With different Container Runtimes available in the market, many tech giants came together to form a group called OCI. With this, there are standards defined on how container runtimes should work. Now there are many runtimes available of which CRI-O is one of them. This is an OCI based Implementation of Kubernetes Container Runtime Interface. This provides an Integration between the OCI Container Runtime and the Kubernetes Kubelet.
In this article, we will see how we can install and configure the CRI-O and perform the basic steps. Below are some of the following functionalities that the CRI-O provides us
Support multiple image formats including the existing Docker image format
Support for multiple means to download images including trust & image verification
Container image management (managing image layers, overlay filesystems, etc)
Container process lifecycle management
Monitoring and logging required to satisfy the CRI
Resource isolation as required by the CRI
We can call CRI-O as a best breed libraries as below,
Runtime: runc (or any OCI runtime-spec implementation) and oci runtime tools
Images: Image management using containers/image
Storage: Storage and management of image layers using containers/storage
Networking: Networking support through use of CNI
Install the crictl tool
[root@ip-172-31-30-121]: VERSION="v1.17.0"
[root@ip-172-31-30-121]: wget https://github.com/kubernetes-sigs/cri-tools/releases/download/$VERSION/crictl-$VERSION-linux-amd64.tar.gz
[root@ip-172-31-30-121]: sudo tar zxvf crictl-$VERSION-linux-amd64.tar.gz -C /usr/local/bin
[root@ip-172-31-30-121]: rm -f crictl-$VERSION-linux-amd64.tar.gz
Run the image list
[root@ip-172-31-89-64]: /usr/local/bin/crictl images
FATA[0002] failed to connect: failed to connect, make sure you are running as root and the runtime has been started: context deadline exceeded
crictl by default connects to Unix: unix:///var/run/dockershim.sock or Windows: tcp://localhost:3735. For other runtimes, use:
containerd: unix:///run/containerd/containerd.sock
cri-o: unix:///var/run/crio/crio.sock
frakti: unix:///var/run/frakti.sock
I just started the Docker service here, and things started working fine for me.
Create a Container Image Spec
[root@ip-172-31-89-64]: cat pod.json
{
"metadata": {
"name": "nginx-sandbox",
"namespace": "default",
"attempt": 1,
"uid": "hdishd83djaidwnduwk28bcsb"
},
"log_directory": "/tmp",
"linux": {
}
}
Run the json File
[root@ip-172-31-89-64]: crictl runp pod.json
e4cdd5cfd7daf91e4f6c136f7f9d704ba6c3e587ed6e4a8f354cf4a37ec58076
Check the Running Pods using
[root@ip-172-31-42-175 centos]# crictl pods
POD ID CREATED STATE NAME NAMESPACE ATTEMPT
e4cdd5cf* 2 minutes Ready nginx-sandbox default 1
Inspect the Running Pod as below
[root@ip-172-31-42-175 centos]# crictl inspectp e4cdd5cfd7daf
{
"status": {
"id": "e4cdd5cfd7daf91e4f6c136f7f9d704ba6c3e587ed6e4a8f354cf4a37ec58076",
"metadata": {
"attempt": 1,
"name": "nginx-sandbox",
"namespace": "default",
"uid": "hdishd83djaidwnduwk28bcsb"
},
"state": "SANDBOX_READY",
"createdAt": "2020-09-02T04:16:42.627919195Z",
"network": {
"ip": "10.88.0.2"
},
"linux": {
"namespaces": {
"options": {
"ipc": "POD",
"network": "POD",
"pid": "POD"
}
}
},
"labels": {},
"annotations": {}
}
}
Pull an Image using
[root@ip-172-31-42-175 centos]# crictl pull busybox
Image is up to date for docker.io/library/busybox@sha256:c2d41d2ba6d8b7b4a3ffec621578eb4d9a0909df29dfa2f6fd8a2e5fd0836aed
List the Existing Images using
[root@ip-172-31-42-175 centos]# crictl images
IMAGE TAG IMAGE ID SIZE
docker.io/library/busybox latest edabd795951a0 1.45MB
More to Come, happy learning :-)
No comments :
Post a Comment