Ctr 建立nginx容器並使用curl訪問
阿新 • • 發佈:2022-12-09
這篇文章使用ctr建立一個nginx容器,並在宿主機使用curl進行訪問。
Prerequisite
- 安裝cni
- 安裝runc
- 安裝containerd, 並以systemd service方式啟動
Steps
1. 拉取映象:
ctr images pull docker.io/library/nginx:latest
2. 編譯cnitool:
git clone https://github.com/containernetworking/cni.git cd cni go mod tidy cd cnitool GOOS=linux GOARCH=amd64 go build .
3. 建立容器網路:
cat << EOF | tee /etc/cni/net.d/nginx.conf { "cniVersion": "0.4.0", "name": "nginx", "type": "bridge", "bridge": "cni0", "isDefaultGateway": true, "forceAddress": false, "ipMasq": true, "hairpinMode": true, "ipam": { "type": "host-local", "subnet": "10.88.0.0/16" } } EOF
4. 建立容器網路名稱空間:
[root@localhost cni]# ip netns add nginx
[root@localhost cni]# ip netns list
nginx
[root@localhost cni]# ls /var/run/netns/
nginx
給network namespace nginx新增網路:
[root@localhost cni]# cnitool add nginx /var/run/netns/nginx { "cniVersion": "0.4.0", "interfaces": [ { "name": "cni0", "mac": "3a:55:12:e0:49:7a" }, { "name": "veth96cb8bbe", "mac": "16:e7:3a:db:5e:43" }, { "name": "eth0", "mac": "a2:51:45:e3:4c:f0", "sandbox": "/var/run/netns/nginx" } ], "ips": [ { "version": "4", "interface": 2, "address": "10.88.0.2/16", # 分配的ip地址 "gateway": "10.88.0.1" } ], "routes": [ { "dst": "0.0.0.0/0", "gw": "10.88.0.1" } ], "dns": {} } [root@localhost cni]#cnitool check nginx /var/run/netns/nginx
檢查network namespace nginx 的網絡卡資訊:
[root@localhost cni]# ip -n nginx addr
1: lo: <LOOPBACK> mtu 65536 qdisc noop state DOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: eth0@if7: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether a2:51:45:e3:4c:f0 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 10.88.0.2/16 brd 10.88.255.255 scope global eth0
valid_lft forever preferred_lft forever
inet6 fe80::a051:45ff:fee3:4cf0/64 scope link
valid_lft forever preferred_lft forever
5. 啟動容器:
$ ctr run --with-ns=network:/var/run/netns/nginx -d docker.io/library/nginx:latest nginx
進入容器:
[root@localhost cni]# ctr task exec -t --exec-id nginxbash nginx bash
root@localhost:/# ls
-
--exec-id: exec specific id for the process 這個名字可以隨便起。 -
-tallocate a TTY for the container
容器內curl命令無響應,暫時不知道為什麼...
在容器外部訪問nginx主頁面:
[root@localhost cni]# curl http://10.88.0.2:80
<!DOCTYPE html>
<!--...-->
<p><em>Thank you for using nginx.</em></p>
</body>
</html>
Clean up
停止容器內Task
[root@localhost cni]# ctr task list
TASK PID STATUS
nginx 29783 RUNNING
[root@localhost cni]# ctr task kill nginx
[root@localhost cni]# ctr container del nginx
[root@localhost cni]# ctr task list
TASK PID STATUS
刪除network名稱空間及cni生成的檔案:
[root@localhost cni]# cnitool del nginx /var/run/netns/nginx
[root@localhost cni]# ip netns del nginx
[root@localhost cni]# rm -rf /var/lib/cni/