Install CRI-O Container Runtime on CentOS 8 / CentOS 7

Posted on 158 views

CRI-O is an OCI-based implementation of Kubernetes Container Runtime Interface (CRI). CRI-O is meant to provide an integration path between OCI conformant runtimes and the kubelet. In this guide, we will discuss on the installation of CRI-O Container Runtime on CentOS 8 / CentOS 7 Linux system. The scope of CRI-O is restricted to the following functionalities:

  • Support multiple image formats including the existing Docker image format
  • Support for multiple means to download images including trust & image verification
  • Container image management (managing image layers, overlay filesystems, etc)
  • Container process lifecycle management
  • Monitoring and logging required to satisfy the CRI
  • Resource isolation as required by the CRI

CRI-O use best of breed libraries for different aspects:

Install CRI-O Container Runtime on CentOS 8 / CentOS 7

CRI-O and Kubernetes follow the same release cycle and deprecation policy. For more information visit the Kubernetes versioning documentation. Update your system prior to installation:

sudo yum -y update

Below are the steps you’ll follow to install CRI-O on CentOS 8 / CentOS 7 Linux server or Workstation machine.

Step 1: Add CRI-O Repository

So if you’re running Kubernetes version 1.19, you’ll install cri-o 1.19.x. We’ll save this version to a variable. Then add repository to our system.

Add repository to CentOS 8:

VERSION=1.22
sudo dnf -y install 'dnf-command(copr)'
sudo dnf -y copr enable rhcontainerbot/container-selinux
sudo curl -L -o /etc/yum.repos.d/devel:kubic:libcontainers:stable.repo https://download.opensuse.org/repositories/devel:kubic:libcontainers:stable/CentOS_8/devel:kubic:libcontainers:stable.repo
sudo curl -L -o /etc/yum.repos.d/devel:kubic:libcontainers:stable:cri-o:$VERSION.repo https://download.opensuse.org/repositories/devel:kubic:libcontainers:stable:cri-o:$VERSION/CentOS_8/devel:kubic:libcontainers:stable:cri-o:$VERSION.repo

Add repository to CentOS 7:

VERSION=1.22
sudo curl -L -o /etc/yum.repos.d/devel:kubic:libcontainers:stable.repo https://download.opensuse.org/repositories/devel:kubic:libcontainers:stable/CentOS_7/devel:kubic:libcontainers:stable.repo
sudo curl -L -o /etc/yum.repos.d/devel:kubic:libcontainers:stable:cri-o:$VERSION.repo https://download.opensuse.org/repositories/devel:kubic:libcontainers:stable:cri-o:$VERSION/CentOS_7/devel:kubic:libcontainers:stable:cri-o:$VERSION.repo

Step 2: Install CRI-O Container Runtime on CentOS 8 / CentOS 7

Once the repository is added, install CRI-O Container Runtime on CentOS 8 / CentOS 7 with this command:

sudo yum install cri-o cri-tools

Agree to install a number of dependencies shown:

Transaction Summary
========================================================================================================================================================
Install  19 Packages
Upgrade   8 Packages

Total download size: 91 M
Is this ok [y/N]: y

GPG key should be imported as well.

......   
Importing GPG key 0x75060AA4:
 Userid     : "devel:kubic OBS Project "
 Fingerprint: 2472 D6D0 D2F6 6AF8 7ABA 8DA3 4D64 3903 7506 0AA4
 From       : https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable:/cri-o:/1.19/CentOS_8/repodata/repomd.xml.key
Is this ok [y/N]: y

Confirm installation of CRI-O on CentOS:

$ rpm -qi cri-o
Name        : cri-o
Epoch       : 0
Version     : 1.22.1
Release     : 4.1.el8
Architecture: x86_64
Install Date: Tue Nov 16 09:45:55 2021
Group       : Unspecified
Size        : 118545650
License     : ASL 2.0
Signature   : RSA/SHA256, Thu Nov 11 20:27:38 2021, Key ID 4d64390375060aa4
Source RPM  : cri-o-1.22.1-4.1.el8.src.rpm
Build Date  : Thu Nov 11 20:26:52 2021
Build Host  : hci-cnode2-e5
Relocations : (not relocatable)
Vendor      : obs://build.opensuse.org/devel:kubic
URL         : https://github.com/cri-o/cri-o

Step 3: Start CRI-O Service

The cri-o service is not enabled or started by default. Let’s start it:

sudo systemctl enable --now crio

Check service status if running:

$ systemctl status crio
crio.service - Container Runtime Interface for OCI (CRI-O)
   Loaded: loaded (/usr/lib/systemd/system/crio.service; enabled; vendor preset: disabled)
   Active: active (running) since Tue 2021-11-16 09:46:34 UTC; 25s ago
     Docs: https://github.com/cri-o/cri-o
 Main PID: 13140 (crio)
    Tasks: 11
   Memory: 22.3M
   CGroup: /system.slice/crio.servi

Socket file:

/var/run/crio/crio.sock

In the guides to follow, we’ll cover creation of Kubernetes Cluster with CRI-O runtime engine and maybe interacting with cri-o containers with crictl command line tool.

coffee

Gravatar Image
A systems engineer with excellent skills in systems administration, cloud computing, systems deployment, virtualization, containers, and a certified ethical hacker.