/etc/containerd/config.toml
version = 2
root = "/var/lib/containerd"
state = "/run/containerd"
oom_score = 0
[grpc]
address = "/run/containerd/containerd.sock"
uid = 0
gid = 0
[ttrpc]
address = ""
uid = 0
gid = 0
[debug]
address = ""
uid = 0
gid = 0
level = ""
[metrics]
address = ""
grpc_histogram = false
[cgroup]
path = ""
[plugins]
[plugins."io.containerd.grpc.v1.cri"]
# ✅ Kubernetes 需要 CRI
sandbox_image = "registry.aliyuncs.com/google_containers/pause:3.10"
# CNI 网络配置
[plugins."io.containerd.grpc.v1.cri".cni]
bin_dir = "/opt/cni/bin"
conf_dir = "/etc/cni/net.d"
max_conf_num = 1
# containerd runtime 配置
[plugins."io.containerd.grpc.v1.cri".containerd]
snapshotter = "overlayfs"
default_runtime_name = "runc"
[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc]
runtime_type = "io.containerd.runc.v2"
[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc.options]
# ✅ Kubernetes 推荐 systemd cgroup
SystemdCgroup = true
[plugins."io.containerd.internal.v1.opt"]
path = "/opt/containerd"
[plugins."io.containerd.internal.v1.restart"]
interval = "10s"
[plugins."io.containerd.metadata.v1.bolt"]
content_sharing_policy = "shared"
[plugins."io.containerd.runtime.v2.task"]
platforms = ["linux/amd64"]
[plugins."io.containerd.service.v1.diff-service"]
default = ["walking"]
🔧 使用步骤
- 覆盖原配置
sudo mv /etc/containerd/config.toml /etc/containerd/config.toml.bak
sudo tee /etc/containerd/config.toml > /dev/null <<'EOF'
# 把上面的配置内容贴在这里
EOF
- 重启 containerd
sudo systemctl restart containerd
sudo systemctl status containerd -l --no-pager
- 验证 CRI API 正常
crictl --runtime-endpoint unix:///run/containerd/containerd.sock info
由 less233