Containerd
cri-tools¶
crictl is a command-line interface for CRI-compatible container runtimes. You can use it to inspect and debug container runtimes and applications on a Kubernetes node. crictl and its source are hosted in the cri-tools repository.
https://kubernetes.io/docs/tasks/debug-application-cluster/crictl/
https://github.com/kubernetes-sigs/cri-tools
https://github.com/kubernetes-sigs/cri-tools/blob/master/docs/crictl.md
The crictl command has several subcommands and runtime flags. Use crictl help or crictl
You can set the endpoint for crictl by doing one of the following:
- Set the --runtime-endpoint and --image-endpoint flags.
- Set the CONTAINER_RUNTIME_ENDPOINT and IMAGE_SERVICE_ENDPOINT environment variables.
- Set the endpoint in the configuration file /etc/crictl.yaml. To specify a different file, use the --config=PATH_TO_FILE flag when you run crictl.
Note
If you don't set an endpoint, crictl attempts to connect to a list of known endpoints, which might result in an impact to performance.
You can also specify timeout values when connecting to the server and enable or disable debugging, by specifying timeout or debug values in the configuration file or using the --timeout
and --debug
command-line flags.
To view or edit the current configuration, view or edit the contents of /etc/crictl.yaml
. For example, the configuration when using the containerd container runtime would be similar to this:
runtime-endpoint: unix:///var/run/containerd/containerd.sock
image-endpoint: unix:///var/run/containerd/containerd.sock
timeout: 10
debug: true
Note
microk8s default endpoint is: unix:////var/snap/microk8s/common/run/containerd.sock
$ cat /etc/crictl.yaml
runtime-endpoint: unix:////var/snap/microk8s/common/run/containerd.sock
image-endpoint: unix:////var/snap/microk8s/common/run/containerd.sock
timeout: 10
debug: false
https://kubernetes.io/docs/tasks/debug/debug-cluster/crictl/
To List pods
crictl pods
crictl pods --name nginx-65899c769f-wv2gp
crictl pods --label run=nginx
To List images
crictl images
crictl images nginx
crictl images -q
To pull private images using username and password using crictl
crictl pull --creds "UserName:Password" "image details from private registry@SHA details"
To list running containers
crictl ps -a
crictl ps
Execute a command in a running container
crictl exec -i -t 1f73f2d81bf98 ls
Get a container's logs
crictl logs 87d3992f84f74
crictl logs --tail=1 87d3992f84f74