Docker 是一個開源的應(yīng)用容器引擎，讓開發(fā)者可以打包他們的應(yīng)用以及依賴包到一個可移植的鏡像中，然后發(fā)布到任何流行的 Linux或Windows 機(jī)器上，相信大部分人都用過或者聽說過，隨著技術(shù)的發(fā)展，后起的新秀containerd正在逐漸取代docker的位置。

containerd的由來

containerd是CNCF(云原生基金會)中的一個重要項(xiàng)目，是一個中立的“工業(yè)標(biāo)準(zhǔn)容器運(yùn)行時(shí)”, 它來源于CNCF與docker公司的相愛相殺(具體可自行百度)，containerd原先是docker中的核心依賴，但比較簡單，并不能直接提供給終端用戶直接使用，后來docker公司將其捐贈給了CNCF，在CNCF大佬們的完善下，containerd逐漸成為了一個成熟的容器運(yùn)行時(shí)服務(wù)，擁有和docker一樣的容器管理能力，

docker，containerd，runc的關(guān)系

相信大家可能或多或少都聽過這幾個概念，簡單介紹一下
docker: 或者應(yīng)該叫docker deamon，集容器管理與編排于一身的容器引擎，其中容器管理能力就是依賴于containerd，容器編排能力是集成了docker swarm
containerd: 是一個標(biāo)準(zhǔn)的容器運(yùn)行時(shí)，提供標(biāo)準(zhǔn)rpc接口對容器進(jìn)行管理， 可以對接各種容器相關(guān)系統(tǒng)
runc: 由libcontainer(舊版docker中管理容器的庫)演變而來，實(shí)現(xiàn)了開放容器接口(OCI)， 是一個命令行工具，直接與cgroup或linux內(nèi)核交互, 進(jìn)行容器的創(chuàng)建刪除等操作

他們的調(diào)用關(guān)系如下:
docker cli -> docker daemon -> containerd -> runc

nerdctl介紹

containerd雖然可直接提供給終端用戶直接使用，也提供了命令行工具(ctr)，但并不是很友好，所以nerdctl應(yīng)運(yùn)而生，它也是containerd的命令行工具，支持docker cli關(guān)于容器生命周期管理的所有命令，并且支持docker compose (nerdctl compose up)

二進(jìn)制方式安裝

下載地址: https://github.com/containerd/nerdctl/releases

• 精簡 (nerdctl-0.8.2-linux-amd64.tar.gz): 只包含nerdctl
• 完整 (nerdctl-full-0.8.2-linux-amd64.tar.gz): 包含 containerd, runc, and CNI等依賴

下載

 wget https://github.com/containerd/nerdctl/releases/download/v0.8.2/nerdctl-full-0.8.2-linux-amd64.tar.gz

解壓到/usr/local下(最好解壓到此目錄，否則就需要更改lib/systemd/system/containerd.service中的二進(jìn)制路徑)

tar Cxzvvf /usr/local nerdctl-full-0.8.2-linux-amd64.tar.gz

查看

# ls /usr/local/bin/
buildctl   containerd                      containerd-rootless-setuptool.sh  containerd-shim-runc-v2  containerd-stress  ctr      ctr-remote      nerdctl      rootlesskit  slirp4netns
buildkitd  containerd-fuse-overlayfs-grpc  containerd-rootless.sh            containerd-stargz-grpc   ctd-decoder        ctr-enc  fuse-overlayfs  rootlessctl  runc         stargz-store

確保/usr/local/bin在環(huán)境變量PATH中（默認(rèn)是在的），就可以直接使用nerdctl命令了

# nerdctl --help
NAME:
   nerdctl - Docker-compatible CLI for containerd

USAGE:
   nerdctl [global options] command [command options] [arguments...]

VERSION:
   0.8.2.m

COMMANDS:
   run         Run a command in a new container
   exec        Run a command in a running container
   ps          List containers
   logs        Fetch the logs of a container. Currently, only containers created with `nerdctl run -d` are supported.
   port        List port mappings or a specific mapping for the container
   stop        Stop one or more running containers
   start       Start one or more running containers
   kill        Kill one or more running containers
   rm          Remove one or more containers
   pause       Pause all processes within one or more containers
   unpause     Unpause all processes within one or more containers
   commit      [flags] CONTAINER REPOSITORY[:TAG]
   wait        Block until one or more containers stop, then print their exit codes.
   build       Build an image from a Dockerfile. Needs buildkitd to be running.
   images      List images
   pull        Pull an image from a registry
   push        Push an image or a repository to a registry
   load        Load an image from a tar archive or STDIN
   save        Save one or more images to a tar archive (streamed to STDOUT by default)
   tag         Create a tag TARGET_IMAGE that refers to SOURCE_IMAGE
   rmi         Remove one or more images
   events      Get real time events from the server
   info        Display system-wide information
   version     Show the nerdctl version information
   inspect     Return low-level information on objects. Currently, only supports container objects.
   login       Log in to a Docker registry
   logout      Log out from a Docker registry
   compose     Compose
   completion  Show shell completion
   help, h     Shows a list of commands or help for one command
   Management:
     container  Manage containers
     image      Manage images
     network    Manage networks
     volume     Manage volumes
     system     Manage containerd
     namespace  Manage containerd namespaces

啟動containerd

systemctl start containerd
# systemctl status containerd
● containerd.service - containerd container runtime
   Loaded: loaded (/usr/local/lib/systemd/system/containerd.service; disabled; vendor preset: disabled)
   Active: active (running) since Tue 2021-05-25 22:51:34 CST; 4s ago
     Docs: https://containerd.io
  Process: 1745 ExecStartPre=/sbin/modprobe overlay (code=exited, status=0/SUCCESS)
 Main PID: 1748 (containerd)
    Tasks: 7
   Memory: 20.7M
   CGroup: /system.slice/containerd.service
           └─1748 /usr/local/bin/containerd

設(shè)置開機(jī)啟動

systemctl enable containerd

使用

下載nginx鏡像

nerdctl pull nginx:alpine

運(yùn)行nginx鏡像

# nerdctl run -d --name nginx -p 80:80 nginx:alpine
# nerdctl ps
CONTAINER ID    IMAGE                             COMMAND                   CREATED               STATUS    PORTS                 NAMES
0857f7aed52a    docker.io/library/nginx:alpine    "/docker-entrypoint.…"    About a minute ago    Up        0.0.0.0:80->80/tcp    nginx

訪問瀏覽器: http://[服務(wù)器ip]:80 端口可看到nginx頁面

如果nerdctl不習(xí)慣，可以設(shè)置別名為docker

# alias docker=nerdctl
# docker ps
CONTAINER ID    IMAGE                             COMMAND                   CREATED          STATUS    PORTS                 NAMES
0857f7aed52a    docker.io/library/nginx:alpine    "/docker-entrypoint.…"    3 minutes ago    Up        0.0.0.0:80->80/tcp    nginx
[root@localhost ~]# 

docker compose支持

先刪掉之前的容器

nerdctl rm -f nginx

準(zhǔn)備docker compose的定義文件

# cat docker-compose.yml 
version: "3.5"
services:
  nginx:
    image: nginx:alpine
    deploy:
      replicas: 1
      restart_policy:
        condition: on-failure
    ports:
       - "80:80"

啟動

nerdctl compose up -d  
# nerdctl ps
CONTAINER ID    IMAGE                             COMMAND                   CREATED          STATUS    PORTS                 NAMES
fb12aff45422    docker.io/library/nginx:alpine    "/docker-entrypoint.…"    8 seconds ago    Up        0.0.0.0:80->80/tcp    test_nginx_1