3

I am not able to exec into container which uses containerd as runtime.

I need to check some processes running inside the container. Is there any way to exec into container?

I am able to list containers using ctr cli.

Any help would be appreciated.

Snehal Hodage
  • 61
  • 2
  • 5
  • I don't have much experience but containerd as runtime but with docker, the exited process don't show up in the `docker ps` command and need to explicit add `-a` flag as `docker ps -a`. Could you verify that the container process is still running? if you are just asking about the docker command (I assume not), `docker exec` is what is used for `exec`ing into the containers. – Krishna Chaurasia Jun 03 '21 at 11:35
  • I don't know anything about docker, but searching for `docker how to exec into a container` gives a lot of results. – marsh-wiggle Jun 03 '21 at 11:36
  • Containers are up and running . As they use containerd as runtime I didn't find any way to exec into container. – Snehal Hodage Jun 03 '21 at 11:38
  • There is typically a higher level tool (like Docker) in front of containerd. Are you running Docker in this environment? Or something else? Absent any other solution, you can use `nsenter` to run commands inside a container namespace. – larsks Jun 03 '21 at 11:41
  • 1
    Is this a question about docker? You've indicated you are trying to use ctr, but tagged the question with docker. – BMitch Jun 03 '21 at 11:42
  • A container normally runs only one process; if the container is running, its process is too. – David Maze Jun 03 '21 at 11:45

5 Answers5

7

exec is a sub-command of command task,try

ctr -a $CONTAINERD_HOST -n $NAMESPACE t exec -t --exec-id $exec_id --fifo-dir /tmp $executor_id bash
sp x
  • 71
  • 1
  • 1
  • 2
    What the env vars mean ? Could you elaborate the answer, please ? – joaopfg May 23 '22 at 16:46
  • Please explain in details. what is exec_id means? – Satish Aug 13 '22 at 04:29
  • I believe `$exec_id` can be set to any value you please; the help for `task exec` describes it as `exec specific id for the process`. In my testing, the value was not important. Presumably it is used for logging somewhere in the cgroup infrastructure. – Resigned June 2023 Dec 21 '22 at 06:02
6

An alternative to the ctr command that K D Singh wrote about is crictl, so you can use it like so

crictl exec -it 9b47589560c6d /bin/sh

where 9b47589560c6d would be replaced by your container id (doesn't work with names as far as I know).

lejlun
  • 4,140
  • 2
  • 15
  • 31
Russell Waite
  • 61
  • 2
  • 3
1

Firstly run to learn container id:

sudo crictl ps -a

enter image description here

Be careful to use container id (first three letters enough):

sudo crictl exec -it 27e /bin/sh

enter image description here

With ctrctl, we can give seperate commands for images, container and pod (like rmi: remove image, rmp: remove pod, rm: remove container)

Commands: https://github.com/kubernetes-sigs/cri-tools/blob/master/docs/crictl.md

Ömer Sezer
  • 197
  • 5
-1

You can use exec command

docker exec -it <container name> /bin/sh

The -i option keeps the STDIN open and -t allocates a pseudo-tty

This will open the shell and you can execute any command inside the running container.

Rohan Jethure
  • 1
-1

Use exec command for containerd

ctr containers exec -h

Reference: https://chromium.googlesource.com/external/github.com/docker/containerd/+/refs/tags/v0.2.7/docs/cli.md#exec-another-process-into-a-container

K.D Singh
  • 107
  • 8