Skip to content

Containerd

cri-tools

crictl is a command-line interface for CRI-compatible container runtimes. You can use it to inspect and debug container runtimes and applications on a Kubernetes node. crictl and its source are hosted in the cri-tools repository.

https://kubernetes.io/docs/tasks/debug-application-cluster/crictl/

https://github.com/kubernetes-sigs/cri-tools

https://github.com/kubernetes-sigs/cri-tools/blob/master/docs/crictl.md

The crictl command has several subcommands and runtime flags. Use crictl help or crictl help for more details.

You can set the endpoint for crictl by doing one of the following:

  • Set the --runtime-endpoint and --image-endpoint flags.
  • Set the CONTAINER_RUNTIME_ENDPOINT and IMAGE_SERVICE_ENDPOINT environment variables.
  • Set the endpoint in the configuration file /etc/crictl.yaml. To specify a different file, use the --config=PATH_TO_FILE flag when you run crictl.

Note

If you don't set an endpoint, crictl attempts to connect to a list of known endpoints, which might result in an impact to performance. You can also specify timeout values when connecting to the server and enable or disable debugging, by specifying timeout or debug values in the configuration file or using the --timeout and --debug command-line flags.

To view or edit the current configuration, view or edit the contents of /etc/crictl.yaml. For example, the configuration when using the containerd container runtime would be similar to this: 

runtime-endpoint: unix:///var/run/containerd/containerd.sock
image-endpoint: unix:///var/run/containerd/containerd.sock
timeout: 10
debug: true

Note

microk8s default endpoint is: unix:////var/snap/microk8s/common/run/containerd.sock

$ cat /etc/crictl.yaml
runtime-endpoint: unix:////var/snap/microk8s/common/run/containerd.sock
image-endpoint: unix:////var/snap/microk8s/common/run/containerd.sock
timeout: 10
debug: false

https://kubernetes.io/docs/tasks/debug/debug-cluster/crictl/

To List pods 

crictl pods
crictl pods --name nginx-65899c769f-wv2gp
crictl pods --label run=nginx

To List images 

crictl images
crictl images nginx
crictl images -q

To pull private images using username and password using crictl 

crictl pull --creds "UserName:Password" "image details from private registry@SHA details"

To list running containers 

crictl ps -a
crictl ps

Execute a command in a running container 

crictl exec -i -t 1f73f2d81bf98 ls

Get a container's logs 

crictl logs 87d3992f84f74
crictl logs --tail=1 87d3992f84f74