#!/bin/bash
set -euo pipefail
检查是否以root权限运行
if [ "$(id -u)" -ne 0 ]; then
echo "错误:请使用root权限或sudo运行本脚本" >&2
exit 1
fi
检测openEuler系统(兼容大小写)
detect_distribution() {
if [ -f /etc/os-release ]; then
. /etc/os-release
匹配ID为openEuler(兼容大小写,如"openEuler"或"openeuler")
if [[ "ID" =\~ \^\[Oo\]pen\[Ee\]uler ]]; then
echo "openeuler"
else
echo "unsupported"
fi
else
echo "unsupported"
fi
}
DISTRO=$(detect_distribution)
if [[ "$DISTRO" != "openeuler" ]]; then
echo "错误:本脚本仅适用于openEuler系统" >&2
exit 1
fi
安装前置依赖(openEuler 25.03使用dnf)
install_dependencies() {
dnf update -y
dnf install -y \
curl \
gnupg \
ca-certificates \
jq \
tar \
gzip \
device-mapper-persistent-data \
lvm2 # 容器存储依赖
}
安装containerd(使用openEuler官方仓库)
install_containerd() {
安装最新稳定版containerd
dnf install -y containerd
优化containerd配置(适配openEuler 25.03的systemd和cgroupv2)
sed -i '/SystemdCgroup =/c\SystemdCgroup = true' /etc/containerd/config.toml
sed -i 's/cri\.containerd\.runtime\.v1\.linux/cri.containerd.untrusted-workload.v1.linux/g' /etc/containerd/config.toml # 启用非信任工作负载支持
重启并启用服务
systemctl daemon-reload
systemctl restart containerd
systemctl enable containerd
}
安装最新版nerdctl(适配openEuler架构)
install_nerdctl() {
获取最新稳定版(排除预发布)
LATEST_NERDCTL=$(curl -s https://api.github.com/repos/containerd/nerdctl/releases/latest | jq -r '.tag_name')
if [[ -z "LATEST_NERDCTL" \|\| "LATEST_NERDCTL" == "null" ]]; then
echo "获取nerdctl最新版本失败,可能是网络问题" >&2
exit 1
fi
识别架构(支持x86_64/aarch64)
ARCH=(case (uname -m) in
x86_64) echo "amd64" ;;
aarch64) echo "arm64" ;;
*) echo "unsupported"; exit 1 ;;
esac)
下载并安装
curl -fsSL "https://github.com/containerd/nerdctl/releases/download/${LATEST_NERDCTL}/nerdctl-${LATEST_NERDCTL#v}-linux-${ARCH}.tar.gz" \
| tar -xz -C /usr/local/bin
验证安装
if ! command -v nerdctl &> /dev/null; then
echo "nerdctl安装失败" >&2
exit 1
fi
}
安装buildkit并配置systemd服务(适配openEuler)
install_buildkit() {
获取最新稳定版
LATEST_BUILDKIT=$(curl -s https://api.github.com/repos/moby/buildkit/releases/latest | jq -r '.tag_name')
if [[ -z "LATEST_BUILDKIT" \|\| "LATEST_BUILDKIT" == "null" ]]; then
echo "获取buildkit最新版本失败,可能是网络问题" >&2
exit 1
fi
识别架构
ARCH=(case (uname -m) in
x86_64) echo "amd64" ;;
aarch64) echo "arm64" ;;
*) echo "unsupported"; exit 1 ;;
esac)
下载并安装
| tar -xz -C /usr/local
创建buildkitd服务文件(优化openEuler集成)
cat > /etc/systemd/system/buildkitd.service <<EOF
Unit
Description=BuildKit Daemon for openEuler 25.03
Documentation=https://github.com/moby/buildkit
After=network.target containerd.service
Requires=containerd.service
Service
Type=simple
ExecStart=/usr/local/bin/buildkitd \
--oci-worker=true \
--containerd-worker=true \
--containerd-worker-namespace=k8s.io \
--addr=unix:///run/buildkit/buildkitd.sock \
--oci-worker-snapshotter=overlayfs
Restart=on-failure
RestartSec=5
LimitNOFILE=1048576
Environment="PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
Install
WantedBy=multi-user.target
EOF
启动服务并配置开机自启
systemctl daemon-reload
systemctl start buildkitd
systemctl enable buildkitd
}
主执行流程
echo "=== 检测到openEuler 25.03系统,开始安装 ==="
echo "=== 1/4 安装前置依赖 ==="
install_dependencies
echo "=== 2/4 安装并配置containerd ==="
install_containerd
echo "=== 3/4 安装最新版nerdctl ==="
install_nerdctl
echo "=== 4/4 安装并配置buildkit ==="
install_buildkit
echo "=== 安装验证 ==="
echo "nerdctl版本: $(nerdctl --version)"
echo "buildkitd状态: $(systemctl is-active buildkitd)"
echo "containerd状态: $(systemctl is-active containerd)"
echo "安装完成!nerdctl和buildkit已配置为开机启动"
安装nerdctl和buildkitd脚本命令
青春不流名2025-05-18 13:54
相关推荐
bestcxx8 小时前
(二十六)、Kuboard 部署网络问题 &k8s 使用本地镜像 & k8s使用 register本地镜像站 综合应用Lin_Aries_042112 小时前
容器化 Flask 应用程序Lin_Aries_042114 小时前
通过配置 GitLab 自动触发项目自动化构建与部署尘埃不入你眼眸14 小时前
Docker操作命令liweiweili12619 小时前
K8S中关于容器对外提供服务网络类型云游19 小时前
Zabbix7.4.8(三):通过Zabbix agent 2监控Docker相关指标Lin_Aries_042119 小时前
使用 Jenkins 的流水线项目实施 CI/CD走上未曾设想的道路1 天前
k8s集群与gitlab registry连接^Lim1 天前
Docker搭建ESPIDF环境,程序下载虚伪的空想家1 天前
K8S部署的ELK分片问题解决,报错:unexpected error while indexing monitoring document