CRI-O is an OCI-based implementation of Kubernetes Container Runtime Interface (CRI). CRI-O is meant to provide an integration path between OCI conformant runtimes and the kubelet. In this guide, we will discuss on the installation of CRI-O Container Runtime on CentOS 8 / CentOS 7 Linux system. The scope of CRI-O is restricted to the following functionalities:
- Support multiple image formats including the existing Docker image format
- Support for multiple means to download images including trust & image verification
- Container image management (managing image layers, overlay filesystems, etc)
- Container process lifecycle management
- Monitoring and logging required to satisfy the CRI
- Resource isolation as required by the CRI
CRI-O use best of breed libraries for different aspects:
- Runtime: runc (or any OCI runtime-spec implementation) and oci runtime tools
- Images: Image management using containers/image
- Storage: Storage and management of image layers using containers/storage
- Networking: Networking support through use of CNI
Install CRI-O Container Runtime on CentOS 8 / CentOS 7
CRI-O and Kubernetes follow the same release cycle and deprecation policy. For more information visit the Kubernetes versioning documentation. Update your system prior to installation:
sudo yum -y updateBelow are the steps you’ll follow to install CRI-O on CentOS 8 / CentOS 7 Linux server or Workstation machine.
Step 1: Add CRI-O Repository
So if you’re running Kubernetes version 1.17, you’ll install cri-o 1.17.x. We’ll save this version to a variable. Then add repository to our system.
Add repository to CentOS 8:
VERSION=1.17
sudo dnf -y install 'dnf-command(copr)'
sudo dnf -y copr enable rhcontainerbot/container-selinux
sudo curl -L -o /etc/yum.repos.d/devel:kubic:libcontainers:stable.repo https://download.opensuse.org/repositories/devel:kubic:libcontainers:stable/CentOS_8/devel:kubic:libcontainers:stable.repo
sudo curl -L -o /etc/yum.repos.d/devel:kubic:libcontainers:stable:cri-o:${VERSION}.repo https://download.opensuse.org/repositories/devel:kubic:libcontainers:stable:cri-o:${VERSION}/CentOS_8/devel:kubic:libcontainers:stable:cri-o:${VERSION}.repoAdd repository to CentOS 7:
VERSION=1.17
sudo curl -L -o /etc/yum.repos.d/devel:kubic:libcontainers:stable.repo https://download.opensuse.org/repositories/devel:kubic:libcontainers:stable/CentOS_7/devel:kubic:libcontainers:stable.repo
sudo curl -L -o /etc/yum.repos.d/devel:kubic:libcontainers:stable:cri-o:${VERSION}.repo https://download.opensuse.org/repositories/devel:kubic:libcontainers:stable:cri-o:${VERSION}/CentOS_7/devel:kubic:libcontainers:stable:cri-o:${VERSION}.repoStep 2: Install CRI-O Container Runtime on CentOS 8 / CentOS 7
Once the repository is added, install CRI-O Container Runtime on CentOS 8 / CentOS 7 with this command:
sudo yum install cri-oAgree to install a number of dependencies shown:
Transaction Summary
========================================================================================================================================================
Install 19 Packages
Upgrade 8 Packages
Total download size: 91 M
Is this ok [y/N]: yGPG key should be imported as well.
......
Importing GPG key 0x75060AA4:
Userid : "devel:kubic OBS Project <devel:[email protected]>"
Fingerprint: 2472 D6D0 D2F6 6AF8 7ABA 8DA3 4D64 3903 7506 0AA4
From : http://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable:/cri-o:/1.17/CentOS_8/repodata/repomd.xml.key
Is this ok [y/N]: yConfirm installation of CRI-O on CentOS:
$ rpm -qi cri-o
Name : cri-o
Epoch : 2
Version : 1.17.2
Release : 1.2.el8
Architecture: x86_64
Install Date: Tue 21 Apr 2020 03:13:42 PM UTC
Group : Unspecified
Size : 171568080
License : ASL 2.0
Signature : RSA/SHA256, Tue 14 Apr 2020 03:44:45 AM UTC, Key ID 4d64390375060aa4
Source RPM : cri-o-1.17.2-1.2.el8.src.rpm
Build Date : Tue 14 Apr 2020 03:44:06 AM UTC
Build Host : localhost
Relocations : (not relocatable)
Vendor : obs://build.opensuse.org/devel:kubic
URL : https://github.com/cri-o/cri-o
Summary : Kubernetes Container Runtime Interface for OCI-based containersStep 3: Start CRI-O Service
The cri-o service is not enabled or started by default. Let’s start it:
sudo systemctl enable --now cri-oIn the guides to follow, we’ll cover creation of Kubernetes Cluster with CRI-O runtime engine and maybe interacting with cri-o containers with crictl command line tool.
In the meantime, check other container related articles available on our site.
How To Open a Shell Prompt on an OpenShift Node
How To Install Kubernetes Dashboard with NodePort
How To Create Admin User to Access Kubernetes Dashboard
Top Minimal Container Operating Systems for running Kubernetes
