认识
containerd 是一个开源的容器运行时管理工具,是 Docker 的核心组件之一,最初由 Docker 公司开发。
官网:https://containerd.io/
文档:https://containerd.io/docs/
仓库:https://github.com/containerd/containerd/
组成
它提供了一个标准化的接口,可以与各种容器运行时(如 runc、cri-o 等)进行交互,从而管理容器的生命周期、镜像管理、文件系统管理等操作。
性质
与 Docker 不同的是,Containerd 更加轻量级、灵活,可以与各种容器编排工具(如 Kubernetes)集成使用。
构建
服务部署
on Ubuntu 24.04 TLS with APT
# 04/09/2025
https://github.com/containerd/containerd/blob/main/docs/getting-started.md ⇒ https://docs.docker.com/engine/install/ubuntu/
安装过程大致如下,细节请参考官方文档:
# Add Docker's official GPG key:
sudo apt-get update
sudo apt-get install ca-certificates curl
sudo install -m 0755 -d /etc/apt/keyrings
sudo curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc
sudo chmod a+r /etc/apt/keyrings/docker.asc
# Add the repository to Apt sources:
echo \
"deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu \
$(. /etc/os-release && echo "${UBUNTU_CODENAME:-$VERSION_CODENAME}") stable" | \
sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
sudo apt-get update
sudo apt-get install containerd.io
sudo apt-mark hold containerd.io
containerd.io 1.5.11-1 (from Docker)
注意,该方式是通过 Docker 官方仓库提供的 contanerd.io 包进行部署,注意与 containerd 包进行区别。
安装 containerd 服务:
# 我们使用 Docker 仓库里的 containerd 程序
apt-get update \
&& apt-get install -y apt-transport-https ca-certificates curl gnupg-agent software-properties-common \
&& curl -fsSL https://download.docker.com/linux/ubuntu/gpg | apt-key add - \
&& apt-key fingerprint 0EBFCD88 \
&& add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"
# 安装服务,避免意外升级
apt-get install -y containerd.io=1.5.11-1 --allow-downgrades \
&& apt-mark hold containerd.io
# apt-file list containerd.io
containerd.io: /etc/containerd/config.toml
containerd.io: /lib/systemd/system/containerd.service
containerd.io: /usr/bin/containerd
containerd.io: /usr/bin/containerd-shim
containerd.io: /usr/bin/containerd-shim-runc-v1
containerd.io: /usr/bin/containerd-shim-runc-v2
containerd.io: /usr/bin/ctr
containerd.io: /usr/bin/runc
containerd.io: /usr/share/doc/...
containerd.io: /usr/share/man/...
containered v1.6.12
# apt-cache madison containerd containerd | 1.6.12-0ubuntu1~20.04.1 | http://archive.ubuntu.com/ubuntu focal-updates/main amd64 Packages containerd | 1.5.9-0ubuntu1~20.04.6 | http://security.ubuntu.com/ubuntu focal-security/main amd64 Packages containerd | 1.3.3-0ubuntu2 | http://archive.ubuntu.com/ubuntu focal/main amd64 Packages # apt-get install containerd=1.6.12-0ubuntu1~20.04.1 ... # apt-get install containerd=1.7.2-0ubuntu1~20.04.1 ...
on CentOS 7.x
根据 containerd/docs/getting-started.md at main 文档,在 CentOS 中,参考 Install Docker Engine on CentOS 文档,来完成部署。
sudo yum remove docker \
docker-client \
docker-client-latest \
docker-common \
docker-latest \
docker-latest-logrotate \
docker-logrotate \
docker-engine
yum install -y yum-utils
yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
yum install containerd.io
containerd.io 1.6.2
根据官方文档的指引,我们来进行 containerd.io 的安装。
1)containerd/docs/getting-started.md at main/Option 2: From apt-get or dnf
2)Install Docker Engine on Ubuntu | Docker Docs
for pkg in docker.io docker-doc docker-compose docker-compose-v2 podman-docker containerd runc
do
sudo apt-get remove -y $pkg
done
apt-get update
apt-get install -y ca-certificates curl gnupg
install -m 0755 -d /etc/apt/keyrings
rm -rf /etc/apt/keyrings/docker.gpg
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg
chmod a+r /etc/apt/keyrings/docker.gpg
echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu \
$(. /etc/os-release && echo "$VERSION_CODENAME") stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
apt-get update
apt-get install -y containerd.io=1.6.26-1 # on Ubuntu 20.04.5 LTS
systemctl restart containerd.service
应用
containerd 的目标是成为一个通用的容器运行时管理工具,为容器生态系统提供一个标准的接口,促进容器技术的发展和普及;
配置 Registry Mirror 服务
How to configure containerd to use a registry mirror?
containerd/registry.md at main · containerd/containerd
containerd/config.md at main · containerd/containerd
containerd/hosts.md at main · containerd/containerd
针对 contianerd 1.5+ 版本:
# vim /etc/containerd/config.toml ... [plugins."io.containerd.grpc.v1.cri".registry] config_path = "/etc/containerd/certs.d" ... # mkdir -pv /etc/containerd/certs.d # mkdir -pv /etc/containerd/certs.d/_default/ # vim /etc/containerd/certs.d/_default/hosts.toml server = "https://docker.io" [host."https://registry-1.docker.io"] capabilities = ["resolve", "pull"]