2

I'm using version 20.10.21 of docker, in my understanding docker with this version uses containerd to manage image and container lifecycle, but why cannot I use crictl/nerdctl to list the containers which I started by docker cli?

What I've tried:

  1. Check if docker uses containerd to manage contianers, ths is the result of systemctl status docker
 docker.service - Docker Application Container Engine 
 Loaded: loaded (/usr/lib/systemd/system/docker.service; disabled; preset: disabled)
Drop-In: /etc/systemd/system/docker.service.d
         └─http-proxy.conf
 Active: active (running) since Sun 2022-12-04 22:44:27 CST; 1min 18s ago TriggeredBy: ● docker.socket
   Docs: https://docs.docker.com    Main PID: 1821 (dockerd)
  Tasks: 91 (limit: 38297)
 Memory: 229.6M
    CPU: 1.214s
 CGroup: /system.slice/docker.service
         ├─1821 /usr/bin/dockerd -H fd://
         ├─1845 containerd --config /var/run/docker/containerd/containerd.toml --log-level info

I guess this means containerd is started by docker daemon. And the unix socket is located at /var/run/docker/containerd/containerd.sock

  1. Try nerdctl to list containers but got error message:
$ nerdctl --address unix:///var/run/docker/containerd/containerd.sock ps  
FATA[0000] rootless containerd not running? (hint: use `containerd-rootless-setuptool.sh install` to start rootless  containerd): stat /run/user/1000/containerd-rootless: no such file or directory

Then I tried it again with sudo

sudo nerdctl --address  unix:///var/run/docker/containerd/containerd.sock ps  
CONTAINER ID  IMAGE    COMMAND    CREATED    STATUS    PORTS    NAMES

As you can see, there's no container listed, but docker ps shows many containers I started.

  1. Try crictl to check result, but got errors:
sudo crictl --r unix:///var/run/docker/containerd/containerd.sock ps
E1204 22:47:27.190569    3925 remote_runtime.go:557] "ListContainers with filter from runtime service failed" err="rpc error: code = Unimplemented desc = unknown service runtime.v1alpha2.RuntimeService" filter="&ContainerFilter{Id:,State:&ContainerStateValue{State:CONTAINER_RUNNING,},PodSandboxId:,LabelSelector:map[string]string{},}"
FATA[0000] listing containers: rpc error: code = Unimplemented desc = unknown service runtime.v1alpha2.RuntimeService

So my questions is: Why can't I get the same results of docker cli by nerdctl/crictl? Is there anything wrong I've done? or anything wrong in my understanding?

Thanks for any tips.

shizhz
  • 11,715
  • 3
  • 39
  • 49
  • do you also get the `FATA[0000]...` error for `crictl info`? This would be mentioned in [crictl docs](https://github.com/containerd/cri/blob/master/docs/crictl.md#download-and-inspect-a-container-image) and seems to be the containerd config. – Wolfson May 10 '23 at 08:16

1 Answers1

1

It looks like the namespace is not specified in your command. Adding --namespace moby shows Docker containers. Leaving out the namespace defaults to a namespace named "default".

Pieter
  • 11
  • 2