Kubernetes之crictl命令管理

1.介绍

crictl 是Kubelet容器接口(CRI)的CLI和验证工具。可以使用它来检查和调试 Kubernetes 节点上的容器运行时和应用程序。 crictl 和它的源代码在 cri-tools 代码库。

  • 它不会负责以下内容:

  • 基于CRI构建新的kubelet容器运行时;

  • 由终端用户管理CRI兼容运行时的pod/container,例如crictl创建的pod可能会被kubelet自动删除,因为在kube-apiserver上不存在。

  • 版本兼容

2. 安装 crictl

下载指定版本:https://github.com/kubernetes-sigs/cri-tools/releases

bash 复制代码
VERSION="v1.28.0"
wget https://github.com/kubernetes-sigs/cri-tools/releases/download/$VERSION/crictl-$VERSION-linux-amd64.tar.gz
sudo tar zxvf crictl-$VERSION-linux-amd64.tar.gz -C /usr/local/bin
rm -f crictl-$VERSION-linux-amd64.tar.gz

3. 配置

crictl 命令有几个子命令和运行时参数。 有关详细信息,请使用 crictl help 或 crictl help 获取帮助信息。

crictl 默认连接到 unix:///var/run/dockershim.sock。 对于其他的运行时,你可以用多种不同的方法设置端点:

通过设置参数 --runtime-endpoint 和 --image-endpoint

通过设置环境变量 CONTAINER_RUNTIME_ENDPOINT 和 IMAGE_SERVICE_ENDPOINT

通过在配置文件中设置端点 --config=/etc/crictl.yaml

你还可以在连接到服务器并启用或禁用调试时指定超时值,方法是在配置文件中指定 timeout 或 debug 值,或者使用 --timeout 和 --debug 命令行参数。

要查看或编辑当前配置,请查看或编辑 /etc/crictl.yaml 的内容。

bash 复制代码
cat /etc/crictl.yaml
runtime-endpoint: unix:///var/run/dockershim.sock
image-endpoint: unix:///var/run/dockershim.sock
timeout: 10
debug: true

4.命令

bash 复制代码
crictl [global options] command [command options] [arguments...]

COMMANDS:

attach: Attach to a running container

create: Create a new container

exec: Run a command in a running container

version: Display runtime version information

images, image, img: List images

inspect: Display the status of one or more containers

inspecti: Return the status of one or more images

imagefsinfo: Return image filesystem info

inspectp: Display the status of one or more pods

logs: Fetch the logs of a container

port-forward: Forward local port to a pod

ps: List containers

pull: Pull an image from a registry

run: Run a new container inside a sandbox

runp: Run a new pod

rm: Remove one or more containers

rmi: Remove one or more images

rmp: Remove one or more pods

pods: List pods

start: Start one or more created containers

info: Display information of the container runtime

stop: Stop one or more running containers

stopp: Stop one or more running pods

update: Update one or more running containers

config: Get and set crictl client configuration options

stats: List container(s) resource usage statistics

statsp: List pod(s) resource usage statistics

completion: Output bash shell completion code

checkpoint: Checkpoint one or more running containers

events, event: Stream the events of containers

help, h: Shows a list of commands or help for one command

crictl by default connects on Unix to:

unix:///var/run/dockershim.sock or

unix:///run/containerd/containerd.sock or unix:///run/crio/crio.sock

or unix:///var/run/cri-dockerd.sock or on Windows to:

npipe:./pipe/dockershim or npipe:./pipe/containerd-containerd or

npipe:./pipe/cri-dockerd For other runtimes, use:

frakti: unix:///var/run/frakti.sock The endpoint can be set in three

ways:

By setting global option flags --runtime-endpoint (-r) and

--image-endpoint (-i) By setting environment variables CONTAINER_RUNTIME_ENDPOINT and IMAGE_SERVICE_ENDPOINT By setting the

endpoint in the config file --config=/etc/crictl.yaml If the endpoint

is not set then it works as follows:

If the runtime endpoint is not set, crictl will by default try to

connect using: dockershim containerd cri-o cri-dockerd If the image

endpoint is not set, crictl will by default use the runtime endpoint

setting Note: The default endpoints are now deprecated and the runtime

endpoint should always be set instead. The performance maybe affected

as each default connection attempt takes n-seconds to complete before

timing out and going to the next in sequence.

5.使用(部分命令)

bash 复制代码
crictl pods #查看pods
bash 复制代码
crictl pull 镜像名 #拉取镜像
crictl images  #查看镜像
crictl ps -a #查看所有容器
crictl exec -i -t #进入容器
crictl start #启动容器
相关推荐
蜜獾云8 分钟前
docker 安装雷池WAF防火墙 守护Web服务器
linux·运维·服务器·网络·网络安全·docker·容器
年薪丰厚1 小时前
如何在K8S集群中查看和操作Pod内的文件?
docker·云原生·容器·kubernetes·k8s·container
zhangj11251 小时前
K8S Ingress 服务配置步骤说明
云原生·容器·kubernetes
岁月变迁呀1 小时前
kubeadm搭建k8s集群
云原生·容器·kubernetes
墨水\\1 小时前
二进制部署k8s
云原生·容器·kubernetes
Source、1 小时前
k8s-metrics-server
云原生·容器·kubernetes
上海运维Q先生1 小时前
面试题整理15----K8s常见的网络插件有哪些
运维·网络·kubernetes
颜淡慕潇1 小时前
【K8S问题系列 |19 】如何解决 Pod 无法挂载 PVC问题
后端·云原生·容器·kubernetes
ProtonBase2 小时前
如何从 0 到 1 ,打造全新一代分布式数据架构
java·网络·数据库·数据仓库·分布式·云原生·架构
大熊程序猿4 小时前
K8s证书过期
云原生·容器·kubernetes