Thursday, December 26, 2024
Google search engine
HomeGuest BlogsInstall CRI-O Container Runtime on Ubuntu 22.04|20.04|18.04

Install CRI-O Container Runtime on Ubuntu 22.04|20.04|18.04

This guide will walk you through the installation of CRI-O Container Runtime on Ubuntu 22.04|20.04|18.04. CRI-O is an OCI-based implementation of Kubernetes Container Runtime Interface (CRI) designed to provide an integration path between OCI conformant runtimes and the kubelet.

CRI-O is created to provide following core functionalities:

  • Support multiple image formats including the existing Docker image format
  • Support for multiple means to download images including trust & image verification
  • Container image management (managing image layers, overlay filesystems, etc)
  • Container process lifecycle management
  • Monitoring and logging required to satisfy the CRI
  • Resource isolation as required by the CRI

The libraries used by CRI-O are:

Install CRI-O Container Runtime on Ubuntu 22.04|20.04|18.04

We will use pre-built binary packages to install CRI-O container runtime. Follow the steps below to install CRI-O Container Runtime on Ubuntu 22.04|20.04|18.04.

Step 1: Update System

Ensure your Ubuntu system is updated. If you’re afraid this could break your system you can skip.

sudo apt update && sudo apt -y full-upgrade

It is recommended to reboot your system to ensure it is running on updated version.

[ -f /var/run/reboot-required ] && sudo reboot -f

Step 2: Add CRI-O Kubic repository

Add the Kubic repository which host binary packages for Debian based systems. If using CRI-O with Kubernetes, install the version matching Kubernetes version you’ll setup.

If your Kubernetes version is 1.26, install CRI-O version 1.26. We’ll start by adding the APT repository which contains CRI-O packages:

Ubuntu 22.04/20.04:

OS=xUbuntu_20.04
CRIO_VERSION=1.26
echo "deb https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/$OS/ /"|sudo tee /etc/apt/sources.list.d/devel:kubic:libcontainers:stable.list
echo "deb http://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable:/cri-o:/$CRIO_VERSION/$OS/ /"|sudo tee /etc/apt/sources.list.d/devel:kubic:libcontainers:stable:cri-o:$CRIO_VERSION.list

Ubuntu 18.04:

OS=xUbuntu_18.04
CRIO_VERSION=1.26
echo "deb https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/$OS/ /"|sudo tee /etc/apt/sources.list.d/devel:kubic:libcontainers:stable.list
echo "deb http://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable:/cri-o:/$CRIO_VERSION/$OS/ /"|sudo tee /etc/apt/sources.list.d/devel:kubic:libcontainers:stable:cri-o:$CRIO_VERSION.list

Once the repository is added to your system, import GPG key:

curl -L https://download.opensuse.org/repositories/devel:kubic:libcontainers:stable:cri-o:$CRIO_VERSION/$OS/Release.key | sudo apt-key add -
curl -L https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/$OS/Release.key | sudo apt-key add -

Step 3: Install CRI-O on Ubuntu22.04|20.04|18.04

When repository is added, update apt cache and install CRI-O on Ubuntu.

sudo apt update
sudo apt install cri-o cri-o-runc

Accept installation prompt with y key.

The following additional packages will be installed:
  conmon containers-common
Suggested packages:
  cri-o-runc | runc containernetworking-plugins
The following NEW packages will be installed:
  conmon containers-common cri-o
0 upgraded, 3 newly installed, 0 to remove and 94 not upgraded.
Need to get 20.2 MB of archives.
After this operation, 99.4 MB of additional disk space will be used.
Do you want to continue? [Y/n] y

Checking the version of CRI-O installed on Ubuntu:

$ apt show cri-o
Package: cri-o
Version: 1.26.1~0
Priority: optional
Section: devel
Maintainer: Peter Hunt <[email protected]>
Installed-Size: 139 MB
Depends: libgpgme11, libseccomp2, conmon, containers-common (>= 0.1.27) | golang-github-containers-common, tzdata
Suggests: cri-o-runc | runc (>= 1.0.0), containernetworking-plugins
Replaces: cri-o-1.22, cri-o-1.23, cri-o-1.24
Homepage: https://github.com/cri-o/cri-o
Download-Size: 30.6 MB
APT-Manual-Installed: yes

Start and enable crio service:

sudo systemctl enable crio.service
sudo systemctl start crio.service

Service status can be checked with the command:

$ systemctl status crio
 crio.service - Container Runtime Interface for OCI (CRI-O)
     Loaded: loaded (/lib/systemd/system/crio.service; enabled; vendor preset: enabled)
     Active: active (running) since Wed 2023-02-15 09:24:21 UTC; 3s ago
       Docs: https://github.com/cri-o/cri-o
   Main PID: 18601 (crio)
      Tasks: 7
     Memory: 11.8M
        CPU: 184ms
     CGroup: /system.slice/crio.service
             └─18601 /usr/bin/crio

Feb 15 09:24:21 jammy crio[18601]: time="2023-02-15 09:24:21.509528773Z" level=warning msg="Error validating CNI config file /etc/cni/net.d/100-crio-bridge.conflist: [failed to find plugin \"bridge>
Feb 15 09:24:21 jammy crio[18601]: time="2023-02-15 09:24:21.509579946Z" level=error msg="Error loading CNI config list file /etc/cni/net.d/200-loopback.conflist: error parsing configuration list: >
Feb 15 09:24:21 jammy crio[18601]: time="2023-02-15 09:24:21.509657796Z" level=info msg="Updated default CNI network name to "
Feb 15 09:24:21 jammy crio[18601]: time="2023-02-15 09:24:21.528747854Z" level=warning msg="Error encountered when checking whether cri-o should wipe containers: open /var/run/crio/version: no such>
Feb 15 09:24:21 jammy crio[18601]: time="2023-02-15 09:24:21.529188571Z" level=info msg="Starting seccomp notifier watcher"
Feb 15 09:24:21 jammy crio[18601]: time="2023-02-15 09:24:21.529249385Z" level=info msg="Create NRI interface"
Feb 15 09:24:21 jammy crio[18601]: time="2023-02-15 09:24:21.529342425Z" level=info msg="NRI interface is disabled in the configuration."
Feb 15 09:24:21 jammy crio[18601]: time="2023-02-15 09:24:21.529632747Z" level=error msg="Writing clean shutdown supported file: open /var/lib/crio/clean.shutdown.supported: no such file or directo>
Feb 15 09:24:21 jammy crio[18601]: time="2023-02-15 09:24:21.529671360Z" level=error msg="Failed to sync parent directory of clean shutdown file: open /var/lib/crio: no such file or directory"
Feb 15 09:24:21 jammy systemd[1]: Started Container Runtime Interface for OCI (CRI-O).

Step 4: Using CRI-O on Ubuntu22.04|20.04|18.04

The command line tool crioctl can be installed through cri-tools package.

sudo apt install cri-tools

Check existence of crictl command:

$ sudo crictl info
{
  "status": {
    "conditions": [
      {
        "type": "RuntimeReady",
        "status": true,
        "reason": "",
        "message": ""
      },
      {
        "type": "NetworkReady",
        "status": false,
        "reason": "NetworkPluginNotReady",
        "message": "Network plugin returns error: Missing CNI default network"
      }
    ]
  }
}

Pull a test image:

$ sudo crictl pull nginx
Image is up to date for docker.io/library/nginx@sha256:c870bf53de0357813af37b9500cb1c2ff9fb4c00120d5fe1d75c21591293c34d

$ sudo crictl pull hello-world
Image is up to date for docker.io/library/hello-world@sha256:6a65f928fb91fcfbc963f7aa6d57c8eeb426ad9a20c7ee045538ef34847f44f1

$ sudo crictl pull busybox
Image is up to date for docker.io/library/busybox@sha256:95cf004f559831017cdf4628aaf1bb30133677be8702a8c5f2994629f637a209

List available images:

$ sudo crictl images
IMAGE                           TAG                 IMAGE ID            SIZE
docker.io/library/alpine        latest              a24bb4013296f       5.85MB
docker.io/library/busybox       latest              1c35c44120825       1.44MB
docker.io/library/hello-world   latest              bf756fb1ae65a       20kB
docker.io/library/nginx         latest              4392e5dad77db       136MB

Create pod sandbox config file:

cat >nginx.json<<EOF
{
  "metadata": {
    "name": "nginx-container",
    "attempt": 1
  },
  "image": {
    "image": "nginx"
  },
  "log_path": "nginx.log",
  "linux": {
    "security_context": {
      "namespace_options": {}
    }
  }
}
EOF

cat >net-pod.json<<EOF
{
  "metadata": {
    "name": "networking",
    "uid": "networking-pod-uid",
    "namespace": "default",
    "attempt": 1
  },
  "hostname": "networking",
  "port_mappings": [
    {
      "container_port": 80
    }
  ],
  "log_directory": "/tmp/net-pod",
  "linux": {}
}
EOF

Run the pod

sudo crictl runp net-pod.json
sudo crictl create nginx.json net-pod.json
sudo crictl ps -a

Enjoy using CRI-O on Ubuntu with Kubernetes. If you want to master Kubernetes administration, checkout the books below.

For installation of CRI-O on CentOS Linux, refer to:

RELATED ARTICLES

Most Popular

Recent Comments