containerd而非docker,需要离线导入镜像
解决原理
https://segmentfault.com/a/1190000019534913
ctr --namespace=k8s.io images ls
获取到你需要的镜像名称和版本之后 (参见后面的排查技巧) docker pull mirrorgooglecontainers/$imageName:$imageVersion docker tag mirrorgooglecontainers/$imageName:$imageVersion k8s.gcr.io/$imageName:$imageVersion docker save k8s.gcr.io/$imageName:$imageVersion > $imageName.tar microk8s.ctr -n k8s.io image import $imageName.tar
使用ctr命令导入镜像。 ctr image import app.tar #导入本地镜像 ctr images list|grep app #查看导入的镜像 crictl images list|grep app #此命令也可查看 命令介绍: ctr:是containerd本身的CLI crictl :是Kubernetes社区定义的专门CLI工具
Steps to reproduce: ctr images tag 192.168.56.1:8080/docker/alpine:latest 192.168.56.1:8080/docker/alpine:1.1 192.168.56.1:8080/docker/alpine:1.1 ctr images push 192.168.56.1:8080/docker/alpine:latest 192.168.56.1:8080/docker/alpine:1.1 index-sha256:c19173c5ada610a5989151111163d28a67368362762534d8a8121ce95cf2bd5a: waiting |--------------------------------------| elapsed: 0.1 s total: 0.0 B (0.0 B/s) ctr: content digest sha256:29a82d50bdb8dd7814009852c1773fb9bb300d2f655bd1cd9e764e7bb1412be3: not found
As you see this is quite powerful and you can do a lot with it. Let’s start by pulling an image # ctr image pull docker.io/library/hello-world This would give you an error saying you missed an object, because Containerd requires you to specify the object like the command below: # ctr image pull docker.io/library/hello-world:latest You can replace object with whatever is available like ‘alpine’ Let’s try listing the image to confirm # ctr image ls This can be a bit unfriendly, so try the following command: #ctr image ls -q The above command will give only the image name and nothing else. Now that we’ve got our image, we need to run a container. #ctr container create docker.io/library/hello-world:latest demo This would create a container with container id, ‘demo’, based on the image that we pulled. There are a few things to notice here: The output is not redirected to the CLI by default. Unlike Docker, we need to use the full path with the object every time we use a container image. Also, the image needs to be pulled before being able to run a container. We can list the containers created with the command below: #ctr container list You can see the demo container listed. You can even use -q to get just the container names. Now to delete the image. #ctr image remove docker.io/library/hello-world:latest This would delete the image. What would happen to your container? #ctr container list Your container would still be running. This is because containerd works on references, and in this case, the image is no longer being referenced as an image but it is still being referenced by the container (as a snapshot), so it wouldn’t be deleted as long as it’s being referenced. You’ll get a better picture when learning about snapshots, which would be a topic for another article. For now, we’ll delete the image. #ctr container remove demo Please leave a comment with any suggestions.
常用技巧 containerd相关的CLI确实没有Docker CLI方便,比如笔者在使用containerd时碰到一个场景,期望实现对镜像重新tag的操作,这在Docker下非常容易做到,但是在containerd下非常麻烦。crictl中并不支持这种操作,社区中也有相关issue解释: https://github.com/kubernetes- ... s/438 所以我们只能使用其他方式,通常我会这样做: 在一台机去上使用docker tag转换image 导出镜像,并拷贝到k3s机器上 docker tag busybox busyboxaaa docker save -o busybox.tar busyboxaaa scp busybox.tar ubuntu@172.31.24.12:~/ 用ctr导入 ctr image import busybox.tar
root@ubuntu:~# docker pull coredns/coredns:coredns-arm64 coredns-arm64: Pulling from coredns/coredns Digest: sha256:e98e05b50afc6606d3e0a66e264175910651746262e4a4823299ec6c827ef72a Status: Image is up to date for coredns/coredns:coredns-arm64 docker.io/coredns/coredns:coredns-arm64 root@ubuntu:~# docker tag coredns/coredns:coredns-arm64 k8s.gcr.io/coredns:1.6.7 root@ubuntu:~# docker save -o coredns:coredns-arm64.tar k8s.gcr.io/coredns:1.6.7 root@ubuntu:~# ctr image import coredns:coredns-arm64.tar unpacking k8s.gcr.io/coredns:1.6.7 (sha256:19910cb28a673d9ad642c3762b71fb5da6668537d9417d14d4d0cbf82569d7a8)...done root@ubuntu:~#
两者命令对比表: id containerd 命令 docker 命令 备注 1 ctr image ls docker images 获取image信息 2 ctr image pull nginx docker pull nginx pull 一个nginx的image 3 ctr image tag nginx nginx-test docker tag nginx nginx-test tag 一个nginx的image 4 ctr image push nginx-test docker push nginx-test push nginx-test的image 5 ctr image pull nginx docker pull nginx pull 一个nginx的image 6 ctr image import nginx.tar docker load<nginx.tar.gz 导入本地镜像ctr不支持压缩 7 ctr run -d --env 111 nginx-test nginx docker run -d --name=nginx nginx-test 运行的一个容器 8 ctr task ls docker ps 查看运行的容器
https://github.com/kubernetes/kubeadm/issues/1885
root@ubuntu:~# kubeadm init --kubernetes-version=v1.18.1 --pod-network-cidr=10.244.0.0/16 --apiserver-advertise-address=10.10.16.82 --ignore-preflight-errors=all unix:///run/containerd/containerd.sock --image-repository registry.aliyuncs.com/google_containers unknown command "unix:///run/containerd/containerd.sock" for "kubeadm init" To see the stack trace of this error execute with --v=5 or higher root@ubuntu:~# kubeadm init --kubernetes-version=v1.18.1 --pod-network-cidr=10.244.0.0/16 --apiserver-advertise-address=10.10.16.82 --ignore-preflight-errors=all unix:///run/containerd/containerd.sock --image-repository registry.aliyuncs.com/google_containers --v=5 unknown command "unix:///run/containerd/containerd.sock" for "kubeadm init" root@ubuntu:~#
root@ubuntu:~# ctr images -help NAME: ctr images - manage images USAGE: ctr images command [command options] [arguments...] COMMANDS: check check that an image has all content available locally export export images import import images list, ls list images known to containerd pull pull an image from a remote push push an image to a remote remove, rm remove one or more images by reference tag tag an image label set and clear labels for an image OPTIONS: --help, -h show help root@ubuntu:~#
root@ubuntu:~# ctr images list -help NAME: ctr images list - list images known to containerd USAGE: ctr images list [command options] [flags] [<filter>, ...] DESCRIPTION: list images registered with containerd OPTIONS: --quiet, -q print only the image refs root@ubuntu:~# ctr images list -q docker.io/library/nginx:alpine k8s.gcr.io/coredns:1.6.7 k8s.gcr.io/etcd-arm64:3.4.3-0 k8s.gcr.io/kube-apiserver:v1.18.1 k8s.gcr.io/kube-controller-manager:v1.18.1 k8s.gcr.io/kube-proxy:v1.18.1 k8s.gcr.io/kube-scheduler:v1.18.1 k8s.gcr.io/pause-arm64:3.2 root@ubuntu:~#
root@ubuntu:~# ctr images list -q docker.io/library/nginx:alpine k8s.gcr.io/coredns:1.6.7 k8s.gcr.io/etcd-arm64:3.4.3-0 k8s.gcr.io/kube-apiserver:v1.18.1 k8s.gcr.io/kube-controller-manager:v1.18.1 k8s.gcr.io/kube-proxy:v1.18.1 k8s.gcr.io/kube-scheduler:v1.18.1 k8s.gcr.io/pause-arm64:3.2 root@ubuntu:~# ctr images rm $(ctr images list -q) docker.io/library/nginx:alpine k8s.gcr.io/coredns:1.6.7 k8s.gcr.io/etcd-arm64:3.4.3-0 k8s.gcr.io/kube-apiserver:v1.18.1 k8s.gcr.io/kube-controller-manager:v1.18.1 k8s.gcr.io/kube-proxy:v1.18.1 k8s.gcr.io/kube-scheduler:v1.18.1 k8s.gcr.io/pause-arm64:3.2 root@ubuntu:~# ctr images list -q root@ubuntu:~#
root@ubuntu:~# ctr -n k8s.gcr.io images list -q k8s.gcr.io/coredns:1.6.7 k8s.gcr.io/etcd-arm64:3.4.3-0 k8s.gcr.io/kube-apiserver:v1.18.1 k8s.gcr.io/kube-controller-manager:v1.18.1 k8s.gcr.io/kube-proxy:v1.18.1 k8s.gcr.io/kube-scheduler:v1.18.1 k8s.gcr.io/pause-arm64:3.2 root@ubuntu:~# ctr -n k8s.gcr.io images rm $(ctr -n k8s.gcr.io images list -q) k8s.gcr.io/coredns:1.6.7 k8s.gcr.io/etcd-arm64:3.4.3-0 k8s.gcr.io/kube-apiserver:v1.18.1 k8s.gcr.io/kube-controller-manager:v1.18.1 k8s.gcr.io/kube-proxy:v1.18.1 k8s.gcr.io/kube-scheduler:v1.18.1 k8s.gcr.io/pause-arm64:3.2 root@ubuntu:~# ctr -n k8s.gcr.io images list -q root@ubuntu:~#
root@ubuntu:~# kubeadm config images list --image-repository k8s.gcr.io I1015 09:51:08.165119 47994 version.go:252] remote version is much newer: v1.19.3; falling back to: stable-1.18 W1015 09:51:08.786382 47994 configset.go:202] WARNING: kubeadm cannot validate component configs for API groups [kubelet.config.k8s.io kubeproxy.config.k8s.io] k8s.gcr.io/kube-apiserver:v1.18.9 k8s.gcr.io/kube-controller-manager:v1.18.9 k8s.gcr.io/kube-scheduler:v1.18.9 k8s.gcr.io/kube-proxy:v1.18.9 k8s.gcr.io/pause:3.2 k8s.gcr.io/etcd:3.4.3-0 k8s.gcr.io/coredns:1.6.7 root@ubuntu:~#
