katka-container搭建
kata-container架构
https://katacontainers.io/baidu //百度在kata的实践应用
https://github.com/kata-containers/kata-containers
https://github.com/kata-containers/runtime //kata-runtime
https://github.com/kata-containers/tests/tree/master/cmd/kata-manager //脚本一键安装
https://github.com/kata-containers/runtime#architecture-overview
https://github.com/kata-containers/documentation/tree/master/install //官方安装指南
kata插件替换runc接管容器声明周期
实验环境
vmware-workstation
centos7.6
online internet
虚机开启CPU虚拟化
docker部署
kata-container
https://github.com/kata-containers/tests/tree/master/cmd/kata-manager //官方地址
[root@c-3-104 ~]# chmod +x kata-manager.sh
[root@c-3-104 ~]# ./kata-manager.sh -h //kata-manager.sh 帮助命令
Usage: kata-manager.sh [options] [command]
Description: Install and configure Kata Containers.
Options:
-c <file> : Specify full path to configuration file
(default: '/etc/kata-containers/configuration.toml'). //安装后默认读取配置文件
-f : Force mode (for package removal).
-h : Display this help.
-n : No execute mode (a.k.a. dry run). Show the commands that kata-manager would run,
without doing any change to the system.
-v : Verbose output.
Commands:
configure-image : Configure the runtime to use the specified image.
configure-initrd : Configure the runtime to use the specified initial ramdisk.
disable-debug : Turn off all debug options.
enable-debug : Turn on all debug options for all system components.
install-docker : Only install and configure Docker. //docker
install-docker-system : Install and configure Docker (implies 'install-packages') and optionally specify Kata release. //docker+kata
install-packages : Install the packaged version of Kata Containers only and optionally specify release. //kata
remove-docker : Uninstall Docker only.
remove-docker-system : Uninstall Docker and Kata packages.
remove-packages : Uninstall the packaged version of Kata Containers.
reset-config : Undo changes to the runtime configuration [1].
[root@c-3-104 ~]# ./kata-manager.sh install-packages //联网下载安装对应的包,时间有点长
修改docker启动默认Runtime
[root@c-3-104 ~]# whereis kata-runtime //查找路径
kata-runtime: /usr/bin/kata-runtime
[root@c-3-104 ~]# mkdir -p /etc/systemd/system/docker.service.d/
[root@c-3-104 ~]# tee <<EOF >/etc/systemd/system/docker.service.d/kata-containers.conf
[Service]
ExecStart=
ExecStart=/usr/bin/dockerd -D --add-runtime kata-runtime=/usr/bin/kata-runtime --default-runtime=kata-runtime
EOF
[root@c-3-104 ~]# systemctl daemon-reload
[root@c-3-104 ~]# systemctl stop docker && systemctl start docker && docker info |grep Runtime
Runtimes: runc kata-runtime
Default Runtime: kata-runtime
[root@c-3-104 ~]# docker run --rm -it alpine sh
Unable to find image 'alpine:latest' locally
latest: Pulling from library/alpine
cbdbe7a5bc2a: Pull complete
Digest: sha256:9a839e63dad54c3a6d1834e29692c8492d93f90c59c978c1ed79109ea4fb9a54
Status: Downloaded newer image for alpine:latest
/ #
/ # ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq state UP qlen 1000
link/ether 02:42:ac:11:00:02 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.2/16 brd 172.17.255.255 scope global eth0
valid_lft forever preferred_lft forever
inet6 fe80::42:acff:fe11:2/64 scope link
valid_lft forever preferred_lft forever
/ # uname -r
5.4.32-62.1.container //容器内核qemu虚机引导的内核版本
有问题建议执行检查
Centos在线安装
https://github.com/kata-containers/documentation/blob/master/install/centos-installation-guide.md
http://download.opensuse.org/repositories/home:/katacontainers:/