This document outlines useful information for ops and dev transfer as it relates to infrastructure that utilizes CRI-O.
The crio
daemon is intended to provide the CRI socket needed for Kubernetes to use for automating deployment, scaling, and management of containerized applications (See the document for configuring kubernetes to use CRI-O for more information on that).
Therefore the crictl command line is a client that interfaces to the same grpc socket as the kubernetes daemon would, for talking to the crio
daemon.
In many ways crictl is only as feature rich as the Kubernetes CRI requires.
There are additional tools e.g. podman
and buildah
that provide a feature rich set of commands for all operational needs in a Kubernetes environment.
Many traditional tools will still be useful, such as pstree
, nsenter
and lsns
.
As well as some systemd helpers like systemd-cgls
and systemd-cgtop
are still just as applicable.
For many troubleshooting and information collection steps, there may be an existing pattern. Following provides equivalent with CRI-O tools for gathering information or jumping into containers, for operational use.
Existing Step | CRI-O (and friends) |
---|---|
docker exec |
crictl exec |
docker info |
podman info |
docker inspect |
podman inspect |
docker logs |
podman logs |
docker ps |
crictl ps or runc list |
docker stats |
podman stats |
If you were already using steps like kubectl exec
(or oc exec
on OpenShift), they will continue to function the same way.
There are other equivalents for these tools
Existing Step | CRI-O (and friends) |
---|---|
docker attach |
podman exec *** |
docker build |
buildah bud |
docker cp |
podman mount **** |
docker create |
podman create |
docker diff |
podman diff |
docker export |
podman export |
docker history |
podman history |
docker images |
podman images |
docker kill |
podman kill |
docker load |
podman load |
docker login |
podman login |
docker logout |
podman logout |
docker pause |
podman pause |
docker ps |
podman ps |
docker pull |
podman pull |
docker push |
podman push |
docker rename |
podman rename |
docker rm |
podman rm |
docker rmi |
podman rmi |
docker run |
podman run |
docker save |
podman save |
docker stop |
podman stop |
docker tag |
podman tag |
docker unpause |
podman unpause |
docker version |
podman version |
docker wait |
podman wait |
*** Use podman exec
to enter a container and podman logs
to view the output of pid 1 of a container.
**** Use mount to take advantage of the entire linux tool chain rather then just cp. Read here
for more information.