这里安装需要最基础的Linux知识,比如vi编辑器的使用,和常见的命令
目录
用yum命令安装
[root@openeuler ~]# yum install -y iSulad
用systemctl start命令启动
[root@openeuler ~]# systemctl start isulad
查看状态
[root@openeuler ~]# systemctl status isulad
● isulad.service - iSulad Application Container Engine
Loaded: loaded (/usr/lib/systemd/system/isulad.service; enabled; vendor preset: disabled)
Active: active (running) since Mon 2020-09-14 15:53:43 CST; 4h 35min ago
Main PID: 1248 (isulad)
Tasks: 25
Memory: 88.3M
CGroup: /system.slice/isulad.service
├─1248 /usr/bin/isulad
└─1315 isulad-img ......
按‘q’或‘Q’键退出信息显示。
[root@openeuler ~]# isula version
Client:
Version: 2.0.0
Git commit: 5bf7c66ad4f7095156e87ca455da016f57c3e60f
Built: 2020-03-23T21:35:55.821352180+00:00
Server:
Version: 2.0.0
Git commit: 5bf7c66ad4f7095156e87ca455da016f57c3e60f
Built: 2020-03-23T21:35:55.821352180+00:00
OCI config:
Version: 1.0.1
Default file: /etc/default/isulad/config.json
[root@openeuler ~]# isula --help
安装JSON格式数据处理工具
[root@openeuler ~]# yum install -y jq
修改isulad的配置文件
[root@openeuler ~]# mkdir iSula && cd iSula
[root@openeuler iSula]# cp /etc/isulad/daemon.json /etc/isulad/daemon.json.origin
[root@openeuler iSula]# vi /etc/isulad/daemon.json #在此处修改
{
"group": "isulad",
"default-runtime": "lcr",
"graph": "/var/lib/isulad",
"state": "/var/run/isulad",
"engine": "lcr",
"log-level": "ERROR",
"pidfile": "/var/run/isulad.pid",
"log-opts": {
"log-file-mode": "0600",
"log-path": "/var/lib/isulad",
"max-file": "1",
"max-size": "30KB"
},
"log-driver": "stdout",
"hook-spec": "/etc/default/isulad/hooks/default.json",
"start-timeout": "2m",
"storage-driver": "overlay2",
"storage-opts": [
"overlay2.override_kernel_check=true"
],
"registry-mirrors": [
"hub.oepkgs.net"
],
"insecure-registries": [
],
"pod-sandbox-image": "",
"image-opt-timeout": "5m",
"image-server-sock-addr": "unix:///var/run/isulad/isula_image.sock",
"native.umask": "secure",
"network-plugin": "",
"cni-bin-dir": "",
"cni-conf-dir": "",
"image-layer-check": false,
"use-decrypted-key": true,
"insecure-skip-verify-enforce": false
}
在上述文件中,我们设"registry-mirrors"的值为"hub.oepkgs.net"。(hub.oepkgs.net为openEuler社区与中科院软件所共建的、开源免费的容器镜像仓库)
[root@openeuler iSula]# cat /etc/isulad/daemon.json
检查配置文件合法性:如果配置文件的内容能正确显示出来,即表示其格式合法。
[root@openeuler iSula]# cat /etc/isulad/daemon.json | jq
重启isulad服务
[root@openeuler iSula]# systemctl restart isulad
用isula run命令直接运行
[root@openeuler iSula]# isula run busybox echo "hello world"
Unable to find image 'busybox' locally
Image "busybox" pulling
Image "219ee5171f8006d1462fa76c12b9b01ab672dbc8b283f186841bf2c3ca8e3c93" pulled
hello world
由于这是第一次运行,所以会拉取busybox的镜像,然后会运行它的一个实例,并且调用echo命令打印hello world字符串。(按:由于oepkgs目前只有x86的busybox镜像,在鲲鹏平台上运行这一步会提示错误,请忽略这一步。)
查看其镜像:
[root@openeuler iSula]# isula images
REPOSITORY TAG IMAGE ID CREATED SIZE
busybox latest 219ee5171f80 2020-12-04 06:19:53 1.385 MB
以上输出表明这一阶段的安装成功了,下面继续验证其他的一些命令。
创建容器并启动
创建容器:
[root@openeuler iSula]# isula create -it openeuler/openeuler:20.09
Unable to find image 'openeuler/openeuler:20.09' locally
Image "openeuler/openeuler:20.09" pulling
Image "8c788f4bfb7290e434b2384340a5f9811db6ed302f9247c5fc095d6ec4fc8f32" pulled
e91e5359be653f534312bc2b4703dcc6c4ca0436ac7819e09e1ff0e75ee1d733
由于没有运行容器,所以利用isula ps命令无法找到刚刚创建的容器:
[root@openeuler iSula]# isula ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
可以使用isula pa –a命令可以找到刚刚创建的容器:
[root@ecs-cdf3 ~]# isula ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
e91e5359be65 openeuler/openeuler:20.09 "/bin/bash" 8 seconds ago Created e91e5359be653f534312bc2b4703dcc6c4ca0436ac7819e09e1ff0e75ee1d733
启动容器:
[root@openeuler iSula]# isula start e91e5359be65
由于已经运行容器,可以利用isula ps命令查找运行中的容器
[root@openeuler iSula]# isula ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
e91e5359be65 openeuler/openeuler:20.09 "/bin/bash" 30 seconds ago Up 4 seconds e91e5359be653f534312bc2b4703dcc6c4ca0436ac7819e09e1ff0e75ee1d733
执行命令输出容器系统版本信息:
[root@ecs-cdf3 ~]# isula exec e91e5359be65 cat /etc/os-release
NAME="openEuler"
VERSION="20.09"
ID="openEuler"
VERSION_ID="20.09"
PRETTY_NAME="openEuler 20.09"
ANSI_COLOR="0;31"
可以看到我们在openeuler 20.03系统上成功运行openeuler 20.09系统容器。
直接运行
[root@openeuler iSula]# isula run openeuler/openeuler:20.09 cat /etc/os-release
NAME="openEuler"
VERSION="20.09"
ID="openEuler"
VERSION_ID="20.09"
PRETTY_NAME="openEuler 20.09"
ANSI_COLOR="0;31"
同样我们可以看到和步骤一相同的输出。
交互式运行
[root@openeuler iSula]# isula run -it openeuler/openeuler:20.09
Welcome to 4.19.90-2003.4.0.0036.oe1.x86_64
System information as of time: Wed 27 Jan 2021 11:13:26 AM CST
System load: 0.02
Processes: 5
Memory used: 6.9%
Swap used: 0.0%
Usage On: 9%
Users online: 0
[root@localhost /]# ls
bin dev etc home lib lib64 media mnt opt proc root run sbin srv sys tmp usr var
[root@localhost /]# uname -a
Linux localhost 4.19.90-2003.4.0.0036.oe1.aarch64 #1 SMP Mon Mar 23 19:06:43 UTC 2020 aarch64 GNU/Linux
[root@localhost /]# ifconfig
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[root@localhost /]# cat /etc/os-release
NAME="openEuler"
VERSION="20.09"
ID="openEuler"
VERSION_ID="20.09"
PRETTY_NAME="openEuler 20.09"
ANSI_COLOR="0;31"
[root@localhost /]# exit
exit
暂停/恢复一个容器
[root@openeuler iSula]# isula pause e91e5359be65
e91e5359be65
[root@openeuler iSula]# isula unpause e91e5359be65
e91e5359be65
先停止,再删除一个容器
[root@openeuler iSula]# isula stop e91e5359be65
e91e5359be65
[root@openeuler iSula]# isula rm e91e5359be65
e91e5359be653f534312bc2b4703dcc6c4ca0436ac7819e09e1ff0e75ee1d733
查看正在运行着的容器
[root@openeuler iSula]# isula ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
6c1d81467d33 openeuler/openeuler:20.09 "/bin/bash" 37 minutes ago Up 37 minutes 6c1d81467d3367a90dd6e388a16c80411d4ba76316d86b6f56463699306e1394
强制删除运行中的容器
[root@openeuler iSula]# isula rm -f 6c1d81467d33
6c1d81467d3367a90dd6e388a16c80411d4ba76316d86b6f56463699306e1394
查看所有容器(包含运行中的容器
[root@openeuler iSula]# isula ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
bb85ce20525d openeuler/openeuler:20.09 "/bin/bash" 57 seconds ago Up 57 seconds bb85ce20525db387c81c94e7a0865fccbf868a35ca4ba0dd077c0bba4a9c379a
3139ce089c56 openeuler/openeuler:20.09 "/bin/bash" 4 seconds ago Created 3139ce089c56567ba877f11cba3dbb9dbdcd68cf4cdc4ded701451a23a4cc38e
先将关联到镜像的容器销毁
[root@openeuler iSula]# isula rm -f bb85ce20525d 3139ce089c56
bb85ce20525db387c81c94e7a0865fccbf868a35ca4ba0dd077c0bba4a9c379a
3139ce089c56567ba877f11cba3dbb9dbdcd68cf4cdc4ded701451a23a4cc38e
然后删除镜像
[root@openeuler iSula]# isula rmi openeuler/openeuler:20.09
Image " openeuler/openeuler:20.09" removed
如果这一步骤失败,请先将所有容器删除后再运行此命令。
目前为止,我们使用的容器镜像都是从hub.oepkgs.net下载的已经构建好的容器镜像,下面我们尝试使用iSula提供的容器镜像构建工具isula-build,构建自己的容器镜像并运行。
检查yum源
[root@openeuler iSula]# tail /etc/yum.repos.d/openEuler_aarch64.repo
[update]
name=update
baseurl=http://repo.openeuler.org/openEuler-20.03-LTS/update/$basearch/
enabled=0
gpgcheck=1
gpgkey=http://repo.openeuler.org/openEuler-20.03-LTS/OS/$basearch/RPM-GPG-KEY-openEuler
用vi编辑器将文件中[update]节的enable=0改为enable=1并保存,这里不做赘述。
[root@openeuler ~]# yum repolist | grep update
update update
从输出中可以看到update赫然纸上。
用yum命令安装isula-build
[root@openeuler iSula]# yum install -y isula-build
安装docker-runc
[root@openeuler iSula]# yum install -y docker-runc
用systemctl start命令启动
[root@openeuler iSula]# systemctl start isula-build
查看版本
[root@openeuler iSula]# isula-build version
Client:
Version: 0.9.2
Go Version: go1.13.3
Git Commit: a96cf18
Built: Thu Aug 25 01:08:45 2020
OS/Arch: linux/arm64
Server:
Version: 0.9.2
Go Version: go1.13.3
Git Commit: a96cf18
Built: Thu Aug 25 01:08:45 2020
OS/Arch: linux/arm64
修改配置
[root@openeuler iSula]# vi /etc/isula-build/registries.toml
将hub.oepkgs.net加入到isula-build可搜索的镜像仓库列表里:
vi /etc/isula-build/registries.toml
……
[registries.search]
registries = ["hub.oepkgs.net"]
……
当然,如果有不同的镜像仓库也可以配置不同的镜像仓库。
重启isula-build服务:
[root@openeuler iSula]# systemctl restart isula-build
查看配置:
[root@openeuler iSula]# isula-build info -H
General:
MemTotal: 3.6 GB
MemFree: 1.33 GB
SwapTotal: 0 B
SwapFree: 0 B
OCI Runtime: runc
DataRoot: /var/lib/isula-build/
RunRoot: /var/run/isula-build/
Builders: 0
Goroutines: 11
Store:
Storage Driver: overlay
Backing Filesystem: extfs
Registry:
Search Registries:
hub.oepkgs.net
Insecure Registries:
在Search Registries 配置项里看到”hub.oepkgs.net”赫然纸上。
至此,isula-build安装完成。
创建Dockerfile
创建 “Dockerfile”的文件:
[root@openeuler iSula]# mkdir –p /home/test/ && cd /home/test/
[root@openeuler test]# vi Dockerfile #在此编辑文件内容
FROM openeuler/openeuler:20.09
COPY hello.sh /usr/bin/
CMD ["sh", "-c", "/usr/bin/hello.sh"]
[root@openeuler iSula]# cat Dockerfile
这里我们是在在/home/test目录下创建Dockerfile文件的。
编辑Dockerfile中出现的hello.sh脚本,它将被加到原有的openeuler:20.09镜像中以构建出我们自己的镜像:
[root@openeuler test]# vi hello.sh #在此编辑文件
[root@openeuler test]# cat hello.sh
#!/bin/sh
echo "hello, isula-build!"
修改文件属性:
[root@openeuler test]# chmod +x hello.sh
验证:
[root@openeuler test]# ls -l
total 8
-rw------- 1 root root 91 Jan 27 15:09 Dockerfile
-rwx------ 1 root root 37 Jan 27 15:10 hello.sh
以上即是我们刚刚创建的2个文件。
构建容器镜像
用isula-build构建我们自己的容器镜像并导入到isulad,镜像命名为hello-isula-build:v0.1:
[root@openeuler test]# isula-build ctr-img build -f ./Dockerfile -o isulad:hello-isula-build:v0.1
STEP 1: FROM openeuler/openeuler:20.09
STEP 2: COPY hello.sh /usr/bin/
STEP 3: CMD ["sh", "-c", "/usr/bin/hello.sh"]
…
Build success with image id: 093721586033ee24966cea91d8276b1cd1cf07240fd770a702e6d2d77577cb7f
查询构建出来的容器镜像
[root@openeuler test]# isula-build ctr-img images
[root@openeuler test]# isula-build ctr-img images
------------------------------------------------ ------------- ------------------ ------------------------------- -----------
REPOSITORY TAG IMAGE ID CREATED SIZE
------------------------------------------------ ------------- ------------------ ------------------------------- -----------
hello-isula-build v0.1 093721586033 2021-01-27 07:09:23 550 MB
hub.oepkgs.net/openeuler/openeuler 20.09 8c788f4bfb72 2020-09-28 04:27:37 550 MB
------------------------------------------------ ------------- ------------------ ------------------------------ ------------
[root@openeuler test]# isula images
REPOSITORY TAG IMAGE ID CREATED SIZE
hello-isula-build v0.1 093721586033 2020-01-27 15:09:23 524.466 MB
可以看到,isula-build ctr-img images可以查询到构建出来的容器镜像,同时,isula images命令也可以查询到从isula-build导入到isulad的容器镜像
启动容器
我们使用自己构建出来的容器镜像来启动容器,按照预期,容器进程会打印出“hello, isula-build!”:
[root@openeuler test]# isula run hello-isula-build:v0.1
hello, isula-build!
在前述步骤中构建了自己的容器镜像hello-isula-build:v0.1,并将容器镜像导出到isulad启动容器。isula-build除了能将容器镜像导出到isulad之外,还可以:
可以通过isula-build的命令行帮助,查看这些导出方式:
[root@openeuler test]# isula-build ctr-img build --help
Build container images
Usage:
isula-build ctr-img build [FLAGS] PATH
Examples:
isula-build ctr-img build -f Dockerfile .
isula-build ctr-img build -f Dockerfile -o docker-archive:name.tar:image:tag .
isula-build ctr-img build -f Dockerfile -o docker-daemon:image:tag .
isula-build ctr-img build -f Dockerfile -o docker://registry.example.com/repository:tag .
isula-build ctr-img build -f Dockerfile -o isulad:image:tag .
isula-build ctr-img build -f Dockerfile --build-static='build-time=2020-06-30 15:05:05' .
可以按照命令行帮助信息中给出的详细示例进行练习。