Using CheatSheets To Apply Best Practices

Cheatsheet: CRI-O

Cheatsheet: CRI-O

1.1 cri-o Basic

Name Summary
cri-o Another container runtime like dockerd. Initialized from Redhat
cri-o vs dockerd  
Reference CheatSheet: Docker, CheatSheet: CRI-O, CheatSheet: rkt, CheatSheet: containerd

1.2 cri-o Components

Name Summary
crictl For troubleshooting and working directly with CRI-O container engines
runc For running container images
podman CLI tool to manage pods and images
Buildah For building, pushing and signing container images
Skopeo For copying, inspecting, deleting, and signing images
Quay Builds, analyzes, distributes your container images. Like CNCF Harbor


1.3 Run cri-o as k8s container engine

Name Summary
Run cri-o with minikube minikube start --network-plugin=cni --container-runtime=cri-o
cri-o conf file /etc/crio/crio.conf
Configure cri-o image registry registries = ['']
Restart cri-o minikube ssh, then systemctl restart crio
Check status systemctl status
Reference Link: Using the CRI-O Container Engine

1.4 podman

Name Summary
podman image registry file /etc/containers/registries.conf
pull container podman pull nginx:alpine
List all images podman images
List all contianers podman ps

1.5 podman online usage

$ sudo podman --help
WARN[0000] unable to find /etc/containers/registries.conf. some podman (image shortnames) commands may be limited
   podman - manage pods and images

   podman [global options] command [command options] [arguments...]


     attach           Attach to a running container
     commit           Create new image based on the changed container
     build            Build an image using instructions in a Dockerfile
     create           create but do not start a container
     diff             Inspect changes on container's file systems
     exec             Run a process in a running container
     export           Export container's filesystem contents as a tar archive
     history          Show history of a specified image
     images           list images in local storage
     import           Import a tarball to create a filesystem image
     info             display system information
     inspect          Displays the configuration of a container or image
     kill             Kill one or more running containers with a specific signal
     load             load an image from docker archive
     login            login to a container registry
     logout           logout of a container registry
     logs             Fetch the logs of a container
     mount            Mount a working container's root filesystem
     pause            Pauses all the processes in one or more containers
     ps               List containers
     port             List port mappings or a specific mapping for the container
     pull             pull an image from a registry
     push             push an image to a specified destination
     restart          Restart one or more containers
     rm               podman rm will remove one or more containers from the host.  The container name or ID can be used.
                                  This does not remove images.  Running containers will not be removed without the -f option.
     rmi              removes one or more images from local storage
     run              run a command in a new container
     save             Save image to an archive
     search           search registry for image
     start            Start one or more containers
     stats            Display percentage of CPU, memory, network I/O, block I/O and PIDs for one or more containers
     stop             Stop one or more containers
     tag              Add an additional name to a local image
     top              Display the running processes of a container
     umount, unmount  Unmount a working container's root filesystem
     unpause          Unpause the processes in one or more containers
     version          Display the PODMAN Version Information
     wait             Block on one or more containers
     help, h          Shows a list of commands or help for one command

   --cni-config-dir value            path of the configuration directory for CNI networks
   --config value, -c value          path of a config file detailing container server configuration options
   --conmon value                    path of the conmon binary
   --cpu-profile value               path for the cpu profiling results
   --log-level value                 log messages above specified level: debug, info, warn, error (default), fatal or panic (default: "error")
   --root value                      path to the root directory in which data, including images, is stored
   --runroot value                   path to the 'run directory' where all state information is stored
   --runtime value                   path to the OCI-compatible binary used to run containers, default is /usr/bin/runc
   --storage-driver value, -s value  select which storage driver is used to manage storage of images and containers (default is overlay)
   --storage-opt value               used to pass an option to the storage driver
   --help, -h                        show help
   --version, -v                     print the version

1.6 More Resources

Leave a Reply

Your email address will not be published. Required fields are marked *