerd/containerd.sock") [$CONTAINERD_ADDRESS]                                                                    
   --timeout value              Total timeout for ctr commands (default: 0s)                                                                                                                               
   --connect-timeout value      Timeout for connecting to containerd (default: 0s)                                                                                                                         
   --namespace value, -n value  Namespace to use with commands (default: "default") [$CONTAINERD_NAMESPACE]                                                                                                
   --help, -h                   show help                                                                                                                                                                  
   --version, -v                print the version                                                                                                                                                          
[root@iZbp1ebizftw2vpbpm737wZ ~]#

namespace

containerd比docker多了namespace的概念,主要是用于上层编排系统的支持

  • 常见的namespace:default、moby、k8s.io
  • default:默认的namespace,如果不指定-n,则所有的镜像、容器操作都在defalut命名空间下
  • moby:Docker使用的namespace,Docker作为containerd的上层编排系统,底层管理也使用了containerd,它使用的namespace说moby
  • k8s.io:kubelet和crictl使用的namespace,containerd所使用的namespace和k8s不是一个概念

ctr ns操作

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
[root@iZbp1ebizftw2vpbpm737wZ ~]# ctr ns                                                                                                                                                                   
NAME:                                                                                                                                                                                                      
   ctr namespaces - Manage namespaces                                                                                                                                                                      
                                                                                                                                                                                                           
USAGE:                                                                                                                                                                                                     
   ctr namespaces command [command options] [arguments...]                                                                                                                                                 
                                                                                                                                                                                                           
COMMANDS:                                                                                                                                                                                                  
   create, c   Create a new namespace                                                                                                                                                                      
   list, ls    List namespaces                                                                                                                                                                             
   remove, rm  Remove one or more namespaces                                                                                                                                                               
   label       Set and clear labels for a namespace                                                                                                                                                        
                                                                                                                                                                                                           
OPTIONS:                                                                                                                                                                                                   
   --help, -h  show help                                                                                                                                                                                   
                                                                                                                                                                                                           
[root@iZbp1ebizftw2vpbpm737wZ ~]#     
1
2
3
4
5
6
7
8
9
10
11
1. 查看当前ns
[root@iZbp1ebizftw2vpbpm737wZ ~]# ctr ns ls

2. 创建ns
ctr ns create joohwan

3. 删除ns
 ctr ns rm  joohwan
 
 4. 指定对应的ns
  ctr -n k8s.io image ls

镜像操作

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
[root@iZbp1ebizftw2vpbpm737wZ ~]# ctr image                                                                                                                                                                
NAME:                                                                                                                                                                                                      
   ctr images - Manage images                                                                                                                                                                              
                                                                                                                                                                                                           
USAGE:                                                                                                                                                                                                     
   ctr images command [command options] [arguments...]                                                                                                                                                     
                                                                                                                                                                                                           
COMMANDS:                                                                                                                                                                                                  
   check                    Check existing images to ensure all content is available locally                                                                                                               
   export                   Export images                                                                                                                                                                  
   import                   Import images                                                                                                                                                                  
   list, ls                 List images known to containerd                                                                                                                                                
   mount                    Mount an image to a target path                                                                                                                                                
   unmount                  Unmount the image from the target                                                                                                                                              
   pull                     Pull an image from a remote                                                                                                                                                    
   push                     Push an image to a remote                                                                                                                                                      
   prune                    Remove unused images                                                                                                                                                           
   delete, del, remove, rm  Remove one or more images by reference                                                                                                                                         
   tag                      Tag an image                                                                                                                                                                   
   label                    Set and clear labels for an image                                                                                                                                              
   convert                  Convert an image                                                                                                                                                               
   usage                    Display usage of snapshots for a given image ref                                                                                                                               
                                                                                                                                                                                                           
OPTIONS:                                                                                                                                                                                                   
   --help, -h  show help                                                                                                                                                                                   
                                                                                                                                                                                                           
[root@iZbp1ebizftw2vpbpm737wZ ~]#  
1
2
3
4
5
6
7
8
9
10
11
12
13
14
1. 拉取镜像
ctr -n k8s.io images pull docker.io/library/nginx:latest

2. 查看镜像
ctr -n   k8s.io  images ls

3. 推送镜像
ctr image push <image registry> --user <username> 

4. 挂载和卸载镜像
# 挂载镜像
ctr image mount <image> <mount point> 
# 卸载镜像
ctr image unmount <image> <mount point>

推送镜像,如果镜像是多平台,拉取的时候需要,使用–all-platforms 拉取所有的镜像

  • ⚠️虽然ctr支持镜像推送,但是建议使用nerdctl

容器操作

Ctr run 启动容器

1
2
# 与docker run自动生成containerID不同,通过ctr run启动必须手动指定唯一containerid
ctr run <image-ref><containerd-id> 启动容器
  • ctr和docker一样,支持–env、-t、–tty、-d、–detach、–rm

ctr task 启动容器

ctr比Docker多了task的概念,即ctr container表示的一组隔离的容器环境,包含rootfs\oci config\环境变量等,container创建成功表示资源初始化成功,不表示容器启动

  • ctr run=ctr container create + car task start

查看运行容器

1
2
3
4
5
6
7
8
9
1. 查看容器列表
ctr container ls 

2.查看运行容器列表
ctr task ls

3. 查看容器的详细配置
ctr c info <cntainerid>

查看容器使用的指标

1
ctr t metrics nginx

通过exec或attach进入容器

  1. 通过exec进入容器

    1
    2
    ctr task exec --exec-id <exec-id> 进入容器
    - exec-id 必须是唯一值

  2. 通过attach进入容器

    1
    ctr task attach 进入到正在运行的容器

停止容器

与Docker不同,通过ctr停止容器志气,需要停止task,再删除容器

1
2
3
4
5
6
7
8
9
10
11
ctr task kill <container-id>

# 可以通过--signal指定signal给容器进程发送SIGKILL信号
ctr task kill --signal SIGKILL <container-id>


# 除了task kill,也可以通过强制删除task
ctr task rm -f <containerd-id>

# 最后通过container rm删除容器
ctr container rm <container-id>