安装nerdctl和buildkitd脚本命令
#!/bin/bash
set -euo pipefail# 检查是否以root权限运行
if [ "$(id -u)" -ne 0 ]; then
echo "错误:请使用root权限或sudo运行本脚本" >&2
exit 1
fi# 检测openEuler系统(兼容大小写)
detect_distribution() {
if [ -f /etc/os-release ]; then
. /etc/os-release
# 匹配ID为openEuler(兼容大小写,如"openEuler"或"openeuler")
if [[ "$ID" =~ ^[Oo]pen[Ee]uler$ ]]; then
echo "openeuler"
else
echo "unsupported"
fi
else
echo "unsupported"
fi
}DISTRO=$(detect_distribution)
if [[ "$DISTRO" != "openeuler" ]]; then
echo "错误:本脚本仅适用于openEuler系统" >&2
exit 1
fi# 安装前置依赖(openEuler 25.03使用dnf)
install_dependencies() {
dnf update -y
dnf install -y \
curl \
gnupg \
ca-certificates \
jq \
tar \
gzip \
device-mapper-persistent-data \
lvm2 # 容器存储依赖
}# 安装containerd(使用openEuler官方仓库)
install_containerd() {
# 安装最新稳定版containerd
dnf install -y containerd# 优化containerd配置(适配openEuler 25.03的systemd和cgroupv2)
sed -i '/SystemdCgroup =/c\SystemdCgroup = true' /etc/containerd/config.toml
sed -i 's/cri\.containerd\.runtime\.v1\.linux/cri.containerd.untrusted-workload.v1.linux/g' /etc/containerd/config.toml # 启用非信任工作负载支持# 重启并启用服务
systemctl daemon-reload
systemctl restart containerd
systemctl enable containerd
}# 安装最新版nerdctl(适配openEuler架构)
install_nerdctl() {
# 获取最新稳定版(排除预发布)
LATEST_NERDCTL=$(curl -s https://api.github.com/repos/containerd/nerdctl/releases/latest | jq -r '.tag_name')
if [[ -z "$LATEST_NERDCTL" || "$LATEST_NERDCTL" == "null" ]]; then
echo "获取nerdctl最新版本失败,可能是网络问题" >&2
exit 1
fi# 识别架构(支持x86_64/aarch64)
ARCH=$(case $(uname -m) in
x86_64) echo "amd64" ;;
aarch64) echo "arm64" ;;
*) echo "unsupported"; exit 1 ;;
esac)
echo "下载文件:https://github.com/containerd/nerdctl/releases/download/${LATEST_NERDCTL}/nerdctl-${LATEST_NERDCTL#v}-linux-${ARCH}.tar.gz"# 下载并安装
curl -fsSL "https://github.com/containerd/nerdctl/releases/download/${LATEST_NERDCTL}/nerdctl-${LATEST_NERDCTL#v}-linux-${ARCH}.tar.gz" \
| tar -xz -C /usr/local/bin# 验证安装
if ! command -v nerdctl &> /dev/null; then
echo "nerdctl安装失败" >&2
exit 1
fi
}# 安装buildkit并配置systemd服务(适配openEuler)
install_buildkit() {
# 获取最新稳定版
LATEST_BUILDKIT=$(curl -s https://api.github.com/repos/moby/buildkit/releases/latest | jq -r '.tag_name')
if [[ -z "$LATEST_BUILDKIT" || "$LATEST_BUILDKIT" == "null" ]]; then
echo "获取buildkit最新版本失败,可能是网络问题" >&2
exit 1
fi# 识别架构
ARCH=$(case $(uname -m) in
x86_64) echo "amd64" ;;
aarch64) echo "arm64" ;;
*) echo "unsupported"; exit 1 ;;
esac)
# 下载并安装
curl -fL "https://github.com/moby/buildkit/releases/download/${LATEST_BUILDKIT}/buildkit-${LATEST_BUILDKIT}.linux-${ARCH}.tar.gz" \
| tar -xz -C /usr/local# 创建buildkitd服务文件(优化openEuler集成)
cat > /etc/systemd/system/buildkitd.service <<EOF
[Unit]
Description=BuildKit Daemon for openEuler 25.03
Documentation=https://github.com/moby/buildkit
After=network.target containerd.service
Requires=containerd.service[Service]
Type=simple
ExecStart=/usr/local/bin/buildkitd \
--oci-worker=true \
--containerd-worker=true \
--containerd-worker-namespace=k8s.io \
--addr=unix:///run/buildkit/buildkitd.sock \
--oci-worker-snapshotter=overlayfs
Restart=on-failure
RestartSec=5
LimitNOFILE=1048576
Environment="PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"[Install]
WantedBy=multi-user.target
EOF# 启动服务并配置开机自启
systemctl daemon-reload
systemctl start buildkitd
systemctl enable buildkitd
}# 主执行流程
echo "=== 检测到openEuler 25.03系统,开始安装 ==="echo "=== 1/4 安装前置依赖 ==="
install_dependenciesecho "=== 2/4 安装并配置containerd ==="
install_containerdecho "=== 3/4 安装最新版nerdctl ==="
install_nerdctlecho "=== 4/4 安装并配置buildkit ==="
install_buildkitecho "=== 安装验证 ==="
echo "nerdctl版本: $(nerdctl --version)"
echo "buildkitd状态: $(systemctl is-active buildkitd)"
echo "containerd状态: $(systemctl is-active containerd)"echo "安装完成!nerdctl和buildkit已配置为开机启动"