Installing nerdctl

Written March 27, 2022, Updated October 31, 2022

You may have a variety of reasons for not wanting to use Docker anymore and replace it with nerdctl, or if you are starting fresh, may want to use nerdctl.

Removing Docker (if you have it)

# remove Docker
sudo apt autoremove docker-ce docker-ce-cli containerd.io
# remove the Docker Ubuntu repository
sudo rm /usr/share/keyrings/docker-archive-keyring.gpg /etc/apt/sources.list.d/docker.list

Install containerd

Containerd is responsible for storing and retrieving docker image layers.

sudo apt install containerd

Install nerdctl binary

NERDCTL_VERSION=1.0.0 # see https://github.com/containerd/nerdctl/releases for the latest release

archType="amd64"
if test "$(uname -m)" = "aarch64"
then
    archType="arm64"
fi

wget -q "https://github.com/containerd/nerdctl/releases/download/v${NERDCTL_VERSION}/nerdctl-full-${NERDCTL_VERSION}-linux-${archType}.tar.gz" -O /tmp/nerdctl.tar.gz
mkdir -p ~/.local/bin
tar -C ~/.local/bin/ -xzf /tmp/nerdctl.tar.gz --strip-components 1 bin/nerdctl

If you don't have ~/.local/bin in your PATH already, you should add it:

echo -e '\nexport PATH="${PATH}:~/.local/bin"' >> ~/.bashrc
source ~/.bashrc

the which command isn't smart enough to pickup on recent changes to the $PATH, so you may need to get a new bash session

SETUID bit tells nerdctl which user to use

sudo chown root "$(which nerdctl)"
sudo chmod +s "$(which nerdctl)"

Start containerd

sudo echo -n ; sudo containerd &
sudo chgrp "$(id -gn)" /run/containerd/containerd.sock

Test containerd and nerdctl client

nerdctl --version
nerdctl images

CNI

The Container Network Interface (CNI) is responsible for virtualizing networks used by running containers.

Install the CNI Plugin

tar -C ~/.local -xzf /tmp/nerdctl.tar.gz libexec
echo 'export CNI_PATH=~/.local/libexec/cni' >> ~/.bashrc
source ~/.bashrc

Test running a container

# check what's running
nerdctl ps -a
# run something
nerdctl run --name dockertest --rm library/alpine:3.16.2 cat /etc/os-release

# does networking work?
nerdctl run -d --name nginxtest -p 8080:80 library/nginx:1.22.1-alpine
curl -I http://localhost:8080
nerdctl rm -f nginxtest

# delete all images
nerdctl images -q | xargs nerdctl rmi

Make a symlink

ln -s $(which nerdctl) ~/.local/bin/docker

I purposely did not use a bash alias because some programs are specifically looking for a binary called "docker" in the $PATH

Buildkit

To build images, you'll need buildkitd and buildctl

tar -C ~/.local/bin/ -xzf /tmp/nerdctl.tar.gz --strip-components 1 bin/buildkitd bin/buildctl

Start the daemon

sudo $(which buildkitd) &

Test building an image

>Dockerfile cat <<EOF
FROM library/alpine:3.16.2

RUN echo hello > /tmp/hello.txt
EOF
nerdctl build -t mytestimage .
nerdctl run --rm mytestimage cat /tmp/hello.txt
nerdctl rmi mytestimage:latest

Sources

https://github.com/containerd/nerdctl/blob/master/docs/faq.md