浙江龙网

  1. 首页 > 生活百科 > >

Containerd-1.6.5 镜像容器操作

生活百科

一、Containerd 镜像操作1 基本参数
[root@ecs-65685 ~]# ctr cNAME:ctr containers - manage containersUSAGE:ctr containers command [command options] [arguments...]COMMANDS:createcreate containerdelete, del, remove, rmdelete one or more existing containersinfoget info about a containerlist, lslist containerslabelset and clear labels for a containercheckpointcheckpoint a containerrestorerestore a container from checkpointOPTIONS:--help, -hshow help2 镜像操作
在containerd中拉取docker的相关镜像也需要补全 。
containerd支持oci标准的镜像,所以可以直接使用docker官方或dockerfile构建的镜像 。
--platform 选项指定对应平台的镜像 。当然对应的也有推送镜像的命令 ctr image push , 如果是私有镜像则在推送的时候可以通过 --user 来自定义仓库的用户名和密码 。
拉取镜像添加了--all-platforms会将所有平台都下载下来(amd64 、arm、386 、ppc64le ),否则默认下载当前平台 。
拉取镜像可以使用 ctr image pull 来完成,比如拉取 Docker Hub 官方镜像 nginx:alpine,需要注意的是镜像地址需要加上 docker.io Host 地址 。
ctr i pull docker.io/library/nginx:alpine --all-platforms3 查看镜像

  • 查看镜像可以使用 i 或者image
  • -q 只打印镜像名称
ctr i lsctr i ls -q4 检测本地镜像
[root@ecs-65685 ~]# ctr image checkREFTYPEDIGESTSTATUSSIZEUNPACKEDdocker.io/library/nginx:alpine application/vnd.docker.distribution.manifest.list.v2+json sha256:b87c350e6c69e0dc7069093dcda226c4430f3836682af4f649f2af9e9b5f1c74 complete (7/7) 9.7 MiB/9.7 MiB true主要查看其中的 STATUScomplete 表示镜像是完整可用的状态 。
5 tag重新打标签
[root@ecs-65685 ~]# ctr i tag docker.io/library/nginx:alpine docker.io/library/nginx:nginxxyzdocker.io/library/nginx:nginxxyz[root@ecs-65685 ~]# ctr i ls -qdocker.io/library/nginx:alpinedocker.io/library/nginx:nginxxyz # 新增tag6 删除镜像
使用:delete, del, remove, rm remove one or more images by reference 。都可以进行删除 。
[root@ecs-65685 ~]# ctr i rm docker.io/library/nginx:nginxxyzdocker.io/library/nginx:nginxxyz[root@ecs-65685 ~]# ctr i ls -qdocker.io/frps9/tools:SynologyNASdocker.io/library/nginx:alpine7 mount镜像
mount镜像实际上将镜像中的文件,挂载到宿主机的目录中去 。
mount参数系统为只读状态,只可以读取 , 不可以写入数据 。
使用--rw Enable write support on the mount 可以开启只读 。
[root@ecs-65685 ~]# mkdir /home/xyz[root@ecs-65685 ~]# ctr i ls -qdocker.io/library/nginx:alpine[root@ecs-65685 ~]# ctr i mountdocker.io/library/nginx:alpine /home/xyz/sha256:26bec62cc7fc1f93f810d51c3f51291dae2d0f9e192e054cc61d1914365003d8/home/xyz/[root@ecs-65685 ~]# ls /home/xyzbindocker-entrypoint.detclibmntprocrunsrvtmpvardevdocker-entrypoint.shhomemediaoptrootsbinsysusrmount卸载
【Containerd-1.6.5 镜像容器操作】[root@ecs-65685 ~]# ctr i unmount /home/xyz/home/xyz[root@ecs-65685 ~]# ls /home/xyz8 推送镜像
[root@ecs-65685 ~]# ctr i push -k docker.io/library/nginx:alpineindex-sha256:b87c350e6c69e0dc7069093dcda226c4430f3836682af4f649f2af9e9b5f1c74: waiting|--------------------------------------|elapsed: 0.1 stotal:0.0 B (0.0 B/s)ctr: content digest sha256:36f21d30317cff60a6ab8328cca93dbe554020ba0320c78e964040512d0f27a0: not found跳过ssl验证--skip-verify, -k skip SSL certificate validation 。
9 导入导出
  • import
  • export
  • 默认export导出的为OCI tar,只要我们容器支持OCI,基本上都是可以使用的
  • 同时导出可以使用--platform导出其它平台的(例如arm)
  • --all-platforms为导出所有平台
[root@ecs-65685 xyz]# ls[root@ecs-65685 xyz]# ctr i ls -qdocker.io/library/nginx:alpine[root@ecs-65685 xyz]# ctr i export --all-platforms nginx.tar docker.io/library/nginx:alpine[root@ecs-65685 xyz]# ctr i export nginx_i4t.com.tar docker.io/library/nginx:alpine[root@ecs-65685 xyz]# lsnginx_i4t.com.tarnginx.tar[root@ecs-65685 xyz]#[root@ecs-65685 xyz]# ctr i rm docker.io/library/nginx:alpinedocker.io/library/nginx:alpine[root@ecs-65685 xyz]# ctr i import nginx.tarunpacking docker.io/library/nginx:alpine (sha256:b87c350e6c69e0dc7069093dcda226c4430f3836682af4f649f2af9e9b5f1c74)...done[root@ecs-65685 xyz]# ctr i ls -qdocker.io/library/nginx:alpine二、Containerd 容器操作1 基本参数
[root@ecs-65685 ~]# ctr c create -hNAME:ctr containers create - create containerUSAGE:ctr containers create [command options] [flags] Image|RootFS CONTAINER [COMMAND] [ARG...]OPTIONS:--snapshotter valuesnapshotter name. Empty value stands for the default value. [$CONTAINERD_SNAPSHOTTER]--snapshotter-label valuelabels added to the new snapshot for this container.--config value, -c valuepath to the runtime-specific spec config file--cwd valuespecify the working directory of the process--env valuespecify additional container environment variables (e.g. FOO=bar)--env-file valuespecify additional container environment variables in a file(e.g. FOO=bar, one per line)--label valuespecify additional labels (e.g. foo=bar)--mount valuespecify additional container mount (e.g. type=bind,src=https://www.huyubaike.com/tmp,dst=/host,options=rbind:ro)--net-hostenable host networking for the container--privilegedrun privileged container--read-onlyset the containers filesystem as readonly--runtime valueruntime name (default:"io.containerd.runc.v2")--runtime-config-path valueoptional runtime config path--tty, -tallocate a TTY for the container--with-ns valuespecify existing Linux namespaces to join at container runtime (format '<nstype>:<path>')--pid-file valuefile path to write the task's pid--gpus valueadd gpus to the container--allow-new-privsturn off OCI spec's NoNewPrivileges feature flag--memory-limit valuememory limit (in bytes) for the container (default: 0)--device valuefile path to a device to add to the container; or a path to a directory tree of devices to add to the container--cap-add valueadd Linux capabilities (Set capabilities with 'CAP_' prefix)--cap-drop valuedrop Linux capabilities (Set capabilities with 'CAP_' prefix)--seccompenable the default seccomp profile--seccomp-profile valuefile path to custom seccomp profile. seccomp must be set to true, before using seccomp-profile--apparmor-default-profile valueenable AppArmor with the default profile with the specified name, e.g. "cri-containerd.apparmor.d"--apparmor-profile valueenable AppArmor with an existing custom profile--rdt-class valuename of the RDT class to associate the container with. Specifies a Class of Service (CLOS) for cache and memory bandwidth management.--rootfsuse custom rootfs that is not managed by containerd snapshotter--no-pivotdisable use of pivot-root (linux only)--cpu-quota valueLimit CPU CFS quota (default: -1)--cpu-period valueLimit CPU CFS period (default: 0)--rootfs-propagation valueset the propagation of the container rootfs

推荐阅读


上一篇:vue实现功能 单选 取消单选 全选 取消全选

下一篇:【Spring boot】整合tomcat底层原理