containerd环境下build镜像
- 安装nerdctl
- 使用nerdctl打包docker镜像
- 下载安装 `buildkit`
- 编写systemd unit文件:
- 启用`buildkit.service`并设置开机自动运行
- 修改Dockerfile
- 构建镜像
- containerd配置代理
- containerd配置代理ansible剧本
安装nerdctl
https://blog.csdn.net/omaidb/article/details/128677718
使用nerdctl打包docker镜像
参考:
https://developer.aliyun.com/article/1094835
https://mp.weixin.qq.com/s/Bjn0s5qRh2H9I__mAYh4jg
下载安装 buildkit
nerdctl 也可以和 buildkit 结合使用来构建容器镜像,需要先下载 buildkit 的可执行文件:
# 下载buildkit
## -c 断点续传
## —P 下载到指定目录
wget -c -P /usr/local/src/ https://github.com/moby/buildkit/releases/download/v0.11.0/buildkit-v0.11.0.linux-amd64.tar.gz
# 创建buildkit对应目录
mkdir -p /usr/local/containerd/
# 解压buildkit到指定路径
## buildkit压缩包里有bin目录
tar -xvf buildkit-v0.11.0.linux-amd64.tar.gz -C /usr/local/containerd/
编写systemd unit文件:
# Debian系列服务文件路径 /etc/systemd/system/buildkit.service
# RHEL系列服务文件路径 /usr/lib/systemd/system/buildkit.service
[Unit]
Description=BuildKit
Documentation=https://github.com/moby/buildkit
[Service]
ExecStart=/usr/local/containerd/bin/buildkitd --oci-worker=false --containerd-worker=true
[Install]
WantedBy=multi-user.target
启用buildkit.service并设置开机自动运行
# 重载服务
systemctl daemon-reload
# 启用buildkit.service并设置开机自动运行:
systemctl enable --now buildkit.service
# 查看buildkit.service运行状态
systemctl status buildkit
修改Dockerfile
https://blog.csdn.net/omaidb/article/details/121434775
构建镜像
# 构建镜像
nerdctl build -t 构建目录
# 查看构建好的镜像
nerdctl images
containerd配置代理
老是替换源太麻烦了,直接上代理
https://segmentfault.com/a/1190000020363043
# 创建/etc/systemd/system/containerd.service.d目录
mkdir /etc/systemd/system/containerd.service.d
# 配置代理
cat > /etc/systemd/system/containerd.service.d/proxy.conf << EOF
> [Service]
> Environment="HTTP_PROXY=socks5://127.0.0.1:1080"
> Environment="HTTPS_PROXY=socks5://127.0.0.1:1080" "NO_PROXY=localhost,127.0.0.1,192.168.0.0/16,10.0.0.0/8,docker-registry.somecorporation.com,isdp30x2.mirror.aliyuncs.com,hub-mirror.c.163.com,mirror.baidubce.com"'
> EOF
# 重启containerd服务
systemctl daemon-reload
systemctl restart containerd
# 查看配置的代理
systemctl show --property=Environment containerd.service
containerd配置代理ansible剧本
---
- hosts: all
tasks:
- name: 创建containerd.service.d目录
file:
path: /etc/systemd/system/containerd.service.d
state: directory
- name: 创建proxy.conf文件
file:
path: /etc/systemd/system/containerd.service.d/proxy.conf
state: touch
- name: 为http_proxy.conf文件添加配置信息
copy:
content: |
[Service]
Environment="HTTP_PROXY=socks5://127.0.0.1:1080"
Environment="HTTPS_PROXY=socks5://127.0.0.1:1080" "NO_PROXY=localhost,127.0.0.1,docker-registry.somecorporation.com,isdp30x2.mirror.aliyuncs.com,hub-mirror.c.163.com,mirror.baidubce.com"
dest: /etc/systemd/system/containerd.service.d/proxy.conf
notify: 重启containerd服务
handlers:
- name: 重启containerd服务
systemd:
state: restarted
daemon_reload: yes
name: containerd
