This document outlines useful information for ops and dev transfer as it relates to infrastructure that utilizes CRI-O.
The crio
daemon is intended to provide the CRI socket needed for Kubernetes to use for automating deployment, scaling, and management of containerized applications (See the document for configuring kubernetes to use CRI-O for more information on that).
Therefore the crictl command line is a client that interfaces to the same grpc socket as the kubernetes daemon would, for talking to the crio
daemon.
In many ways crictl is only as feature rich as the Kubernetes CRI requires.
There are additional tools e.g. kpod
and buildah
that provide a feature rich set of commands for all operational needs in a Kubernetes environment.
Many traditional tools will still be useful, such as pstree
, nsenter
and lsns
.
As well as some systemd helpers like systemd-cgls
and systemd-cgtop
are still just as applicable.
For many troubleshooting and information collection steps, there may be an existing pattern. Following provides equivalent with CRI-O tools for gathering information or jumping into containers, for operational use.
Existing Step | CRI-O (and friends) |
---|---|
docker exec |
crictl exec |
docker info |
kpod info |
docker inspect |
kpod inspect |
docker logs |
kpod logs |
docker ps |
crictl ps or runc list |
docker stats |
kpod stats |
If you were already using steps like kubectl exec
(or oc exec
on OpenShift), they will continue to function the same way.
There are other equivalents for these tools
Existing Step | CRI-O (and friends) |
---|---|
docker attach |
kpod exec *** |
docker build |
buildah bud |
docker cp |
kpod mount **** |
docker create |
kpod create |
docker diff |
kpod diff |
docker export |
kpod export |
docker history |
kpod history |
docker images |
kpod images |
docker kill |
kpod kill |
docker load |
kpod load |
docker login |
kpod login |
docker logout |
kpod logout |
docker pause |
kpod pause |
docker ps |
kpod ps |
docker pull |
kpod pull |
docker push |
kpod push |
docker rename |
kpod rename |
docker rm |
kpod rm |
docker rmi |
kpod rmi |
docker run |
kpod run |
docker save |
kpod save |
docker stop |
kpod stop |
docker tag |
kpod tag |
docker unpause |
kpod unpause |
docker version |
kpod version |
docker wait |
kpod wait |
*** Use kpod exec
to enter a container and kpod logs
to view the output of pid 1 of a container.
**** Use mount to take advantage of the entire linux tool chain rather then just cp. Read here
for more information.