1

我发现一些信息说dockerd 通过 runc创建容器。但是,那些由 docker 创建的容器不能由 runc 管理。而 podman 创建的容器可以直接由 runc 管理。

供参考

码头工人:

F   UID     PID    PPID PRI  NI    VSZ   RSS WCHAN  STAT TTY        TIME COMMAND
4     0    1931       1  20   0 807236 90420 -      Ssl  ?          1:13 /usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock
0     0    2139       1  20   0 113116  7432 -      Sl   ?          0:28 /usr/bin/containerd-shim-runc-v2 -namespace moby -id 7f3fa77ddad85e82619b21d6fd9bde8c6
4     0    2163    2139  20   0  10636  6032 -      Ss   ?          0:00  \_ nginx: master process nginx -g daemon off;
5   101    2217    2163  20   0  11032  2560 -      S    ?          0:00      \_ nginx: worker process
0     0    2240       1  20   0 111964  6584 -      Sl   ?          0:28 /usr/bin/containerd-shim-runc-v2 -namespace moby -id 05ebb62bc6557c76f9d4494bbd2262e9f
4     0    2261    2240  20   0  10636  5988 -      Ss   ?          0:00  \_ nginx: master process nginx -g daemon off;
5   101    2319    2261  20   0  11032  2760 -      S    ?          0:00      \_ nginx: worker process

$ docker container ls                                                                                                                 
CONTAINER ID   IMAGE     COMMAND                  CREATED      STATUS      PORTS     NAMES
05ebb62bc655   nginx     "/docker-entrypoint.…"   6 days ago   Up 6 days   80/tcp    nginx2
7f3fa77ddad8   nginx     "/docker-entrypoint.…"   6 days ago   Up 6 days   80/tcp    nginx1
$ runc list                                                                                                                           
ID          PID         STATUS      BUNDLE      CREATED     OWNER

播客:

F   UID     PID    PPID PRI  NI    VSZ   RSS WCHAN  STAT TTY        TIME COMMAND
1     0  128933       1  20   0 143820  2196 x64_sy Ssl  ?          0:00 /usr/bin/conmon --api-version 1 -c 2d37331cea4eb213189db820840c9d3bf3f9abc4a9d92ca4225
4     0  128942  128933  20   0  10640  5980 -      Ss   ?          0:00  \_ nginx: master process nginx -g daemon off;
5   101  128976  128942  20   0  11036  2564 do_epo S    ?          0:00      \_ nginx: worker process
1     0  129276       1  20   0 143820  2324 x64_sy Ssl  ?          0:00 /usr/bin/conmon --api-version 1 -c 2bf3a1f5fdd479cf1402984322f9d09a2b22149d6f01d776049
4     0  129285  129276  20   0  10640  5940 -      Ss   ?          0:00  \_ nginx: master process nginx -g daemon off;
5   101  129320  129285  20   0  11036  2632 do_epo S    ?          0:00      \_ nginx: worker process

❯ podman container ls
CONTAINER ID  IMAGE                           COMMAND               CREATED     STATUS         PORTS   NAMES
2bf3a1f5fdd4  docker.io/library/nginx:latest  nginx -g daemon o...  6 days ago  Up 6 days ago          nginx1
2d37331cea4e  docker.io/library/nginx:latest  nginx -g daemon o...  6 days ago  Up 6 days ago          nginx2
❯ runc list
ID                                                                 PID         STATUS      BUNDLE                                                                                                                     CREATED                          OWNER
2bf3a1f5fdd479cf1402984322f9d09a2b22149d6f01d7760493e482253ed2c3   129285      running     /var/lib/containers/storage/overlay-containers/2bf3a1f5fdd479cf1402984322f9d09a2b22149d6f01d7760493e482253ed2c3/userdata   2021-03-17T08:04:13.948219157Z   root
2d37331cea4eb213189db820840c9d3bf3f9abc4a9d92ca42253520cbe2b6710   128942      running     /var/lib/containers/storage/overlay-containers/2d37331cea4eb213189db820840c9d3bf3f9abc4a9d92ca42253520cbe2b6710/userdata   2021-03-17T08:03:40.961730347Z   root
4

1 回答 1

2

Docker 在/run/docker/runtime-runc/moby/和中启动容器/run/docker/runtime-runc/plugins.moby/。您可以runc使用以下--root选项查看它们:

~# runc --root /run/docker/runtime-runc/moby/ list
ID                                                                 PID         STATUS      BUNDLE                                                                                                                CREATED                          OWNER
4a81e5e9babc18e2bd7eaf560a9d0ab1bff7fb9145acacd9445d313f2b40f3ef   4159        running     /run/containerd/io.containerd.runtime.v2.task/moby/4a81e5e9babc18e2bd7eaf560a9d0ab1bff7fb9145acacd9445d313f2b40f3ef   2021-05-14T06:26:25.894963575Z   root
9e88f71c7f4814d87252b2defcb22aa5c851511d8ed27dd1b4d260a116358090   5072        running     /run/containerd/io.containerd.runtime.v2.task/moby/9e88f71c7f4814d87252b2defcb22aa5c851511d8ed27dd1b4d260a116358090   2021-05-14T06:26:34.330942248Z   root
aba4e2c0534a0d79bafa19a81aa412eb61848451ebfa1122af58197d3c8a8f39   4169        running     /run/containerd/io.containerd.runtime.v2.task/moby/aba4e2c0534a0d79bafa19a81aa412eb61848451ebfa1122af58197d3c8a8f39   2021-05-14T06:26:26.09091234Z    root
bc9377f463e7dc47bd58d80a62b0ba4da6fc86869f40d41dc181b7c9f057b2f5   4199        running     /run/containerd/io.containerd.runtime.v2.task/moby/bc9377f463e7dc47bd58d80a62b0ba4da6fc86869f40d41dc181b7c9f057b2f5   2021-05-14T06:26:26.090912342Z   root
e554c565e3c270d4630f91ec8ab5e97379720ab950f1c9f285e31b95929e46dc   5071        running     /run/containerd/io.containerd.runtime.v2.task/moby/e554c565e3c270d4630f91ec8ab5e97379720ab950f1c9f285e31b95929e46dc   2021-05-14T06:26:34.299062098Z   root
ef49f937f358db1debec1037796972f00a6a030c15f2b471053b81d01f1b6bb5   4952        running     /run/containerd/io.containerd.runtime.v2.task/moby/ef49f937f358db1debec1037796972f00a6a030c15f2b471053b81d01f1b6bb5   2021-05-14T06:26:33.927094868Z   root

至于关系,这里已经回答过了。

于 2021-05-14T14:52:03.097 回答