Ubuntu 21.10 安装containerd 参考官方文档

官方地址:https://containerd.io/

参考文档地址:https://github.com/containerd/containerd/blob/main/docs/cri/installation.md

使用 Release Tarball 安装 Containerd

本文档提供了使用发行版 tarball 安装 containerd 及其依赖项的步骤,并使用 kubeadm 启动 Kubernetes 集群。

这些步骤已在 Ubuntu 16.04 上得到验证。对于其他操作系统发行版,这些步骤可能会有所不同。如果您在其他操作系统发行版上遇到任何问题,请随时提交问题或 PR。

注意:您需要在计划在 Kubernetes 集群中使用的每个节点上运行以下步骤。
发布压缩包

对于每个 containerd 版本,我们将发布一个专门用于 Kubernetes 的版本 tarball,名为 cri-containerd-cni-{VERSION}-{OS}-{ARCH}.tar.gz。此发行版 tarball 包含将 containerd 与 Kubernetes 一起使用所需的所有二进制文件和文件。例如,1.4.3 版本可在 https://github.com/containerd/containerd/releases/download/v1.4.3/cri-containerd-cni-1.4.3-linux-amd64.tar.gz 获得。
内容

如下所示,release tarball 包含:

“`
containerd、containerd-shim、containerd-shim-runc-v1、containerd-shim-runc-v2、ctr:containerd 的二进制文件。
runc:runc 二进制文件。
/opt/cni/bin:容器网络接口的二进制文件
crictl、crictl.yaml:用于 CRI 容器运行时及其配置文件的命令行工具。
critest:运行 CRI 验证测试的二进制文件。
containerd.service:容器的系统单元。
/opt/containerd/cluster/:kube-up.sh 的脚本。
“` tar -tf cri-containerd-cni-1.4.3-linux-amd64.tar.gz
等等/
等/cn/
等/cni/net.d/
etc/cni/net.d/10-containerd-net.conflist
等/crictl.yaml
等/系统/
等/系统/系统/
等/systemd/system/containerd.service
用户名/
usr/本地/
usr/本地/bin/
usr/local/bin/containerd-shim-runc-v2
usr/本地/bin/ctr
usr/local/bin/containerd-shim
usr/local/bin/containerd-shim-runc-v1
usr/本地/bin/crictl
usr/local/bin/critest
usr/local/bin/容器
usr/本地/sbin/
usr/本地/sbin/runc
选择/
选择/cni/
选择/cni/bin/
选择/cni/bin/vlan
opt/cni/bin/host-local
opt/cni/bin/法兰绒
选择/cni/bin/bridge
opt/cni/bin/主机设备
选择/cni/bin/调整
选择/cni/bin/防火墙
选择/cni/bin/带宽
选择/cni/bin/ipvlan
选择/cni/bin/sbr
选择/cni/bin/dhcp
选择/cni/bin/portmap
选择/cni/bin/ptp
选择/cni/bin/静态
选择/cni/bin/macvlan
选择/cni/bin/loopback
选择/容器/
选择/容器/集群/
选择/容器/集群/版本
选择/容器/集群/gce/
opt/containerd/cluster/gce/cni.template
opt/containerd/cluster/gce/configure.sh
选择/容器/集群/gce/cloud-init/
opt/containerd/cluster/gce/cloud-init/master.yaml
opt/containerd/cluster/gce/cloud-init/node.yaml
选择/容器/集群/gce/env

二进制信息

有关发布 tarball 中的二进制文件的信息:
二进制名称支持操作系统架构
容器 seccomp、apparmor、selinux
覆盖,btrfs linux amd64
containerd-shim 覆盖,btrfs linux amd64
runc seccomp,apparmor,selinux linux amd64

如果您对二进制文件有其他要求,例如另一个架构支持等,您需要按照说明自己构建二进制文件。
下载

可以从发布页面 https://github.com/containerd/containerd/releases 下载发布 tarball。
步骤 0:安装依赖库

安装 seccomp 所需的库。

sudo apt-get 更新
sudo apt-get install libseccomp2

注意:

“`
如果您使用的是 Ubuntu <=Trusty 或 Debian <=jessie,则需要 libseccomp2 的反向移植版本。 (参见 trusty-backports 和 jessie-backports)。 ``` 第 1 步:下载发行版压缩包 从 GCS 存储桶下载要安装的 containerd 版本的发行版 tarball。 wget https://github.com/containerd/containerd/releases/download/v${VERSION}/cri-containerd-cni-${VERSION}-linux-amd64.tar.gz 验证发布 tarball 的校验和: wget https://github.com/containerd/containerd/releases/download/v${VERSION}/cri-containerd-cni-${VERSION}-linux-amd64.tar.gz.sha256sum sha256sum --check cri-containerd-cni-${VERSION}-linux-amd64.tar.gz.sha256sum 第 2 步:安装 Containerd 如果您使用的是 systemd,只需将 tarball 解压到根目录即可: sudo tar --no-overwrite-dir -C / -xzf cri-containerd-cni-${VERSION}-linux-amd64.tar.gz sudo systemctl daemon-reload sudo systemctl 启动容器 如果您不使用 systemd,请将所有二进制文件解压缩到 PATH 中的目录中,然后使用您正在使用的服务管理器将 containerd 作为受监控的长时间运行服务启动,例如监督,暴发户等 第 3 步:安装 Kubeadm、Kubelet 和 Kubectl 按照说明安装 kubeadm、kubelet 和 kubectl。 第 4 步:为 Containerd 创建 Systemd Drop-In 创建 systemd 插件文件 /etc/systemd/system/kubelet.service.d/0-containerd.conf: [服务] Environment="KUBELET_EXTRA_ARGS=--container-runtime=remote --runtime-request-timeout=15m --container-runtime-endpoint=unix:///run/containerd/containerd.sock" 并重新加载 systemd 配置: systemctl 守护进程重载 启动集群 现在您应该已经正确安装了所有必需的二进制文件和依赖项 > # Install Containerd with Release Tarball
>
> This document provides the steps to install `containerd` and its dependencies with the release tarball, and bring up a Kubernetes cluster using kubeadm.
>
> These steps have been verified on Ubuntu 16.04. For other
> OS distributions, the steps may differ. Please feel free to file issues
> or PRs if you encounter any problems on other OS distributions.
>
> *Note: You need to run the following steps on each node you are planning to use in your Kubernetes cluster.*
>
> ## Release Tarball
>
> For each `containerd` release, we’ll publish a release tarball specifically for Kubernetes named `cri-containerd-cni-{VERSION}-{OS}-{ARCH}.tar.gz`. This release tarball contains all required binaries and files for using `containerd` with Kubernetes. For example, the 1.4.3 version is available at [https://github.com/containerd/containerd/releases/download/v1.4.3/cri-containerd-cni-1.4.3-linux-amd64.tar.gz](https://github.com/containerd/containerd/releases/download/v1.4.3/cri-containerd-cni-1.4.3-linux-amd64.tar.gz).
>
> ### Content
>
> As shown below, the release tarball contains:
>
> * `containerd`, `containerd-shim`, `containerd-shim-runc-v1`, `containerd-shim-runc-v2`, `ctr`: binaries for containerd.
> * `runc`: runc binary.
> * `/opt/cni/bin`: binaries for [Container Network Interface](https://github.com/containernetworking/cni)
> * `crictl`, `crictl.yaml`: command line tools for CRI container runtime and its config file.
> * `critest`: binary to run [CRI validation test](https://github.com/kubernetes-sigs/cri-tools/blob/master/docs/validation.md).
> * `containerd.service`: Systemd unit for containerd.
> * `/opt/containerd/cluster/`: scripts for `kube-up.sh`.
>
> “`
>
tar -tf cri-containerd-cni-1.4.3-linux-amd64.tar.gz
> etc/
> etc/cni/
> etc/cni/net.d/
> etc/cni/net.d/10-containerd-net.conflist
> etc/crictl.yaml
> etc/systemd/
> etc/systemd/system/
> etc/systemd/system/containerd.service
> usr/
> usr/local/
> usr/local/bin/
> usr/local/bin/containerd-shim-runc-v2
> usr/local/bin/ctr
> usr/local/bin/containerd-shim
> usr/local/bin/containerd-shim-runc-v1
> usr/local/bin/crictl
> usr/local/bin/critest
> usr/local/bin/containerd
> usr/local/sbin/
> usr/local/sbin/runc
> opt/
> opt/cni/
> opt/cni/bin/
> opt/cni/bin/vlan
> opt/cni/bin/host-local
> opt/cni/bin/flannel
> opt/cni/bin/bridge
> opt/cni/bin/host-device
> opt/cni/bin/tuning
> opt/cni/bin/firewall
> opt/cni/bin/bandwidth
> opt/cni/bin/ipvlan
> opt/cni/bin/sbr
> opt/cni/bin/dhcp
> opt/cni/bin/portmap
> opt/cni/bin/ptp
> opt/cni/bin/static
> opt/cni/bin/macvlan
> opt/cni/bin/loopback
> opt/containerd/
> opt/containerd/cluster/
> opt/containerd/cluster/version
> opt/containerd/cluster/gce/
> opt/containerd/cluster/gce/cni.template
> opt/containerd/cluster/gce/configure.sh
> opt/containerd/cluster/gce/cloud-init/
> opt/containerd/cluster/gce/cloud-init/master.yaml
> opt/containerd/cluster/gce/cloud-init/node.yaml
> opt/containerd/cluster/gce/env
> “`
> ### Binary Information
>
> Information about the binaries in the release tarball:
>
> | Binary Name | Support | OS | Architecture |
> | :————-: | :———————————————–: | :—: | :———-: |
> | containerd | seccomp, apparmor, selinux“overlay, btrfs | linux | amd64 |
> | containerd-shim | overlay, btrfs | linux | amd64 |
> | runc | seccomp, apparmor, selinux | linux | amd64 |
>
> If you have other requirements for the binaries, e.g.
> another architecture support etc., you need to build the binaries
> yourself following [the instructions](https://github.com/containerd/containerd/blob/main/BUILDING.md).
>
> ### Download
>
> The release tarball could be downloaded from the release page [https://github.com/containerd/containerd/releases](https://github.com/containerd/containerd/releases).
>
> ## Step 0: Install Dependent Libraries
>
> Install required library for seccomp.
>
> “`shell
> sudo apt-get update
> sudo apt-get install libseccomp2
> “`
> Note that:
>
> 1. If you are using Ubuntu <=Trusty or Debian <=jessie, a backported version of `libseccomp2` is needed. (See the [trusty-backports](https://packages.ubuntu.com/trusty-backports/libseccomp2) and [jessie-backports](https://packages.debian.org/jessie-backports/libseccomp2)). >
> ## Step 1: Download Release Tarball
>
> Download release tarball for the `containerd` version you want to install from the GCS bucket.
>
> “`shell
> wget https://github.com/containerd/containerd/releases/download/v{VERSION}/cri-containerd-cni-{VERSION}-linux-amd64.tar.gz
> “`
> Validate checksum of the release tarball:
>
> “`shell
> wget https://github.com/containerd/containerd/releases/download/v{VERSION}/cri-containerd-cni-{VERSION}-linux-amd64.tar.gz.sha256sum
> sha256sum –check cri-containerd-cni-{VERSION}-linux-amd64.tar.gz.sha256sum
> “`
> ## Step 2: Install Containerd
>
> If you are using systemd, just simply unpack the tarball to the root directory:
>
> “`shell
> sudo tar –no-overwrite-dir -C / -xzf cri-containerd-cni-
{VERSION}-linux-amd64.tar.gz
> sudo systemctl daemon-reload
> sudo systemctl start containerd
> “`
> If you are not using systemd, please unpack all binaries into a directory in your `PATH`, and start `containerd` as monitored long running services with the service manager you are using e.g. `supervisord`, `upstart` etc.
>
> ## Step 3: Install Kubeadm, Kubelet and Kubectl
>
> Follow [the instructions](https://kubernetes.io/docs/setup/independent/install-kubeadm/) to install kubeadm, kubelet and kubectl.
>
> ## Step 4: Create Systemd Drop-In for Containerd
>
> Create the systemd drop-in file `/etc/systemd/system/kubelet.service.d/0-containerd.conf`:
>
> “`
> [Service]
> Environment=”KUBELET_EXTRA_ARGS=–container-runtime=remote –runtime-request-timeout=15m –container-runtime-endpoint=unix:///run/containerd/containerd.sock”
> “`
> And reload systemd configuration:
>
> “`shell
> systemctl daemon-reload
> “`
> ## Bring Up the Cluster
>
> Now you should have properly installed all required binaries and dependencies on each of your node.
>
> The next step is to use kubeadm to bring up the Kubernetes cluster. It is the same with [the ansible installer](https://github.com/containerd/containerd/blob/main/contrib/ansible). Please follow the steps 2-4 [here](https://github.com/containerd/containerd/blob/main/contrib/ansible/README.md#step-2).