synchronization

Containerd/Docs/Ctr基础命令.md

@@ -0,0 +1,38 @@
+> 本文作者：丁辉
+
+# Ctr命令使用
+
+- 查看镜像
+
+  ```bash
+  ctr -n k8s.io images ls
+  ```
+
+- 更改镜像 TAG
+
+  ```bash
+  ctr -n k8s.io image tag nginx:v1 nginx:v2
+  ```
+
+- 拉取镜像
+
+  ```bash
+  ctr -n k8s.io images pull docker.io/library/nginx:latest
+  ```
+
+  **更多参数**
+
+  - `--hosts-dir "/etc/containerd/certs.d"`：指定了包含镜像仓库证书的目录的路径。
+
+  - `-k`：忽略 TLS 验证过程中的证书错误。
+  - `--plain-http=true`：此选项指明在拉取镜像时使用未加密的 HTTP 协议，而不是加密的 HTTPS。
+
+- 推送镜像
+
+  ```bash
+  ctr -n k8s.io image push -u <账户>:<密码> docker.io/library/nginx:latest
+  ```
+
+  **更多参数**
+
+  - `--plain-http=true`：此选项指明在拉取镜像时使用未加密的 HTTP 协议，而不是加密的 HTTPS。

Containerd/Docs/Nerdctl工具.md

@@ -0,0 +1,65 @@
+> 本文作者：丁辉
+
+# Nerdctl工具
+
+[Github](https://github.com/containerd/nerdctl)
+
+## 开始安装
+
+1. 下载软件
+
+   ```bash
+   wget https://github.com/containerd/nerdctl/releases/download/v1.7.6/nerdctl-1.7.6-linux-amd64.tar.gz
+   ```
+
+2. 解压文件
+
+   ```bash
+   tar -zxvf nerdctl-*-linux-amd64.tar.gz
+   ```
+
+3. 安装
+
+   ```bash
+   install -o root -g root -m 0755 nerdctl /usr/local/bin/nerdctl
+   ```
+
+## 基本使用
+
+- 查看 Containerd 镜像
+
+  ```bash
+  nerdctl -n k8s.io images 
+  ```
+
+- 登录镜像仓库
+
+  ```bash
+  nerdctl -n k8s.io login <仓库地址> -u <账号> -p<密码>
+  ```
+
+- 退出镜像仓库登录
+
+  ```bash
+  nerdctl -n k8s.io logout <仓库地址>
+  ```
+
+- 拉取镜像
+
+  ```bash
+  nerdctl -n k8s.io pull nginx:latest
+  ```
+
+- 更改镜像 TAG
+
+  ```bash
+  nerdctl -n k8s.io tag nginx:v1 nginx:v2
+  ```
+
+- 推送镜像
+
+  ```bash
+  nerdctl -n k8s.io push nginx:latest --insecure-registry
+  ```
+
+  > `--insecure-registry` 表示目标仓库是一个不安全的私有仓库，不需要进行TLS证书验证

Containerd/Docs/Ubuntu部署Containerd配置Apt源.md

@@ -0,0 +1,94 @@
+> 本文作者：丁辉
+
+## Ubuntu部署Containerd配置Apt源
+
+> 我部署 containerd 的时候遇到了各个版本 apt 源无法下载的问题，所以本次记录 Ubuntu 源配置步骤
+
+### Ubuntu 22.04
+
+```bash
+sudo apt install apt-transport-https ca-certificates curl software-properties-common
+curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
+sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu jammy stable"
+```
+
+### Ubuntu 21.10
+
+```bash
+sudo apt install apt-transport-https ca-certificates curl software-properties-common
+curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
+sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu impish stable"
+```
+
+### Ubuntu 21.04
+
+```bash
+sudo apt install apt-transport-https ca-certificates curl software-properties-common
+curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
+sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu hirsute stable"
+```
+
+### Ubuntu 20.10 
+
+```bash
+sudo apt install apt-transport-https ca-certificates curl software-properties-common
+curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
+sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu groovy stable"
+```
+
+### Ubuntu 20.04
+
+```bash
+sudo apt install apt-transport-https ca-certificates curl software-properties-common
+curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
+sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu focal stable"
+```
+
+### Ubuntu 19.10 
+
+```bash
+sudo apt install apt-transport-https ca-certificates curl software-properties-common
+curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
+sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu eoan stable"
+```
+
+### Ubuntu 19.04
+
+```bash
+sudo apt install apt-transport-https ca-certificates curl software-properties-common
+curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
+sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu disco stable"
+```
+
+### Ubuntu 18.10
+
+```bash
+sudo apt install apt-transport-https ca-certificates curl software-properties-common
+curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
+sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu cosmic test"
+```
+
+### Ubuntu 18.04
+
+```bash
+sudo apt install apt-transport-https ca-certificates curl software-properties-common
+curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
+sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu bionic stable"
+```
+
+### Ubuntu 17.10
+
+```bash
+sudo apt install apt-transport-https ca-certificates curl software-properties-common
+curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
+sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu artful stable"
+```
+
+### Ubuntu 16.04
+
+```bash
+sudo apt-get install apt-transport-https ca-certificates curl software-properties-common
+curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
+sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu xenial stable"
+```
+

Containerd/Docs/二进制安装Containerd.md

@@ -0,0 +1,87 @@
+> 本文作者：丁辉
+
+# 二进制安装Containerd
+
+## 安装 Containerd
+
+[containerd软件包](https://github.com/containerd/containerd/releases)
+
+[cni插件包](https://github.com/containernetworking/plugins/releases)
+
+1. 下载二进制文件
+
+   ```bash
+   wget https://github.com/containerd/containerd/releases/download/v1.6.33/cri-containerd-cni-1.6.33-linux-amd64.tar.gz
+   ```
+
+2. 解压
+
+   ```bash
+   mkdir containerd
+   tar -zxvf cri-containerd-cni-*-linux-amd64.tar.gz -C containerd
+   cd containerd
+   ```
+
+3. 移动文件至安装目录
+
+   ```bash
+   \cp usr/local/bin/* /usr/local/bin/
+   \cp etc/systemd/system/containerd.service /usr/lib/systemd/system/containerd.service
+   mkdir /opt/cni/bin -p
+   \cp /root/containerd/opt/cni/bin/* /opt/cni/bin/
+   ```
+
+4. 备份配置文件
+
+   ```bash
+   mkdir /etc/containerd
+   containerd config default > /etc/containerd/config.toml
+   ```
+
+5. 修改驱动和镜像地址
+
+   ```bash
+   vi /etc/containerd/config.toml
+   ```
+
+   内容如下
+
+   ```toml
+   [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc]
+     ...
+     [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc.options]
+       SystemdCgroup = true #修改这里
+   
+   [plugins."io.containerd.grpc.v1.cri"]
+     sandbox_image = "registry.aliyuncs.com/google_containers/pause:3.9"
+   ```
+
+6. 配置 crictl 配置文件
+
+   ```bash
+   curl -so /etc/crictl.yaml https://gitee.com/offends/Kubernetes/raw/main/Containerd/Files/crictl.yaml
+   ```
+
+7. 启动
+
+   ```bash
+   systemctl enable containerd
+   systemctl start containerd
+   systemctl status containerd
+   ```
+
+## 安装 RunC
+
+[Github软件包下载](https://github.com/opencontainers/runc/releases)
+
+1. 下载
+
+   ```bash
+   wget https://github.com/opencontainers/runc/releases/download/v1.1.12/runc.amd64
+   ```
+
+2. 安装
+
+   ```bash
+   install -m 755 runc.amd64 /usr/local/bin/runc
+   ```

Containerd/Docs/网络源安装Containerd.md

@@ -0,0 +1,69 @@
+> 本文作者：丁辉
+
+[Github安装文档](https://github.com/containerd/containerd/blob/main/docs/getting-started.md)
+
+[Containerd软件包](https://github.com/containerd/containerd/releases)	[Runc软件包](https://github.com/opencontainers/runc/releases)	[Cni插件包](https://github.com/containernetworking/plugins/releases)
+
+## 网络源安装Containerd
+
+1. 设置存储库
+
+   [阿里源配置文件](https://developer.aliyun.com/mirror/docker-ce?spm=a2c6h.13651102.0.0.4eac1b11shXBpr)
+
+   ```bash
+   yum install -y yum-utils
+   yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
+   ```
+
+   > 国内
+   >
+   > ```bash
+   > yum install -y yum-utils
+   > yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
+   > ```
+
+2. 安装
+
+   ```bash
+   yum install -y containerd.io
+   ```
+
+3. 备份配置文件
+
+   ```bash
+   mv /etc/containerd/config.toml /etc/containerd/config.toml.bak
+   containerd config default > /etc/containerd/config.toml
+   ```
+
+4. 修改驱动和镜像地址
+
+   ```bash
+   vi /etc/containerd/config.toml
+   ```
+
+   内容如下
+
+   ```toml
+   [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc]
+     ...
+     [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc.options]
+       SystemdCgroup = true #修改这里
+   
+   [plugins."io.containerd.grpc.v1.cri"]
+     sandbox_image = "registry.aliyuncs.com/google_containers/pause:3.9"
+   ```
+
+5. 配置 crictl 配置文件
+
+   ```bash
+   curl -so /etc/crictl.yaml https://gitee.com/offends/Kubernetes/raw/main/Containerd/Files/crictl.yaml
+   ```
+
+6. 启动
+
+   ```bash
+   systemctl enable containerd
+   systemctl start containerd
+   systemctl status containerd
+   ```
+

Containerd/Files/crictl.yaml

@@ -0,0 +1,4 @@
+runtime-endpoint: unix:///run/containerd/containerd.sock
+image-endpoint: unix:///run/containerd/containerd.sock
+timeout: 10
+debug: false

Containerd/README.md

@@ -0,0 +1,66 @@
+> 本文作者：丁辉
+
+# 安装Containerd
+
+| 支持系统 |  支持架构  |
+| :------: | :--------: |
+| Centos*  | x86、arm64 |
+| Ubuntu*  | x86、arm64 |
+
+## 极简模式
+
+> 直接二进制安装最新版 Containerd
+
+```bash
+curl -sfL https://gitee.com/offends/Kubernetes/raw/main/Containerd/install.sh | bash -s all_curl
+```
+
+## 多功能模式
+
+```bash
+git clone https://gitee.com/offends/Kubernetes.git && cd Kubernetes/Containerd
+```
+
+**参数解释**
+
+| 脚本参数       | 作用                           | 用法                        |
+| -------------- | ------------------------------ | --------------------------- |
+| binary         | 二进制安装 Containerd 最新版本 | ./install.sh binary         |
+| packagemanager | 网络安装 Containerd 最新版本   | ./install.sh packagemanager |
+
+**包管理器安装切换网络源加速 ("binary" 和 "packagemanager" 均可使用以下参数)**
+
+- 使用官方加速
+
+  ```bash
+  export INSTALL_NETWORK=default
+  ```
+- 使用阿里国加速 [默认]
+
+  ```bash
+  export INSTALL_NETWORK=aliyun
+  ```
+
+**二进制文件下载地址替换 ("binary" 可使用以下参数)**
+
+> 文件格式需要为 `cri-containerd-*-linux-*.tar.gz` 类似于此格式 * 部分可使用版本和架构补充。
+
+- 指定版本下载 (默认从 Github 仓库下载, 默认版本为: "1.7.18")
+
+  ```bash
+  export CONTAINERD_VERSION="1.7.18"
+  ```
+  
+- 指定二进制文件包下载地址
+
+  ```bash
+  export OFFENDS_URL=""
+  ```
+  
+  > 示例
+  >
+  > ```bash
+  > export OFFENDS_URL="https://minio.com/cri-containerd-*-linux-amd64.tar.gz"
+  > ```
+  
+  

Containerd/install.sh

@@ -0,0 +1,220 @@
+#!/bin/bash
+
+#############################################################################################
+# 用途: 多功能部署 Containerd 脚本
+# 作者: 丁辉
+# 编写时间: 2023-12-29
+# 更新时间: 2024-01-26
+#############################################################################################
+
+# 加载检测脚本
+source <(curl -sS https://gitee.com/offends/Linux/raw/main/File/Shell/Check_command.sh)
+CHECK_CPU
+# 变量
+SCRIPT_VERSION="1.0.0"
+INSTALL_NETWORK=${INSTALL_NETWORK:-aliyun}
+# Containerd 版本
+CONTAINERD_VERSION=${CONTAINERD_VERSION:-1.7.18}
+# Github下载加速
+GIT_PROXY="https://mirror.ghproxy.com"
+URL="https://github.com/containerd/containerd/releases/download/v${CONTAINERD_VERSION}/cri-containerd-cni-${CONTAINERD_VERSION}-linux-${ARCH_TYPE_2}.tar.gz"
+
+# --help 帮助信息
+function HELP(){
+    echo "Usage: script_name [OPTIONS] [ARGUMENTS]"
+    echo ""
+    echo "Description:"
+    echo "  Offends"
+    echo ""
+    echo "Options:"
+    echo "  -h, --help                  显示此帮助信息"
+    echo "  -v, --version               显示当前脚本版本号"
+    echo "  all_curl                    省心网络安装,所有文件都会从网络 curl 下载"
+    echo "  binary                      二进制安装 Containerd 最新版本"
+    echo "  packagemanager              网络安装 Containerd 最新版本"
+    echo ""
+    echo "Examples:"
+    echo "  示例 1: ./install.sh all_curl"
+    echo "  示例 1: ./install.sh binary"
+    echo "  示例 2: ./install.sh packagemanager"
+    exit 0
+}
+
+# 在线安装
+function INSTALL_CONTAINERD(){
+    if [ $# -eq 1 ]; then
+        while true; do
+            case $1 in
+                all_curl)
+                    INSTALL_0
+                    break
+                ;;
+                binary)
+                    SEND_INFO "您选择的安装方式为: 二进制安装 Containerd 最新版本"
+                    INSTALL_1
+                    break
+                    ;;
+                packagemanager)
+                    SEND_INFO "您选择的安装方式为: 网络安装 Containerd 最新版本"
+                    INSTALL_2
+                    break
+                    ;;
+                --help|-h)
+                    HELP
+                    ;;
+                --version|-v)
+                    SEND_INFO "当前脚本版本号为: $SCRIPT_VERSION"
+                    break
+                    ;;
+                *)
+                    SEND_ERROR "参数错误"
+                    HELP
+                    ;;
+            esac
+        done
+    else
+        SEND_ERROR "参数错误"
+        HELP
+    fi
+}
+
+function INSTALL_0(){
+    IF_LINUX
+    INIT_CONTAINERD
+    CURL_FILE
+}
+
+
+function INSTALL_1(){
+    CHECK_INSTALL wget
+    SEND_INFO "正在下载 Containerd 二进制文件包[Github],网络较慢请稍后..."
+    if [ ${INSTALL_NETWORK} = "default" ]; then
+        SEND_INFO "您选择的网络为: 默认网络"
+        BINARY_URL=${OFFENDS_URL:-$URL}
+    elif [ ${INSTALL_NETWORK} = "aliyun" ]; then
+        SEND_INFO "您选择的网络为: 阿里云网络加速"
+        BINARY_URL=${OFFENDS_URL:-$GIT_PROXY/$URL}
+    fi
+    wget ${BINARY_URL}
+    if [ $? -ne 0 ]; then
+        SEND_ERROR "下载 Containerd 二进制文件包失败,请检查网络"
+        exit 1
+    fi
+    CHECK_DIR "./containerd"
+    CHECK_COMMAND_NULL tar -zxvf cri-containerd-*-linux-*.tar.gz -C containerd
+    BASE_FILES
+}
+
+function INSTALL_2(){
+    IF_LINUX
+    INIT_CONTAINERD
+    CP_FILE
+}
+
+function BASE_FILES(){
+    SEND_INFO "正在初始化文件"
+    CHECK_COMMAND_NULL \\cp containerd/usr/local/bin/* /usr/local/bin/
+    CHECK_COMMAND_NULL \\cp containerd/etc/systemd/system/containerd.service /usr/lib/systemd/system/containerd.service
+    CHECK_DIR "/opt/cni/bin"
+    # CHECK_COMMAND_NULL \\cp containerd/opt/cni/bin/* /opt/cni/bin/
+    CHECK_DIR "/etc/containerd"
+    CHECK_COMMAND_NULL rm -rf ./containerd
+    CHECK_COMMAND_NULL rm -rf ./cri-containerd-*-linux-*.tar.gz
+    INIT_CONTAINERD
+    CP_FILE
+}
+
+function IF_LINUX(){
+    log_file="/tmp/check_install_log"
+    if command -v yum >/dev/null 2>&1; then
+        SEND_INFO "正在准备包,根据网络情况可能需要几分钟,请稍后..."
+        yum install -y yum-utils >>"$log_file" 2>&1
+        if [ $? -ne 0 ]; then
+            SEND_ERROR "安装 yum-utils 失败，请查看日志"
+            tail -n 10 "$log_file"  # 输出最后10行日志
+            rm -rf $log_file
+            exit 1
+        fi
+        if [ ${INSTALL_NETWORK} = "default" ]; then
+            SEND_INFO "您选择的网络为: 默认网络"
+            CHECK_COMMAND_NULL yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
+            yum install containerd.io -y
+        elif [ ${INSTALL_NETWORK} = "aliyun" ]; then
+            SEND_INFO "您选择的网络为: 阿里云网络"
+            CHECK_COMMAND_NULL yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
+            yum install containerd.io -y
+        fi
+    elif command -v apt >/dev/null 2>&1; then
+        SEND_INFO "正在准备包,根据网络情况可能需要几分钟,请稍后..."
+        if [ ${INSTALL_NETWORK} = "default" ]; then
+            SEND_INFO "您选择的网络为: 默认网络"
+            curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg
+            CHECK_COMMAND_NULL chmod a+r /etc/apt/keyrings/docker.gpg
+
+            echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu \
+            $(. /etc/os-release && echo "$VERSION_CODENAME") stable" | \
+            sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
+
+            CHECK_COMMAND_NULL apt-get update
+            apt-get install containerd.io -y
+        elif [ ${INSTALL_NETWORK} = "aliyun" ]; then
+            SEND_INFO "您选择的网络为: 阿里云网络"
+            curl -fsSL https://mirrors.aliyun.com/docker-ce/linux/ubuntu/gpg | sudo apt-key add -
+            # add-apt-repository "deb [arch=amd64] https://mirrors.aliyun.com/docker-ce/linux/ubuntu $(lsb_release -cs) stable"
+            # 设置 Docker 源地址
+            docker_repo="deb [arch=amd64] https://mirrors.aliyun.com/docker-ce/linux/ubuntu $(lsb_release -cs) stable"
+            # 添加 Docker 源并自动回车确认
+            echo -e "\n" | sudo add-apt-repository "$docker_repo"
+            CHECK_COMMAND_NULL apt-get update
+            apt-get install containerd.io -y
+        fi
+    else
+        SEND_ERROR "无法识别的系统软件包管理工具"
+        exit 1
+    fi
+}
+
+
+function INIT_CONTAINERD(){
+    SEND_INFO "正在初始化 Containerd"
+    CHECK_COMMAND_NULL containerd config default \> /etc/containerd/config.toml
+    sed -i 's/SystemdCgroup = false/SystemdCgroup = true/g' /etc/containerd/config.toml
+    sed -i 's|sandbox_image[[:space:]]*=[[:space:]]*".*"|sandbox_image = "registry.aliyuncs.com/google_containers/pause:3.9"|g' /etc/containerd/config.toml
+}
+
+function CP_FILE(){
+    CHECK_COMMAND_NULL \\cp ./Files/crictl.yaml /etc/crictl.yaml
+}
+
+function CURL_FILE(){
+    curl -so /etc/crictl.yaml https://gitee.com/offends/Kubernetes/raw/main/Containerd/Files/crictl.yaml
+}
+
+function START_CONTAINERD(){
+    SEND_INFO "正在启动 Containerd 服务"
+    CHECK_COMMAND_NULL systemctl daemon-reload
+    CHECK_COMMAND_NULL systemctl enable containerd
+    CHECK_COMMAND_NULL systemctl start containerd
+    SEND_INFO "Containerd 服务启动成功"
+}
+
+# 检测某个systemd服务是否存在
+function CHECK_SYSTEMD(){
+    if ! command -v containerd >/dev/null 2>&1; then
+        INSTALL_CONTAINERD $@
+        START_CONTAINERD
+    else
+        SEND_INFO "Containerd 服务已安装,版本为: $(containerd --version | awk '{print $3}')"
+        if ! systemctl status containerd >/dev/null 2>&1; then
+            SEND_WARN "Containerd 服务未启动,正在启动 Containerd 服务"
+            if ! systemctl start containerd >/dev/null 2>&1; then
+                SEND_ERROR "Containerd 服务启动失败,请检查日志排查错误"
+                exit 1
+            else
+                SEND_INFO "Containerd 服务启动成功"
+            fi
+        fi
+    fi
+}
+
+CHECK_SYSTEMD $@