search

moby / buildkit

concurrent, cache-efficient, and Dockerfile-agnostic builder toolkit
https://github.com/moby/moby/issues/34227
Apache License 2.0
8.18k stars 1.16k forks source link

containerd: unable to use local image from nerdctl #4465

Open liuyiyangwang opened 11 months ago

liuyiyangwang commented 11 months ago

Docker not installed The containerd used I have a mirror image

nerdctl images

REPOSITORY TAG IMAGE ID CREATED PLATFORM SIZE BLOB SIZE nginx test01 0d17b565c37b 3 weeks ago linux/amd64 149.1 MiB 54.1 MiB

cat Dockerfile

FROM nginx:test01 RUN echo yes

He went back to the image warehouse to retrieve the image Will not use local

Do brothers have a way to solve it? I am using Buildkit v0.12.3. Linux amd64. tar. gz

tonistiigi commented 11 months ago

@AkihiroSuda Is this supposed to work with nerdctl or is there some difference with what containerd namespace is used?

liuyiyangwang commented 10 months ago

@AkihiroSuda这是否应该与 nerdctl 一起使用,或者与使用的 containerd 命名空间有什么区别? Thank you for your help, He will go to the image warehouse to pull the nginx: test01 image, Will not use local image

AkihiroSuda commented 10 months ago

Please try this:

https://github.com/containerd/nerdctl/blob/v1.7.2/docs/build.md#setting-up-buildkit-with-containerd-worker

Setting up BuildKit with containerd worker

Rootless

:zap: Requirement nerdctl >= 0.18, BuildKit >= 0.10 
$ CONTAINERD_NAMESPACE=default containerd-rootless-setuptool.sh install-buildkit-containerd

containerd-rootless-setuptool.sh is aware of CONTAINERD_NAMESPACE and CONTAINERD_SNAPSHOTTER envvars. It installs buildkitd to the specified containerd namespace. This allows BuildKit using containerd-managed images in that namespace as the base image. Note that BuildKit can't use images in other namespaces as of now.

If CONTAINERD_NAMESPACE envvar is not specified, this script configures buildkitd to use "buildkit" namespace (not "default" namespace).

You can install an additional buildkitd process in a different namespace by executing this script with specifying the namespace with CONTAINERD_NAMESPACE.

BuildKit will expose the socket at $XDG_RUNTIME_DIR/buildkit-$CONTAINERD_NAMESPACE/buildkitd.sock if CONTAINERD_NAMESPACE is specified. If CONTAINERD_NAMESPACE is not specified, that location will be $XDG_RUNTIME_DIR/buildkit/buildkitd.sock.

Rootful

$ sudo systemctl enable --now buildkit

Then add the following configuration to /etc/buildkit/buildkitd.toml to enable containerd worker.

[worker.oci]
  enabled = false

[worker.containerd]
  enabled = true
  # namespace should be "k8s.io" for Kubernetes (including Rancher Desktop)
  namespace = "default"