46 lines
1.3 KiB
Markdown
46 lines
1.3 KiB
Markdown
# K3s
|
|
|
|
### Import image into containerd
|
|
|
|
#### Offline
|
|
|
|
On a host where one can pull the image:
|
|
|
|
```
|
|
podman save -o <image_file_name>.tar <image_name>:<image_version>
|
|
gzip <image_file_name>.tar
|
|
```
|
|
|
|
Copy the file to target host(s) and then run:
|
|
|
|
```
|
|
zcat <image_file_name>.tar.gz | /usr/local/bin/k3s ctr images import -
|
|
```
|
|
|
|
#### Online
|
|
|
|
```
|
|
crictl pull <image_name_or_url>:<image_version>
|
|
```
|
|
|
|
If one needs to supply credentials for the registry, use:
|
|
|
|
```
|
|
--auth AUTH_STRING Use AUTH_STRING for accessing the registry. AUTH_STRING is a base64
|
|
encoded 'USERNAME[:PASSWORD]' [$CRICTL_AUTH]
|
|
--creds USERNAME[:PASSWORD] Use USERNAME[:PASSWORD] for accessing the registry [$CRICTL_CREDS]
|
|
--username USERNAME, -u USERNAME Use USERNAME for accessing the registry. The password will be
|
|
requested on the command line
|
|
```
|
|
|
|
`-u` is most secure, as the password is not supplied on the command line.
|
|
|
|
### Access shell of container with root rights (uid 0)
|
|
|
|
Get container ID in the running pod:
|
|
|
|
```
|
|
kubectl -n hydra get pod <pod_name> -o jsonpath="{.status.containerStatuses[].containerID}" | sed 's,.*//,,'; echo ''
|
|
k3s ctr task exec -t --exec-id <random_name> --user root <container_id> bash
|
|
```
|