add nerdctl install updata

2024-11-12 14:14:28 +08:00
parent b00f025742
commit 94574632c2
4 changed files with 136 additions and 192 deletions
--- a/nerdctl/install_nerdctl_full_alluser.sh
+++ b/nerdctl/install_nerdctl_full_alluser.sh
@@ -1,6 +1,6 @@
 #!/bin/bash

-VERSION="2.0.0"
+VERSION="1.7.6"
 FILENAME="nerdctl-full-${VERSION}-linux-amd64.tar.gz"
 # https://github.com/containerd/nerdctl/releases/download/v2.0.0/nerdctl-full-2.0.0-linux-amd64.tar.gz
 DOWNLOAD_URL="https://ghproxy.dockless.eu.org/https://github.com/containerd/nerdctl/releases/download/v${VERSION}/${FILENAME}"
@@ -17,27 +17,26 @@ install_nerdctl() {
    sudo apt-get update
    sudo apt-get install -y wget tar jq curl gnupg lsb-release uidmap

-    echo "下载 nerdctl-full..."
-    wget ${DOWNLOAD_URL}
+    # 检查文件是否已经下载
+    if [ -f "${FILENAME}" ]; then
+        echo "${FILENAME} 已存在，跳过下载。"
+    else
+        echo "下载 nerdctl-full..."
+        wget ${DOWNLOAD_URL}
+    fi

    echo "解压并移动到 /usr/local..."
    sudo tar -C /usr/local -xzf ${FILENAME}

-    echo "启动并启用 containerd 服务..."
-    sudo systemctl enable --now containerd
-
-    echo "验证安装..."
-    nerdctl --version
-
    # echo "清理下载文件..."
    # rm ${FILENAME}

    echo "安装 nerdctl bash 自动补全..."
    sudo apt install bash-completion -y
-    nerdctl completion bash > /etc/bash_completion.d/nerdctl
-    nerdctl completion bash > /etc/bash_completion.d/docker
-    source /etc/bash_completion.d/nerdctl
-    source /etc/bash_completion.d/docker
+    sudo nerdctl completion bash | sudo tee /etc/bash_completion.d/nerdctl > /dev/null
+    sudo nerdctl completion bash | sudo tee /etc/bash_completion.d/docker > /dev/null
+    sudo bash -c "source /etc/bash_completion.d/nerdctl"
+    sudo bash -c "source /etc/bash_completion.d/docker"

    echo "创建 docker 兼容命令..."
    sudo tee /usr/local/bin/docker > /dev/null <<EOT
@@ -46,18 +45,76 @@ exec nerdctl "\$@"
 EOT
    sudo chmod +x /usr/local/bin/docker

-    echo "普通用户安装"
+    echo "for root 生成 nerdctl 默认配置文件..."
+sudo mkdir -p /etc/nerdctl
+sudo tee /etc/nerdctl/nerdctl.toml > /dev/null <<EOT
+debug = false
+address = "unix:///run/containerd/containerd.sock"
+namespace = "k8s.io"
+snapshotter = "overlayfs"
+cgroup_manager = "cgroupfs"
+hosts_dir = ["/etc/containerd/certs.d"]
+experimental = true
+EOT
+
+
+    echo "for 普通用户 安装 nerdctl"
    /usr/local/bin/containerd-rootless-setuptool.sh install
-    /usr/local/bin/containerd-rootless-setuptool.sh check
+
+    echo "for 普通用户 生成 nerdctl 默认配置文件..."
+mkdir -p ~/.config/nerdctl
+tee ~/.config/nerdctl/nerdctl.toml > /dev/null <<EOT
+debug = false
+address = "unix:///run/containerd/containerd.sock"
+namespace = "k8s.io"
+snapshotter = "overlayfs"
+cgroup_manager = "cgroupfs"
+hosts_dir = ["/etc/containerd/certs.d"]
+experimental = true
+EOT
+
+    echo "启动并启用 containerd 服务..."
+    sudo systemctl enable --now containerd
+
+    check_containerd_socket
+
+    echo "验证安装..."
    nerdctl --version

    echo "nerdctl-full 安装完成。"
 }

+check_containerd_socket() {
+    SOCKET_PATH="/run/containerd/containerd.sock"
+
+    if [ -S "$SOCKET_PATH" ]; then
+        echo "containerd 启动成功，套接字文件已存在：$SOCKET_PATH"
+    else
+        echo "containerd 未启动或套接字文件不存在，尝试启动 containerd..."
+        sudo systemctl restart containerd
+
+        # 再次检查套接字文件
+        if [ -S "$SOCKET_PATH" ]; then
+            echo "containerd 启动成功，套接字文件已创建：$SOCKET_PATH"
+        else
+            echo "containerd 启动失败，请检查服务状态。"
+        fi
+    fi
+}
+
+
 uninstall_nerdctl() {
    echo "停止 containerd 服务..."
    sudo systemctl disable --now containerd

+    # 移除 BuildKit、bypass4netnsd、fuse-overlayfs 和 stargz 插件的 systemd 单元文件
+    echo "卸载 BuildKit、bypass4netnsd、fuse-overlayfs 和 stargz 插件..."
+
+    /usr/local/bin/containerd-rootless-setuptool.sh uninstall-buildkit
+    /usr/local/bin/containerd-rootless-setuptool.sh uninstall-bypass4netnsd
+    /usr/local/bin/containerd-rootless-setuptool.sh uninstall-fuse-overlayfs
+    /usr/local/bin/containerd-rootless-setuptool.sh uninstall-stargz
+
    echo "删除 nerdctl 二进制文件..."
    sudo rm -rf /usr/local/bin/nerdctl
    sudo rm -rf /usr/local/libexec/cni
@@ -69,6 +126,7 @@ uninstall_nerdctl() {

    echo "删除相关文件和目录..."
    sudo rm -rf /etc/containerd
+    sudo rm -rf /data/containerd
    sudo rm -rf /var/lib/containerd
    sudo rm -rf /usr/local/libexec/cni

@@ -118,7 +176,6 @@ configure_containerd() {

    # 创建 /etc/containerd 目录并生成默认配置文件
    sudo mkdir -p /etc/containerd
-    # containerd config default > /etc/containerd/config.toml
    containerd config default | sudo tee /etc/containerd/config.toml

    # 使用 sed 命令在特定位置添加配置项
@@ -127,7 +184,12 @@ configure_containerd() {
    # 配置 NVIDIA runtime
    sudo nvidia-ctk runtime configure --runtime=containerd

+    # 配置镜像源
+    echo "配置镜像源....."
+    bash ./setup_containerd_mirror_addall.sh
+
    # 重启 containerd 服务
+    sudo systemctl daemon-reload
    sudo systemctl restart containerd
 }

@@ -144,65 +206,30 @@ start_containerd() {
 configure_buildkitd() {
    echo "配置 buildkitd 服务..."

-    # 创建 buildkitd 配置文件目录
-    sudo mkdir -p /etc/buildkit
-    # https://github.com/moby/buildkit/blob/master/docs/buildkitd.toml.md
-    sudo tee /etc/buildkit/buildkit.toml > /dev/null <<EOT
-[worker.oci]
-  enabled = false
+    /usr/local/bin/containerd-rootless-setuptool.sh check
+    /usr/local/bin/containerd-rootless-setuptool.sh install-buildkit
+    echo "buildkitd 服务 安装完成。"
+}

-[worker.containerd]
-  enabled = true
-  # namespace should be "k8s.io" for Kubernetes (including Rancher Desktop)
-  namespace = "buildkit"
-  platforms = [ "linux/amd64", "linux/arm64" ]
-  gc = true
-  # gckeepstorage sets storage limit for default gc profile, in MB.
-  gckeepstorage = 9000
+configure_fuse_overlayfs() {
+    echo "配置 FUSE-OverlayFS..."
+    /usr/local/bin/containerd-rootless-setuptool.sh check
+    /usr/local/bin/containerd-rootless-setuptool.sh install-fuse-overlayfs
+    echo "FUSE-OverlayFS 安装完成。"
+}

-# registry configures a new Docker register used for cache import or output.
-[registry."docker.io"]
-  # mirror configuration to handle path in case a mirror registry requires a /project path rather than just a host:port
-  mirrors = ["https://upnuemce.mirror.aliyuncs.com", "core.harbor.domain/proxy.docker.io"]
-  http = true
-  insecure = true
-  #ca=["/etc/config/myca.pem"]
-  #[[registry."docker.io".keypair]]
-    #key="/etc/config/key.pem"
-    #cert="/etc/config/cert.pem"
-EOT
-
-    sudo tee /etc/systemd/system/buildkit.service > /dev/null <<EOT
-[Unit]
-Description=BuildKit Daemon
-Documentation=https://github.com/moby/buildkit
-Requires=buildkit.socket
-After=network.target buildkit.socket
-
-[Service]
-Type=notify
-ExecStart=/usr/local/bin/buildkitd --config /etc/buildkit/buildkit.toml --addr fd://
-Restart=always
-RestartSec=10s
-StartLimitInterval=0
-
-[Install]
-WantedBy=multi-user.target
-EOT
-
-    sudo tee /etc/systemd/system/buildkit.socket > /dev/null <<EOT
-[Unit]
-Description=BuildKit
-Documentation=https://github.com/moby/buildkit
-
-[Socket]
-ListenStream=%t/buildkit/buildkitd.sock
-SocketMode=0660
-
-[Install]
-WantedBy=sockets.target
-EOT
+configure_stargz_snapshotter() {
+    echo "配置 Stargz Snapshotter..."
+    /usr/local/bin/containerd-rootless-setuptool.sh check
+    /usr/local/bin/containerd-rootless-setuptool.sh install-stargz
+    echo "Stargz Snapshotter 安装完成。"
+}

+configure_bypass4netnsd() {
+    echo "配置 bypass4netnsd 网络加速..."
+    /usr/local/bin/containerd-rootless-setuptool.sh check
+    /usr/local/bin/containerd-rootless-setuptool.sh install-bypass4netnsd
+    echo "bypass4netnsd 安装完成。"
    sudo systemctl daemon-reload
    sudo systemctl enable --now buildkit.socket
    sudo systemctl start buildkit
@@ -217,6 +244,9 @@ case "$1" in
        configure_containerd
        start_containerd
        configure_buildkitd
+        configure_fuse_overlayfs
+        configure_stargz_snapshotter
+        configure_bypass4netnsd
        ;;
    uninstall)
        uninstall_nerdctl