From 9e6e5fb5ef824365fc7388a10ed2962520d85fce Mon Sep 17 00:00:00 2001 From: spiritlhl <103393591+spiritLHLS@users.noreply.github.com> Date: Mon, 2 Mar 2026 03:25:27 +0000 Subject: [PATCH] =?UTF-8?q?feat=EF=BC=9A=E5=A2=9E=E5=8A=A0containerd?= =?UTF-8?q?=E5=92=8Cpodman=E7=9A=84=E8=AF=B4=E6=98=8E?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- docs/.vitepress/config.mts | 127 +++++++++++-- docs/en/guide/containerd/containerd_build.md | 156 ++++++++++++++++ .../en/guide/containerd/containerd_install.md | 67 +++++++ .../guide/containerd/containerd_precheck.md | 62 +++++++ docs/en/guide/containerd/containerd_qa.md | 99 +++++++++++ docs/en/guide/containerd/containerd_thanks.md | 19 ++ docs/en/guide/docker/docker_install.md | 23 ++- docs/en/guide/podman/podman_build.md | 166 +++++++++++++++++ docs/en/guide/podman/podman_install.md | 67 +++++++ docs/en/guide/podman/podman_precheck.md | 65 +++++++ docs/en/guide/podman/podman_qa.md | 101 +++++++++++ docs/en/guide/podman/podman_thanks.md | 21 +++ docs/guide/containerd/containerd_build.md | 157 ++++++++++++++++ docs/guide/containerd/containerd_install.md | 75 ++++++++ docs/guide/containerd/containerd_precheck.md | 70 ++++++++ docs/guide/containerd/containerd_qa.md | 117 ++++++++++++ docs/guide/containerd/containerd_thanks.md | 19 ++ docs/guide/docker/docker_install.md | 23 ++- docs/guide/podman/podman_build.md | 167 ++++++++++++++++++ docs/guide/podman/podman_install.md | 75 ++++++++ docs/guide/podman/podman_precheck.md | 73 ++++++++ docs/guide/podman/podman_qa.md | 118 +++++++++++++ docs/guide/podman/podman_thanks.md | 21 +++ package-lock.json | 49 +++-- 24 files changed, 1904 insertions(+), 33 deletions(-) create mode 100644 docs/en/guide/containerd/containerd_build.md create mode 100644 docs/en/guide/containerd/containerd_install.md create mode 100644 docs/en/guide/containerd/containerd_precheck.md create mode 100644 docs/en/guide/containerd/containerd_qa.md create mode 100644 docs/en/guide/containerd/containerd_thanks.md create mode 100644 docs/en/guide/podman/podman_build.md create mode 100644 docs/en/guide/podman/podman_install.md create mode 100644 docs/en/guide/podman/podman_precheck.md create mode 100644 docs/en/guide/podman/podman_qa.md create mode 100644 docs/en/guide/podman/podman_thanks.md create mode 100644 docs/guide/containerd/containerd_build.md create mode 100644 docs/guide/containerd/containerd_install.md create mode 100644 docs/guide/containerd/containerd_precheck.md create mode 100644 docs/guide/containerd/containerd_qa.md create mode 100644 docs/guide/containerd/containerd_thanks.md create mode 100644 docs/guide/podman/podman_build.md create mode 100644 docs/guide/podman/podman_install.md create mode 100644 docs/guide/podman/podman_precheck.md create mode 100644 docs/guide/podman/podman_qa.md create mode 100644 docs/guide/podman/podman_thanks.md diff --git a/docs/.vitepress/config.mts b/docs/.vitepress/config.mts index 0936ef0aa9..5b990ce37f 100644 --- a/docs/.vitepress/config.mts +++ b/docs/.vitepress/config.mts @@ -52,18 +52,49 @@ export default defineConfig({ nav: [ { text: '一键虚拟化项目', - link: '/', - activeMatch: '^/$|^/guide/' + link: '/' + }, + { + text: '虚拟化平台', + activeMatch: '^/guide/', + items: [ + { text: 'OneClickVirt', link: '/guide/oneclickvirt/oneclickvirt_precheck.html' }, + { text: 'Proxmox VE', link: '/guide/pve/pve_precheck.html' }, + { text: 'Incus', link: '/guide/incus/incus_precheck.html' }, + { text: 'Docker', link: '/guide/docker/docker_precheck.html' }, + { text: 'LXD', link: '/guide/lxd/lxd_precheck.html' }, + { text: 'Containerd', link: '/guide/containerd/containerd_precheck.html' }, + { text: 'Podman', link: '/guide/podman/podman_precheck.html' }, + { text: '屏蔽滥用', link: '/guide/block/block_iptables.html' }, + ] }, { text: '其他虚拟化项目', - link: '/incomplete/index', - activeMatch: '^/incomplete/' + activeMatch: '^/incomplete/', + items: [ + { text: 'webvirtcloud', link: '/incomplete/webvirtcloud.html' }, + { text: 'webvirtcloud_retspen', link: '/incomplete/webvirtcloud_retspen.html' }, + { text: 'pterodactyl', link: '/incomplete/pterodactyl.html' }, + { text: 'convoy', link: '/incomplete/convoy.html' }, + { text: 'cockpit', link: '/incomplete/cockpit.html' }, + { text: 'virtfusion', link: '/incomplete/virtfusion.html' }, + { text: 'virtualizor-docker', link: '/incomplete/virtualizor-docker.html' }, + { text: 'bashvm', link: '/incomplete/bashvm.html' }, + { text: 'webvirtmgr', link: '/incomplete/webvirtmgr.html' }, + ] }, { text: '其他实用项目', - link: '/case/index', - activeMatch: '^/case/' + activeMatch: '^/case/', + items: [ + { text: '1. VPS融合怪服务器测评脚本', link: '/case/case1.html' }, + { text: '2. 一键修复与安装脚本', link: '/case/case2.html' }, + { text: '3. 自动更新测试服务器节点列表的网络基准测试脚本', link: '/case/case3.html' }, + { text: '4. 三网回程路由线路测试脚本', link: '/case/case4.html' }, + { text: '5. 服务器资源占用脚本', link: '/case/case5.html' }, + { text: '6. 为linux服务器增加swap分区', link: '/case/case6.html' }, + { text: '7. 为linux服务器启用zram设备', link: '/case/case7.html' }, + ] }, { text: '融合怪商家收录', link: 'https://paste.spiritlhl.net/' }, { text: 'VPS余量监控', link: 'https://spiders.spiritlhl.net/' }, @@ -91,8 +122,36 @@ export default defineConfig({ pattern: 'https://github.com/oneclickvirt/oneclickvirt.github.io/edit/main/docs/:path', }, nav: [ - { text: 'One Click Virtualization', link: '/en/', activeMatch: '^/en/guide/' }, - { text: 'Other Virtualization Projects', link: '/en/incomplete/index', activeMatch: '^/en/incomplete/' }, + { text: 'One Click Virtualization', link: '/en/' }, + { + text: 'Virtualization Platforms', + activeMatch: '^/en/guide/', + items: [ + { text: 'OneClickVirt', link: '/en/guide/oneclickvirt/oneclickvirt_precheck.html' }, + { text: 'Proxmox VE', link: '/en/guide/pve/pve_precheck.html' }, + { text: 'Incus', link: '/en/guide/incus/incus_precheck.html' }, + { text: 'Docker', link: '/en/guide/docker/docker_precheck.html' }, + { text: 'LXD', link: '/en/guide/lxd/lxd_precheck.html' }, + { text: 'Containerd', link: '/en/guide/containerd/containerd_precheck.html' }, + { text: 'Podman', link: '/en/guide/podman/podman_precheck.html' }, + { text: 'Block Abuse', link: '/en/guide/block/block_iptables.html' }, + ] + }, + { + text: 'Other Virtualization Projects', + activeMatch: '^/en/incomplete/', + items: [ + { text: 'webvirtcloud', link: '/en/incomplete/webvirtcloud.html' }, + { text: 'webvirtcloud_retspen', link: '/en/incomplete/webvirtcloud_retspen.html' }, + { text: 'pterodactyl', link: '/en/incomplete/pterodactyl.html' }, + { text: 'convoy', link: '/en/incomplete/convoy.html' }, + { text: 'cockpit', link: '/en/incomplete/cockpit.html' }, + { text: 'virtfusion', link: '/en/incomplete/virtfusion.html' }, + { text: 'virtualizor-docker', link: '/en/incomplete/virtualizor-docker.html' }, + { text: 'bashvm', link: '/en/incomplete/bashvm.html' }, + { text: 'webvirtmgr', link: '/en/incomplete/webvirtmgr.html' }, + ] + }, { text: 'Merchant List', link: 'https://paste.spiritlhl.net/' }, { text: 'VPS Stock Monitor', link: 'https://spiders.spiritlhl.net/' }, ], @@ -205,6 +264,26 @@ function getGuideSidebarZhCN() { { text: '在DOCKER上', link: '/guide/block/block_docker.html' }, ] }, + { + text: 'Containerd', + items: [ + { text: '系统和配置要求', link: '/guide/containerd/containerd_precheck.html' }, + { text: 'Containerd主体安装', link: '/guide/containerd/containerd_install.html' }, + { text: 'Linux容器(LXC)', link: '/guide/containerd/containerd_build.html' }, + { text: '致谢', link: '/guide/containerd/containerd_thanks.html' }, + { text: '常见问题答疑', link: '/guide/containerd/containerd_qa.html' } + ] + }, + { + text: 'Podman', + items: [ + { text: '系统和配置要求', link: '/guide/podman/podman_precheck.html' }, + { text: 'Podman主体安装', link: '/guide/podman/podman_install.html' }, + { text: 'Linux容器(LXC)', link: '/guide/podman/podman_build.html' }, + { text: '致谢', link: '/guide/podman/podman_thanks.html' }, + { text: '常见问题答疑', link: '/guide/podman/podman_qa.html' } + ] + }, { text: '捐赠', items: [ @@ -339,17 +418,37 @@ function getGuideSidebarEnUS() { { text: 'Block Abuse', items: [ - { text: 'via iptables', link: '/guide/block/block_iptables.html' }, - { text: 'In PVE', link: '/guide/block/block_pve.html' }, - { text: 'In INCUS', link: '/guide/block/block_incus.html' }, - { text: 'In LXD', link: '/guide/block/block_lxd.html' }, - { text: 'In DOCKER', link: '/guide/block/block_docker.html' }, + { text: 'via iptables', link: '/en/guide/block/block_iptables.html' }, + { text: 'In PVE', link: '/en/guide/block/block_pve.html' }, + { text: 'In INCUS', link: '/en/guide/block/block_incus.html' }, + { text: 'In LXD', link: '/en/guide/block/block_lxd.html' }, + { text: 'In DOCKER', link: '/en/guide/block/block_docker.html' }, + ] + }, + { + text: 'Containerd', + items: [ + { text: 'System & configuration requirements', link: '/en/guide/containerd/containerd_precheck.html' }, + { text: 'Containerd main installation', link: '/en/guide/containerd/containerd_install.html' }, + { text: 'Linux Container(LXC)', link: '/en/guide/containerd/containerd_build.html' }, + { text: 'Acknowledgements', link: '/en/guide/containerd/containerd_thanks.html' }, + { text: 'FAQ', link: '/en/guide/containerd/containerd_qa.html' } + ] + }, + { + text: 'Podman', + items: [ + { text: 'System & configuration requirements', link: '/en/guide/podman/podman_precheck.html' }, + { text: 'Podman main installation', link: '/en/guide/podman/podman_install.html' }, + { text: 'Linux Container(LXC)', link: '/en/guide/podman/podman_build.html' }, + { text: 'Acknowledgements', link: '/en/guide/podman/podman_thanks.html' }, + { text: 'FAQ', link: '/en/guide/podman/podman_qa.html' } ] }, { text: 'Donation', items: [ - { text: 'Donation', link: '/guide/dashboardq.html' } + { text: 'Donation', link: '/en/guide/dashboardq.html' } ] } ]; diff --git a/docs/en/guide/containerd/containerd_build.md b/docs/en/guide/containerd/containerd_build.md new file mode 100644 index 0000000000..5f8a1610bf --- /dev/null +++ b/docs/en/guide/containerd/containerd_build.md @@ -0,0 +1,156 @@ +--- +outline: deep +--- + +# Preface + +Two methods for provisioning containers. + +## Single Container Provisioning + +- Creates a single containerd container, automatically detects international or China mainland server +- Can configure binding of an independent IPv6 address (requires host with public IPv6 and containerd-ipv6 network configured during installation) +- Supports x86_64 and ARM64 architecture servers + +### Download Script + +International + +```shell +wget -q https://raw.githubusercontent.com/oneclickvirt/containerd/main/scripts/onecontainerd.sh +chmod +x onecontainerd.sh +``` + +China Mainland + +```shell +wget -q https://cdn.spiritlhl.net/https://raw.githubusercontent.com/oneclickvirt/containerd/main/scripts/onecontainerd.sh +chmod +x onecontainerd.sh +``` + +### Example + +Supported variables for running: + +```bash +./onecontainerd.sh [independent_ipv6:y/n] [system] [disk_gb] +``` + +Currently supported `system` values: + +- debian +- ubuntu +- alpine +- almalinux +- rockylinux +- openeuler + +Default is debian if not specified. + +```shell +./onecontainerd.sh ct1 1 512 MyPassword 25000 34975 35000 n debian 0 +``` + +Example container information: + +| Attribute | Value | +|-----------|-------| +| Container name | ct1 | +| SSH username | root | +| SSH password | MyPassword | +| CPU cores | 1 | +| Memory | 512MB | +| SSH port | 25000 | +| External/internal port range | 34975 to 35000 | +| System | debian | +| Independent IPv6 | N | +| Disk size | Unlimited | + +### Related Operations + +List all containers + +```shell +nerdctl ps -a +``` + +Enter container + +```shell +nerdctl exec -it ct1 bash +``` + +Enter Alpine container + +```shell +nerdctl exec -it ct1 sh +``` + +Type `exit` to leave the container. + +Delete container + +```shell +nerdctl rm -f ct1 +``` + +View container logs + +```shell +nerdctl logs ct1 +``` + +## Batch Container Provisioning + +- Multiple runs inherit configuration and generate sequentially +- Auto-increments container name (ct1, ct2, ...), SSH port, and public ports +- Container information recorded to `ctlog` file +- Recommended to run in screen to avoid SSH disconnection + +### Run + +International + +```shell +wget -q https://raw.githubusercontent.com/oneclickvirt/containerd/main/scripts/create_containerd.sh +chmod +x create_containerd.sh +./create_containerd.sh +``` + +China Mainland + +```shell +wget -q https://cdn.spiritlhl.net/https://raw.githubusercontent.com/oneclickvirt/containerd/main/scripts/create_containerd.sh +chmod +x create_containerd.sh +./create_containerd.sh +``` + +### Query Batch Container Information + +```shell +cat ctlog +``` + +Output format: + +``` +container_name ssh_port root_password cpu_cores memory_mb start_port end_port disk_gb +``` + +One line per container. + +## Remove All Containers and Images + +```shell +nerdctl ps -aq | xargs -r nerdctl rm -f +nerdctl images -q | xargs -r nerdctl rmi -f +rm -rf ctlog +``` + +## Restart All Containers After Host Reboot + +By default, containers are not configured to auto-restart. Run the following command to start all stopped containers: + +```shell +nerdctl ps -aq -f status=exited | xargs -r nerdctl start +``` diff --git a/docs/en/guide/containerd/containerd_install.md b/docs/en/guide/containerd/containerd_install.md new file mode 100644 index 0000000000..e2c635c1bd --- /dev/null +++ b/docs/en/guide/containerd/containerd_install.md @@ -0,0 +1,67 @@ +--- +outline: deep +--- + +# Preface + +Install the containerd environment, including containerd + runc + nerdctl + CNI + buildkitd full suite. + +## Setting Up Virtual Memory + +:::tip +Allocate some swap space to prevent your machine from crashing. +::: + +Unit conversion: Inputting 1024 results in 1G of SWAP - virtual memory. Virtual memory occupies disk space and is automatically utilized when the physical memory is insufficient. However, this leads to high IO usage and CPU performance overhead. + +It is recommended to allocate virtual memory twice the size of your physical memory. + +```shell +curl -L https://raw.githubusercontent.com/spiritLHLS/addswap/main/addswap.sh -o addswap.sh && chmod +x addswap.sh && bash addswap.sh +``` + +## Environment Setup + +- Supported systems: Ubuntu, Debian, RockyLinux 9+, AlmaLinux 9+, CentOS 9+, Alpine, Arch +- Installs containerd + runc + nerdctl + CNI + buildkitd (via nerdctl-full bundle) +- Automatically configures CNI network (containerd-net: 172.20.0.0/16) with iptables NAT rules +- Detects public IPv6 address; if present, automatically creates containerd-ipv6 CNI network and starts NDP Responder +- Installs DNS liveness check service (check-dns.service) +- Supports x86_64 and ARM64 architecture servers + +International + +```shell +bash <(wget -qO- https://raw.githubusercontent.com/oneclickvirt/containerd/main/containerdinstall.sh) +``` + +China Mainland + +```shell +bash <(wget -qO- https://cdn.spiritlhl.net/https://raw.githubusercontent.com/oneclickvirt/containerd/main/containerdinstall.sh) +``` + +:::tip +After installation, run `nerdctl ps -a` to verify the containerd environment is working correctly. +::: + +## Uninstall containerd Environment + +One-click uninstall of the entire containerd environment, including all containers, images, CNI networks, systemd services, and nerdctl/containerd binaries: + +International + +```shell +bash <(wget -qO- https://raw.githubusercontent.com/oneclickvirt/containerd/main/containerduninstall.sh) +``` + +China Mainland + +```shell +bash <(wget -qO- https://cdn.spiritlhl.net/https://raw.githubusercontent.com/oneclickvirt/containerd/main/containerduninstall.sh) +``` + +:::warning +The script requires entering `yes` to confirm before execution. This operation is irreversible. Deleted content includes all containers, images, and CNI network configurations. +Retest workflow: Run uninstall first, then run install to verify the entire installation process from scratch. +::: diff --git a/docs/en/guide/containerd/containerd_precheck.md b/docs/en/guide/containerd/containerd_precheck.md new file mode 100644 index 0000000000..b61c993e0e --- /dev/null +++ b/docs/en/guide/containerd/containerd_precheck.md @@ -0,0 +1,62 @@ +--- +outline: deep +--- + +# Introduction + +The following is an introduction to the non-customized sections. Please ensure that you don't confuse them with the customized parts. + +If your host does not have an IPv6 subnet and you want to assign IPv6 addresses to containers, the host itself needs a public IPv6 address. The installation script will automatically detect and configure this. + +:::warning +The containerd solution **does not support KVM/QEMU virtual machines**. It only supports Linux containers (LXC) and is suitable for environments without KVM hardware virtualization support. +::: + +Feel free to give the project a ```Star``` for free support! --> [https://github.com/oneclickvirt/containerd](https://github.com/oneclickvirt/containerd) + +## Project Features + +Bulk or individual NAT server provisioning based on containerd + nerdctl runtime + +- Installs containerd + runc + nerdctl + CNI + buildkitd via the [nerdctl-full](https://github.com/containerd/nerdctl) bundle +- Uses self-compiled base images (stored in GitHub Releases), with offline loading prioritized and fallback to official images +- Each container comes with 1 external SSH port, 25 consistent internal/external ports, with optional independent IPv6 address binding +- Default unprivileged containers, supports lxcfs mounting (if lxcfs is installed on the host) +- Supports disk limit parameters (requires xfs/btrfs snapshotter with storage-opt support) +- Supports China CDN acceleration + +## Supported Systems + +| System | amd64 | arm64 | +|--------|-------|-------| +| Ubuntu 22.04 | ✓ | ✓ | +| Debian 12 | ✓ | ✓ | +| Alpine latest | ✓ | ✓ | +| AlmaLinux 9 | ✓ | ✓ | +| RockyLinux 9 | ✓ | ✓ | +| OpenEuler 22.03 | ✓ | ✓ | + +## Configuration Requirements + +- Host OS: Ubuntu, Debian, RockyLinux 9+, AlmaLinux 9+, CentOS 9+, Alpine, Arch +- Architecture: x86_64 (amd64) or ARM64 +- Kernel must support overlay filesystem +- Network must be able to connect to GitHub raw interface +- At least 3GB free disk space +- **No KVM hardware support required** + +## Comparison with Docker + +| Feature | containerd | docker | +|---------|-----------|--------| +| Runtime | containerd + runc | Docker daemon + runc | +| Management CLI | nerdctl | docker | +| Daemon required | Lightweight daemon | Heavy Docker daemon | +| Container support | Linux containers (LXC) | Linux containers + KVM VMs | +| Installation | nerdctl-full bundle | Docker official script | + +It is recommended to add some SWAP virtual memory before provisioning NAT servers to avoid host crash due to sudden memory spikes. + +```shell +curl -L https://raw.githubusercontent.com/spiritLHLS/addswap/main/addswap.sh -o addswap.sh && chmod +x addswap.sh && bash addswap.sh +``` diff --git a/docs/en/guide/containerd/containerd_qa.md b/docs/en/guide/containerd/containerd_qa.md new file mode 100644 index 0000000000..2e113d3e43 --- /dev/null +++ b/docs/en/guide/containerd/containerd_qa.md @@ -0,0 +1,99 @@ +--- +outline: deep +--- + +# FAQ + +## nerdctl: command not found + +The containerd environment is not correctly installed or `/usr/local/bin` is not in PATH. + +Fix: + +```shell +export PATH="/usr/local/bin:$PATH" +echo 'export PATH="/usr/local/bin:$PATH"' >> /etc/profile +source /etc/profile +``` + +If still not found, re-run the installation script: + +```shell +bash <(wget -qO- https://raw.githubusercontent.com/oneclickvirt/containerd/main/containerdinstall.sh) +``` + +## containerd service not running + +```shell +systemctl status containerd +systemctl restart containerd +``` + +View logs: + +```shell +journalctl -u containerd -f +``` + +## Container cannot access external network (IPv4) + +Check if iptables NAT rules exist: + +```shell +iptables -t nat -L POSTROUTING -n -v | grep 172.20 +``` + +If not present, add manually: + +```shell +iptables -t nat -A POSTROUTING -s 172.20.0.0/16 ! -d 172.20.0.0/16 -j MASQUERADE +iptables -A FORWARD -s 172.20.0.0/16 -j ACCEPT +iptables -A FORWARD -d 172.20.0.0/16 -j ACCEPT +``` + +## Container IPv6 not working + +1. Confirm the host has a public IPv6 address +2. Check if the containerd-ipv6 CNI network exists: + +```shell +cat /etc/cni/net.d/20-containerd-ipv6.conflist +``` + +3. Check if the ndpresponder container is running: + +```shell +nerdctl ps | grep ndpresponder +``` + +## Image pull failed + +The script includes built-in CDN detection. You can also manually test CDN availability: + +```shell +curl -4 -sL -k "https://cdn0.spiritlhl.top/https://raw.githubusercontent.com/spiritLHLS/ecs/main/back/test" --max-time 6 +``` + +## How to completely reset the containerd environment + +Uninstall, then reinstall: + +```shell +bash <(wget -qO- https://raw.githubusercontent.com/oneclickvirt/containerd/main/containerduninstall.sh) +bash <(wget -qO- https://raw.githubusercontent.com/oneclickvirt/containerd/main/containerdinstall.sh) +``` + +## lxcfs related issues + +If lxcfs is not installed on the host, containers will see the host's CPU/memory view. Install lxcfs: + +```shell +apt-get install -y lxcfs # Debian/Ubuntu +yum install -y lxcfs # CentOS/RHEL +``` + +## Disk limit not working + +Disk limits require xfs or btrfs snapshotter support. The default overlay snapshotter does not support container-level disk limits. + +For disk limits, refer to the docker or incus solution documentation. diff --git a/docs/en/guide/containerd/containerd_thanks.md b/docs/en/guide/containerd/containerd_thanks.md new file mode 100644 index 0000000000..b30940dd29 --- /dev/null +++ b/docs/en/guide/containerd/containerd_thanks.md @@ -0,0 +1,19 @@ +## Acknowledgements + +https://github.com/containerd/nerdctl + +https://github.com/containerd/containerd + +https://github.com/opencontainers/runc + +https://github.com/containernetworking/cni + +https://github.com/moby/buildkit + +https://github.com/yoursunny/ndpresponder + +https://github.com/lxc/lxcfs + +https://github.com/SuperManito/LinuxMirrors + +Thanks to [@spiritlhls](https://github.com/spiritlhls) for providing the containerd container runtime solution. diff --git a/docs/en/guide/docker/docker_install.md b/docs/en/guide/docker/docker_install.md index 54e30860b7..e01a049c86 100644 --- a/docs/en/guide/docker/docker_install.md +++ b/docs/en/guide/docker/docker_install.md @@ -62,4 +62,25 @@ Or specify a different storage limit size (in MB), the default test of the 500MB ```shell # 1GB Limit bash disk_test.sh 1000 -``` \ No newline at end of file +``` + +## Uninstall Docker Environment + +One-click uninstall of the entire Docker environment, including all containers, images, networks, systemd services, and binaries: + +International + +```shell +bash <(wget -qO- https://raw.githubusercontent.com/oneclickvirt/docker/main/dockeruninstall.sh) +``` + +China Mainland + +```shell +bash <(wget -qO- https://cdn.spiritlhl.net/https://raw.githubusercontent.com/oneclickvirt/docker/main/dockeruninstall.sh) +``` + +:::warning +The script requires entering `yes` to confirm before execution. This operation is irreversible. Deleted content includes all containers, images, and network configurations. +Retest workflow: Run uninstall first, then run install to verify the entire installation process from scratch. +::: \ No newline at end of file diff --git a/docs/en/guide/podman/podman_build.md b/docs/en/guide/podman/podman_build.md new file mode 100644 index 0000000000..3acd6e145c --- /dev/null +++ b/docs/en/guide/podman/podman_build.md @@ -0,0 +1,166 @@ +--- +outline: deep +--- + +# Preface + +Two methods for provisioning containers. + +## Single Container Provisioning + +- Creates a single Podman container, automatically detects international or China mainland server +- Can configure binding of an independent IPv6 address (requires host with public IPv6 and podman-ipv6 network configured during installation) +- Supports x86_64 and ARM64 architecture servers + +### Download Script + +International + +```shell +wget -q https://raw.githubusercontent.com/oneclickvirt/podman/main/scripts/onepodman.sh +chmod +x onepodman.sh +``` + +China Mainland + +```shell +wget -q https://cdn.spiritlhl.net/https://raw.githubusercontent.com/oneclickvirt/podman/main/scripts/onepodman.sh +chmod +x onepodman.sh +``` + +### Example + +Supported variables for running: + +```bash +./onepodman.sh [independent_ipv6:y/n] [system] [disk_gb] +``` + +Currently supported `system` values: + +- debian +- ubuntu +- alpine +- almalinux +- rockylinux +- openeuler + +Default is debian if not specified. + +```shell +./onepodman.sh ct1 1 512 MyPassword 25000 34975 35000 n debian 0 +``` + +Example container information: + +| Attribute | Value | +|-----------|-------| +| Container name | ct1 | +| SSH username | root | +| SSH password | MyPassword | +| CPU cores | 1 | +| Memory | 512MB | +| SSH port | 25000 | +| External/internal port range | 34975 to 35000 | +| System | debian | +| Independent IPv6 | N | +| Disk size | Unlimited | + +### Related Operations + +List all containers + +```shell +podman ps -a +``` + +Enter container + +```shell +podman exec -it ct1 bash +``` + +Enter Alpine container + +```shell +podman exec -it ct1 sh +``` + +Type `exit` to leave the container. + +Delete container + +```shell +podman rm -f ct1 +``` + +View container logs + +```shell +podman logs ct1 +``` + +## Batch Container Provisioning + +- Multiple runs inherit configuration and generate sequentially +- Auto-increments container name (ct1, ct2, ...), SSH port, and public ports +- Container information recorded to `ctlog` file +- Recommended to run in screen to avoid SSH disconnection + +### Run + +International + +```shell +wget -q https://raw.githubusercontent.com/oneclickvirt/podman/main/scripts/create_podman.sh +chmod +x create_podman.sh +./create_podman.sh +``` + +China Mainland + +```shell +wget -q https://cdn.spiritlhl.net/https://raw.githubusercontent.com/oneclickvirt/podman/main/scripts/create_podman.sh +chmod +x create_podman.sh +./create_podman.sh +``` + +### Query Batch Container Information + +```shell +cat ctlog +``` + +Output format: + +``` +container_name ssh_port root_password cpu_cores memory_mb start_port end_port disk_gb +``` + +One line per container. + +## Remove All Containers and Images + +```shell +podman ps -aq | xargs -r podman rm -f +podman images -aq | xargs -r podman rmi -f +podman volume prune -f +podman system prune -af +rm -rf ctlog +``` + +## Restart All Containers After Host Reboot + +Podman supports systemd integration. Generate auto-start service for a container: + +```shell +# Generate systemd service for a specific container +podman generate systemd --name ct1 > /etc/systemd/system/container-ct1.service +systemctl enable container-ct1 +``` + +Or manually start all stopped containers: + +```shell +podman ps -aq -f status=exited | xargs -r podman start +``` diff --git a/docs/en/guide/podman/podman_install.md b/docs/en/guide/podman/podman_install.md new file mode 100644 index 0000000000..9030342fb9 --- /dev/null +++ b/docs/en/guide/podman/podman_install.md @@ -0,0 +1,67 @@ +--- +outline: deep +--- + +# Preface + +Install the Podman environment, including podman + network configuration + DNS liveness check service. + +## Setting Up Virtual Memory + +:::tip +Allocate some swap space to prevent your machine from crashing. +::: + +Unit conversion: Inputting 1024 results in 1G of SWAP - virtual memory. Virtual memory occupies disk space and is automatically utilized when the physical memory is insufficient. However, this leads to high IO usage and CPU performance overhead. + +It is recommended to allocate virtual memory twice the size of your physical memory. + +```shell +curl -L https://raw.githubusercontent.com/spiritLHLS/addswap/main/addswap.sh -o addswap.sh && chmod +x addswap.sh && bash addswap.sh +``` + +## Environment Setup + +- Supported systems: Ubuntu, Debian, RockyLinux 9+, AlmaLinux 9+, CentOS 9+, Alpine, Arch +- Installs Podman via each distribution's official packages (daemonless architecture, no Docker daemon required) +- Automatically configures Podman network (podman-net: 172.21.0.0/16) +- Detects public IPv6 address; if present, automatically creates podman-ipv6 network and starts NDP Responder +- Installs DNS liveness check service (check-dns-podman.service) +- Supports x86_64 and ARM64 architecture servers + +International + +```shell +bash <(wget -qO- https://raw.githubusercontent.com/oneclickvirt/podman/main/podmaninstall.sh) +``` + +China Mainland + +```shell +bash <(wget -qO- https://cdn.spiritlhl.net/https://raw.githubusercontent.com/oneclickvirt/podman/main/podmaninstall.sh) +``` + +:::tip +After installation, run `podman ps -a` to verify the Podman environment is working correctly. +::: + +## Uninstall Podman Environment + +One-click uninstall of the entire Podman environment, including all containers, images, networks, and auxiliary files: + +International + +```shell +bash <(wget -qO- https://raw.githubusercontent.com/oneclickvirt/podman/main/podmanuninstall.sh) +``` + +China Mainland + +```shell +bash <(wget -qO- https://cdn.spiritlhl.net/https://raw.githubusercontent.com/oneclickvirt/podman/main/podmanuninstall.sh) +``` + +:::warning +The script requires entering `yes` to confirm before execution. This operation is irreversible. Deleted content includes all containers, images, and Podman network configurations. +Retest workflow: Run uninstall first, then run install to verify the entire installation process from scratch. +::: diff --git a/docs/en/guide/podman/podman_precheck.md b/docs/en/guide/podman/podman_precheck.md new file mode 100644 index 0000000000..c08fee5b45 --- /dev/null +++ b/docs/en/guide/podman/podman_precheck.md @@ -0,0 +1,65 @@ +--- +outline: deep +--- + +# Introduction + +The following is an introduction to the non-customized sections. Please ensure that you don't confuse them with the customized parts. + +If your host does not have an IPv6 subnet and you want to assign IPv6 addresses to containers, the host itself needs a public IPv6 address. The installation script will automatically detect and configure this. + +:::warning +The Podman solution **does not support KVM/QEMU virtual machines**. It only supports Linux containers (LXC) and is suitable for environments without KVM hardware virtualization support. +::: + +Feel free to give the project a ```Star``` for free support! --> [https://github.com/oneclickvirt/podman](https://github.com/oneclickvirt/podman) + +## Project Features + +Bulk or individual NAT server provisioning based on Podman (daemonless architecture) runtime + +- Uses each distribution's official packages to install Podman (no daemon, daemonless architecture) +- Uses self-compiled base images (stored in GitHub Releases), with offline loading prioritized and fallback to ghcr.io images +- Each container comes with 1 external SSH port, 25 consistent internal/external ports, with optional independent IPv6 address binding +- Supports lxcfs mounting (if lxcfs is installed on the host), providing real /proc view inside containers +- Native rootless support (this solution runs as root to simplify network configuration) +- Supports China CDN acceleration + +## Supported Systems + +| System | amd64 | arm64 | +|--------|-------|-------| +| Ubuntu 22.04 | ✓ | ✓ | +| Debian 12 | ✓ | ✓ | +| Alpine latest | ✓ | ✓ | +| AlmaLinux 9 | ✓ | ✓ | +| RockyLinux 9 | ✓ | ✓ | +| OpenEuler 22.03 | ✓ | ✓ | + +## Configuration Requirements + +- Host OS: Ubuntu, Debian, RockyLinux 9+, AlmaLinux 9+, CentOS 9+, Alpine, Arch +- Architecture: x86_64 (amd64) or ARM64 +- Kernel must support overlay filesystem +- Network must be able to connect to GitHub raw interface +- At least 3GB free disk space +- **No KVM hardware support required** + +## Comparison with containerd and Docker + +| Feature | podman (this project) | containerd | docker | +|---------|----------------------|-----------|--------| +| Daemon | None (daemonless) | Lightweight containerd | Heavy Docker daemon | +| Runtime | crun/runc | runc | runc | +| CLI | podman | nerdctl | docker | +| Rootless support | Native | Requires config | Requires config | +| Image format | OCI | OCI | OCI | +| Network backend | netavark/CNI | CNI | Docker bridge | +| Container support | Linux containers (LXC) | Linux containers (LXC) | Linux containers + KVM VMs | +| Installation | System package manager | nerdctl-full bundle | Docker official script | + +It is recommended to add some SWAP virtual memory before provisioning NAT servers to avoid host crash due to sudden memory spikes. + +```shell +curl -L https://raw.githubusercontent.com/spiritLHLS/addswap/main/addswap.sh -o addswap.sh && chmod +x addswap.sh && bash addswap.sh +``` diff --git a/docs/en/guide/podman/podman_qa.md b/docs/en/guide/podman/podman_qa.md new file mode 100644 index 0000000000..0efbe482cc --- /dev/null +++ b/docs/en/guide/podman/podman_qa.md @@ -0,0 +1,101 @@ +--- +outline: deep +--- + +# FAQ + +## podman: command not found + +The Podman environment is not correctly installed. Re-run the installation script: + +```shell +bash <(wget -qO- https://raw.githubusercontent.com/oneclickvirt/podman/main/podmaninstall.sh) +``` + +## Container cannot access external network (IPv4) + +Check if iptables NAT rules exist: + +```shell +iptables -t nat -L POSTROUTING -n -v | grep 172.21 +``` + +If not present, add manually: + +```shell +iptables -t nat -A POSTROUTING -s 172.21.0.0/16 ! -d 172.21.0.0/16 -j MASQUERADE +iptables -A FORWARD -s 172.21.0.0/16 -j ACCEPT +iptables -A FORWARD -d 172.21.0.0/16 -j ACCEPT +``` + +## Container IPv6 not working + +1. Confirm the host has a public IPv6 address +2. Check if the podman-ipv6 network exists: + +```shell +podman network ls | grep ipv6 +``` + +3. Check if the ndpresponder container is running: + +```shell +podman ps | grep ndpresponder +``` + +## Podman vs Docker command comparison + +| Function | Docker command | Podman command | +|----------|---------------|----------------| +| List containers | `docker ps -a` | `podman ps -a` | +| Enter container | `docker exec -it` | `podman exec -it` | +| Delete container | `docker rm -f` | `podman rm -f` | +| List images | `docker images` | `podman images` | +| Delete image | `docker rmi` | `podman rmi` | +| View logs | `docker logs` | `podman logs` | + +## Image pull failed + +Images are prioritized from GitHub Releases as offline tar packages, with fallback to ghcr.io: + +```shell +ghcr.io/oneclickvirt/podman:-amd64 +ghcr.io/oneclickvirt/podman:-arm64 +ghcr.io/oneclickvirt/podman: # multi-arch manifest +``` + +Manually pull image example: + +```shell +podman pull ghcr.io/oneclickvirt/podman:debian-amd64 +``` + +## How to completely reset the Podman environment + +Uninstall, then reinstall: + +```shell +bash <(wget -qO- https://raw.githubusercontent.com/oneclickvirt/podman/main/podmanuninstall.sh) +bash <(wget -qO- https://raw.githubusercontent.com/oneclickvirt/podman/main/podmaninstall.sh) +``` + +## Podman vs containerd: which to choose? + +- For daemonless architecture with no background daemon, or if you prefer the system package manager, choose **Podman** +- For a lightweight daemon + nerdctl CLI experience, choose **containerd** +- For KVM virtual machines (Windows/macOS/Android), choose **docker** or **PVE/Incus/LXD** solutions + +## DNS issues + +Podman installation configures the `check-dns-podman.service`. Check if it's running: + +```shell +systemctl status check-dns-podman +``` + +Manual DNS fix: + +```shell +echo "nameserver 8.8.8.8" >> /etc/resolv.conf +echo "nameserver 1.1.1.1" >> /etc/resolv.conf +``` diff --git a/docs/en/guide/podman/podman_thanks.md b/docs/en/guide/podman/podman_thanks.md new file mode 100644 index 0000000000..cef4201353 --- /dev/null +++ b/docs/en/guide/podman/podman_thanks.md @@ -0,0 +1,21 @@ +## Acknowledgements + +https://github.com/containers/podman + +https://github.com/containers/buildah + +https://github.com/containers/netavark + +https://github.com/containers/crun + +https://github.com/opencontainers/runc + +https://github.com/yoursunny/ndpresponder + +https://github.com/lxc/lxcfs + +https://github.com/SuperManito/LinuxMirrors + +https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/ + +Thanks to [@spiritlhls](https://github.com/spiritlhls) for providing the Podman container runtime solution. diff --git a/docs/guide/containerd/containerd_build.md b/docs/guide/containerd/containerd_build.md new file mode 100644 index 0000000000..c630bc3d01 --- /dev/null +++ b/docs/guide/containerd/containerd_build.md @@ -0,0 +1,157 @@ +--- +outline: deep +--- + +# 前言 + +两种开设方式 + +## 单独开设 + +- 只生成一个 containerd 容器,自动判断国际服务器还是国内服务器 +- 可配置绑定独立的 IPV6 地址(需安装时宿主机已有公网 IPV6 且安装脚本已配置 containerd-ipv6 网络) +- 支持 x86_64 和 ARM64 架构的服务器 + +### 下载脚本 + +国际 + +```shell +wget -q https://raw.githubusercontent.com/oneclickvirt/containerd/main/scripts/onecontainerd.sh +chmod +x onecontainerd.sh +``` + +国内 + +```shell +wget -q https://cdn.spiritlhl.net/https://raw.githubusercontent.com/oneclickvirt/containerd/main/scripts/onecontainerd.sh +chmod +x onecontainerd.sh +``` + +### 示例 + +运行支持的变量如下 + +```bash +./onecontainerd.sh [independent_ipv6:y/n] [system] [disk_gb] +``` + +目前 system 仅支持选择: + +- debian +- ubuntu +- alpine +- almalinux +- rockylinux +- openeuler + +默认不填则是 debian + +```shell +./onecontainerd.sh ct1 1 512 MyPassword 25000 34975 35000 n debian 0 +``` + +以下为开设的示例容器的信息: + +| 属性 | 值 | +|------|----| +| 容器名字 | ct1 | +| SSH 登录的用户名 | root | +| SSH 登录的密码 | MyPassword | +| CPU 核数 | 1 | +| 内存大小 | 512MB | +| SSH 端口 | 25000 | +| 内外网映射端口一致的区间 | 34975 到 35000 | +| 系统 | debian | +| 是否绑定独立的 IPV6 地址 | N | +| 硬盘大小 | 不限制 | + +### 相关操作 + +查看所有容器 + +```shell +nerdctl ps -a +``` + +进入容器 + +```shell +nerdctl exec -it ct1 bash +``` + +进入 Alpine 容器 + +```shell +nerdctl exec -it ct1 sh +``` + +要退出容器就执行 `exit` 退出。 + +删除示例 + +```shell +nerdctl rm -f ct1 +``` + +查看容器日志 + +```shell +nerdctl logs ct1 +``` + +## 批量开设 + +- 批量多次运行继承配置生成 +- 自动递增容器名(ct1, ct2, ...)、SSH 端口、公网端口 +- 容器信息记录到 `ctlog` 文件 +- 生成多个时为避免 SSH 连接中断建议在 screen 中执行 +- 支持 x86_64 和 ARM64 架构的服务器 + +### 运行 + +国际 + +```shell +wget -q https://raw.githubusercontent.com/oneclickvirt/containerd/main/scripts/create_containerd.sh +chmod +x create_containerd.sh +./create_containerd.sh +``` + +国内 + +```shell +wget -q https://cdn.spiritlhl.net/https://raw.githubusercontent.com/oneclickvirt/containerd/main/scripts/create_containerd.sh +chmod +x create_containerd.sh +./create_containerd.sh +``` + +### 查询批量开设的信息 + +```shell +cat ctlog +``` + +输出格式 + +``` +容器名字 SSH端口 登陆的root密码 核数 内存 外网端口起 外网端口止 硬盘大小 +``` + +一行一个容器对应的信息 + +## 删除所有容器和镜像 + +```shell +nerdctl ps -aq | xargs -r nerdctl rm -f +nerdctl images -q | xargs -r nerdctl rmi -f +rm -rf ctlog +``` + +## 宿主机重启后重启所有容器 + +默认容器没有设置停止后自重启,需要执行以下命令启动所有停止的容器 + +```shell +nerdctl ps -aq -f status=exited | xargs -r nerdctl start +``` diff --git a/docs/guide/containerd/containerd_install.md b/docs/guide/containerd/containerd_install.md new file mode 100644 index 0000000000..db0fce9c6d --- /dev/null +++ b/docs/guide/containerd/containerd_install.md @@ -0,0 +1,75 @@ +--- +outline: deep +--- + +# 前言 + +安装 containerd 环境,包含 containerd + runc + nerdctl + CNI + buildkitd 全套组件 + +## 开设虚拟内存 + +:::tip +内存开点 swap 免得机器炸了 +::: + +单位换算:输入 1024 产生 1G SWAP-虚拟内存,虚拟内存占用硬盘空间,当实际内存不够用时将自动使用虚拟内存做内存使用,但随之带来IO高占用以及CPU性能占用 + +建议只开实际内存大小两倍大小的虚拟内存 + +国际 + +```shell +curl -L https://raw.githubusercontent.com/spiritLHLS/addswap/main/addswap.sh -o addswap.sh && chmod +x addswap.sh && bash addswap.sh +``` + +国内 + +```shell +curl -L https://cdn.spiritlhl.net/https://raw.githubusercontent.com/spiritLHLS/addswap/main/addswap.sh -o addswap.sh && chmod +x addswap.sh && bash addswap.sh +``` + +## 环境安装 + +- 支持系统:Ubuntu、Debian、RockyLinux 9+、AlmaLinux 9+、CentOS 9+、Alpine、Arch +- 安装 containerd + runc + nerdctl + CNI + buildkitd(通过 nerdctl-full bundle) +- 自动配置 CNI 网络(containerd-net:172.20.0.0/16)并设置 iptables NAT 规则 +- 检测公网 IPV6 地址,若存在则自动创建 containerd-ipv6 CNI 网络并启动 NDP Responder +- 安装 DNS 保活服务(check-dns.service),持续检测 DNS 可用性 +- 支持 x86_64 和 ARM64 架构的服务器 + +国际 + +```shell +bash <(wget -qO- https://raw.githubusercontent.com/oneclickvirt/containerd/main/containerdinstall.sh) +``` + +国内 + +```shell +bash <(wget -qO- https://cdn.spiritlhl.net/https://raw.githubusercontent.com/oneclickvirt/containerd/main/containerdinstall.sh) +``` + +:::tip +安装完成后建议执行 `nerdctl ps -a` 验证 containerd 环境是否正常运行 +::: + +## 卸载 containerd 环境 + +一键卸载 containerd 全套环境,包括所有容器、镜像、CNI 网络、systemd 服务、nerdctl/containerd 二进制文件: + +国际 + +```shell +bash <(wget -qO- https://raw.githubusercontent.com/oneclickvirt/containerd/main/containerduninstall.sh) +``` + +国内 + +```shell +bash <(wget -qO- https://cdn.spiritlhl.net/https://raw.githubusercontent.com/oneclickvirt/containerd/main/containerduninstall.sh) +``` + +:::warning +脚本会在执行前要求输入 `yes` 确认,操作不可逆。删除内容包括所有容器、镜像、CNI 网络配置。 +复测流程:先执行卸载,再执行安装,即可从零验证整个安装流程。 +::: diff --git a/docs/guide/containerd/containerd_precheck.md b/docs/guide/containerd/containerd_precheck.md new file mode 100644 index 0000000000..f59b473ff6 --- /dev/null +++ b/docs/guide/containerd/containerd_precheck.md @@ -0,0 +1,70 @@ +--- +outline: deep +--- + +# 前言 + +以下为非自定义部分的介绍,自定义部分有自己对应的介绍,勿弄混了 + +如果你的宿主机本身没有IPV6的子网又想给容器分配IPV6地址,需要宿主机本身已有公网IPV6地址,安装脚本会自动检测并配置 + +:::warning +containerd 方案**不支持 KVM/QEMU 虚拟机**,仅支持 Linux 容器(LXC),适用于无 KVM 硬件虚拟化支持的环境。 +::: + +欢迎给项目一个 ```Star``` 进行免费的支持-->[https://github.com/oneclickvirt/containerd](https://github.com/oneclickvirt/containerd) + +## 项目特点 + +基于 containerd + nerdctl 运行时,通过批量或单独开设 NAT 服务器 + +- 使用 [nerdctl-full](https://github.com/containerd/nerdctl) 安装 containerd + runc + nerdctl + CNI + buildkitd 全套组件 +- 使用本仓库自编译的基础镜像(存储在 GitHub Releases),优先离线加载,无法获取时回退到官方镜像 +- 每个容器自带 1 个外网 SSH 端口,25 个内外网一致端口,可选择是否绑定独立 IPV6 地址 +- 默认创建非特权容器,支持 lxcfs 挂载(若宿主机安装了 lxcfs) +- 支持磁盘限制参数(需 xfs/btrfs snapshotter 支持 storage-opt) +- 支持国内 CDN 镜像加速 + +## 支持的系统 + +| 系统 | amd64 | arm64 | +|------|-------|-------| +| Ubuntu 22.04 | ✓ | ✓ | +| Debian 12 | ✓ | ✓ | +| Alpine latest | ✓ | ✓ | +| AlmaLinux 9 | ✓ | ✓ | +| RockyLinux 9 | ✓ | ✓ | +| OpenEuler 22.03 | ✓ | ✓ | + +## 配置要求 + +- 宿主机系统:Ubuntu、Debian、RockyLinux 9+、AlmaLinux 9+、CentOS 9+、Alpine、Arch +- 架构:x86_64(amd64)或 ARM64 +- 内核需支持 overlay 文件系统 +- 网络能连接 Github 的 raw 界面即可 +- 空闲硬盘有 3G 以上即可 +- **不需要 KVM 硬件支持** + +## 与 docker 对比 + +| 特性 | containerd | docker | +|------|-----------|--------| +| 运行时 | containerd + runc | Docker daemon + runc | +| 管理命令 | nerdctl | docker | +| 是否需要守护进程 | 轻量级守护进程 | 重量级 Docker daemon | +| 容器支持 | Linux 容器(LXC)| Linux 容器 + KVM 虚拟机 | +| 安装方式 | nerdctl-full bundle | Docker 官方脚本 | + +推荐在开设 NAT 服务器前先增加部分 SWAP 虚拟内存,避免突发的内存占用导致宿主机卡死 + +国际 + +```shell +curl -L https://raw.githubusercontent.com/spiritLHLS/addswap/main/addswap.sh -o addswap.sh && chmod +x addswap.sh && bash addswap.sh +``` + +国内 + +```shell +curl -L https://cdn.spiritlhl.net/https://raw.githubusercontent.com/spiritLHLS/addswap/main/addswap.sh -o addswap.sh && chmod +x addswap.sh && bash addswap.sh +``` diff --git a/docs/guide/containerd/containerd_qa.md b/docs/guide/containerd/containerd_qa.md new file mode 100644 index 0000000000..6d4ec4677b --- /dev/null +++ b/docs/guide/containerd/containerd_qa.md @@ -0,0 +1,117 @@ +--- +outline: deep +--- + +# 常见问题答疑 + +## nerdctl: command not found + +containerd 环境未正确安装或 `/usr/local/bin` 不在 PATH 中 + +解决方法: + +```shell +export PATH="/usr/local/bin:$PATH" +echo 'export PATH="/usr/local/bin:$PATH"' >> /etc/profile +source /etc/profile +``` + +如果仍然没有,请重新执行安装脚本: + +国际 + +```shell +bash <(wget -qO- https://raw.githubusercontent.com/oneclickvirt/containerd/main/containerdinstall.sh) +``` + +国内 + +```shell +bash <(wget -qO- https://cdn.spiritlhl.net/https://raw.githubusercontent.com/oneclickvirt/containerd/main/containerdinstall.sh) +``` + +## containerd 服务未启动 + +```shell +systemctl status containerd +systemctl restart containerd +``` + +查看日志: + +```shell +journalctl -u containerd -f +``` + +## 容器无法访问外网(IPv4) + +检查 iptables NAT 规则是否存在: + +```shell +iptables -t nat -L POSTROUTING -n -v | grep 172.20 +``` + +如果没有,手动添加: + +```shell +iptables -t nat -A POSTROUTING -s 172.20.0.0/16 ! -d 172.20.0.0/16 -j MASQUERADE +iptables -A FORWARD -s 172.20.0.0/16 -j ACCEPT +iptables -A FORWARD -d 172.20.0.0/16 -j ACCEPT +``` + +## 容器 IPv6 未生效 + +1. 确认宿主机有公网 IPv6 地址 +2. 检查 containerd-ipv6 CNI 网络是否存在: + +```shell +cat /etc/cni/net.d/20-containerd-ipv6.conflist +``` + +3. 检查 ndpresponder 容器是否运行: + +```shell +nerdctl ps | grep ndpresponder +``` + +## 镜像拉取失败 + +优先尝试国内 CDN 加速,脚本内置 CDN 检测,也可手动切换: + +```shell +# 测试 CDN 是否可用 +curl -4 -sL -k "https://cdn0.spiritlhl.top/https://raw.githubusercontent.com/spiritLHLS/ecs/main/back/test" --max-time 6 +``` + +## 如何完全重置 containerd 环境 + +先卸载,再重新安装: + +国际 + +```shell +bash <(wget -qO- https://raw.githubusercontent.com/oneclickvirt/containerd/main/containerduninstall.sh) +bash <(wget -qO- https://raw.githubusercontent.com/oneclickvirt/containerd/main/containerdinstall.sh) +``` + +国内 + +```shell +bash <(wget -qO- https://cdn.spiritlhl.net/https://raw.githubusercontent.com/oneclickvirt/containerd/main/containerduninstall.sh) +bash <(wget -qO- https://cdn.spiritlhl.net/https://raw.githubusercontent.com/oneclickvirt/containerd/main/containerdinstall.sh) +``` + +## lxcfs 相关问题 + +如果宿主机未安装 lxcfs,容器内查询的 CPU/内存为宿主机视图。安装 lxcfs: + +```shell +apt-get install -y lxcfs # Debian/Ubuntu +yum install -y lxcfs # CentOS/RHEL +``` + +## 磁盘限制不生效 + +磁盘限制需要 xfs 或 btrfs snapshotter 支持,默认 overlay snapshotter 不支持容器级磁盘限制。 + +如需磁盘限制,请查看 docker 方案或 incus 方案中对应的说明。 diff --git a/docs/guide/containerd/containerd_thanks.md b/docs/guide/containerd/containerd_thanks.md new file mode 100644 index 0000000000..9a041e36b7 --- /dev/null +++ b/docs/guide/containerd/containerd_thanks.md @@ -0,0 +1,19 @@ +## 致谢 + +https://github.com/containerd/nerdctl + +https://github.com/containerd/containerd + +https://github.com/opencontainers/runc + +https://github.com/containernetworking/cni + +https://github.com/moby/buildkit + +https://github.com/yoursunny/ndpresponder + +https://github.com/lxc/lxcfs + +https://github.com/SuperManito/LinuxMirrors + +感谢 [@spiritlhls](https://github.com/spiritlhls) 提供的 containerd 容器运行时方案 diff --git a/docs/guide/docker/docker_install.md b/docs/guide/docker/docker_install.md index a44c5adc4e..66fce92f4a 100644 --- a/docs/guide/docker/docker_install.md +++ b/docs/guide/docker/docker_install.md @@ -83,4 +83,25 @@ curl -L https://cdn.spiritlhl.net/https://raw.githubusercontent.com/oneclickvirt ```shell # 1GB限制 bash disk_test.sh 1000 -``` \ No newline at end of file +``` + +## 卸载 Docker 环境 + +一键卸载 Docker 全套环境,包括所有容器、镜像、网络、systemd 服务、二进制文件: + +国际 + +```shell +bash <(wget -qO- https://raw.githubusercontent.com/oneclickvirt/docker/main/dockeruninstall.sh) +``` + +国内 + +```shell +bash <(wget -qO- https://cdn.spiritlhl.net/https://raw.githubusercontent.com/oneclickvirt/docker/main/dockeruninstall.sh) +``` + +:::warning +脚本会在执行前要求输入 `yes` 确认,操作不可逆。薐删内容包括所有容器、镜像、网络配置。 +复测流程:先执行卸载,再执行安装,即可从零验证整个安装流程。 +::: \ No newline at end of file diff --git a/docs/guide/podman/podman_build.md b/docs/guide/podman/podman_build.md new file mode 100644 index 0000000000..827886c05b --- /dev/null +++ b/docs/guide/podman/podman_build.md @@ -0,0 +1,167 @@ +--- +outline: deep +--- + +# 前言 + +两种开设方式 + +## 单独开设 + +- 只生成一个 Podman 容器,自动判断国际服务器还是国内服务器 +- 可配置绑定独立的 IPV6 地址(需安装时宿主机已有公网 IPV6 且安装脚本已配置 podman-ipv6 网络) +- 支持 x86_64 和 ARM64 架构的服务器 + +### 下载脚本 + +国际 + +```shell +wget -q https://raw.githubusercontent.com/oneclickvirt/podman/main/scripts/onepodman.sh +chmod +x onepodman.sh +``` + +国内 + +```shell +wget -q https://cdn.spiritlhl.net/https://raw.githubusercontent.com/oneclickvirt/podman/main/scripts/onepodman.sh +chmod +x onepodman.sh +``` + +### 示例 + +运行支持的变量如下 + +```bash +./onepodman.sh [independent_ipv6:y/n] [system] [disk_gb] +``` + +目前 system 仅支持选择: + +- debian +- ubuntu +- alpine +- almalinux +- rockylinux +- openeuler + +默认不填则是 debian + +```shell +./onepodman.sh ct1 1 512 MyPassword 25000 34975 35000 n debian 0 +``` + +以下为开设的示例容器的信息: + +| 属性 | 值 | +|------|----| +| 容器名字 | ct1 | +| SSH 登录的用户名 | root | +| SSH 登录的密码 | MyPassword | +| CPU 核数 | 1 | +| 内存大小 | 512MB | +| SSH 端口 | 25000 | +| 内外网映射端口一致的区间 | 34975 到 35000 | +| 系统 | debian | +| 是否绑定独立的 IPV6 地址 | N | +| 硬盘大小 | 不限制 | + +### 相关操作 + +查看所有容器 + +```shell +podman ps -a +``` + +进入容器 + +```shell +podman exec -it ct1 bash +``` + +进入 Alpine 容器 + +```shell +podman exec -it ct1 sh +``` + +要退出容器就执行 `exit` 退出。 + +删除示例 + +```shell +podman rm -f ct1 +``` + +查看容器日志 + +```shell +podman logs ct1 +``` + +## 批量开设 + +- 批量多次运行继承配置生成 +- 自动递增容器名(ct1, ct2, ...)、SSH 端口、公网端口 +- 容器信息记录到 `ctlog` 文件 +- 生成多个时为避免 SSH 连接中断建议在 screen 中执行 +- 支持 x86_64 和 ARM64 架构的服务器 + +### 运行 + +国际 + +```shell +wget -q https://raw.githubusercontent.com/oneclickvirt/podman/main/scripts/create_podman.sh +chmod +x create_podman.sh +./create_podman.sh +``` + +国内 + +```shell +wget -q https://cdn.spiritlhl.net/https://raw.githubusercontent.com/oneclickvirt/podman/main/scripts/create_podman.sh +chmod +x create_podman.sh +./create_podman.sh +``` + +### 查询批量开设的信息 + +```shell +cat ctlog +``` + +输出格式 + +``` +容器名字 SSH端口 登陆的root密码 核数 内存 外网端口起 外网端口止 硬盘大小 +``` + +一行一个容器对应的信息 + +## 删除所有容器和镜像 + +```shell +podman ps -aq | xargs -r podman rm -f +podman images -aq | xargs -r podman rmi -f +podman volume prune -f +podman system prune -af +rm -rf ctlog +``` + +## 宿主机重启后重启所有容器 + +Podman 支持 systemd 集成,可通过以下命令生成自启动服务: + +```shell +# 为指定容器生成 systemd service +podman generate systemd --name ct1 > /etc/systemd/system/container-ct1.service +systemctl enable container-ct1 +``` + +或者手动启动所有已停止的容器: + +```shell +podman ps -aq -f status=exited | xargs -r podman start +``` diff --git a/docs/guide/podman/podman_install.md b/docs/guide/podman/podman_install.md new file mode 100644 index 0000000000..0902e78e1b --- /dev/null +++ b/docs/guide/podman/podman_install.md @@ -0,0 +1,75 @@ +--- +outline: deep +--- + +# 前言 + +安装 Podman 环境,包含 podman + 网络配置 + DNS 保活服务全套组件 + +## 开设虚拟内存 + +:::tip +内存开点 swap 免得机器炸了 +::: + +单位换算:输入 1024 产生 1G SWAP-虚拟内存,虚拟内存占用硬盘空间,当实际内存不够用时将自动使用虚拟内存做内存使用,但随之带来IO高占用以及CPU性能占用 + +建议只开实际内存大小两倍大小的虚拟内存 + +国际 + +```shell +curl -L https://raw.githubusercontent.com/spiritLHLS/addswap/main/addswap.sh -o addswap.sh && chmod +x addswap.sh && bash addswap.sh +``` + +国内 + +```shell +curl -L https://cdn.spiritlhl.net/https://raw.githubusercontent.com/spiritLHLS/addswap/main/addswap.sh -o addswap.sh && chmod +x addswap.sh && bash addswap.sh +``` + +## 环境安装 + +- 支持系统:Ubuntu、Debian、RockyLinux 9+、AlmaLinux 9+、CentOS 9+、Alpine、Arch +- 通过各发行版官方软件包安装 Podman(daemonless 架构,无需 Docker daemon) +- 自动配置 Podman 网络(podman-net:172.21.0.0/16) +- 检测公网 IPv6 地址,若存在则自动创建 podman-ipv6 网络并启动 NDP Responder +- 安装 DNS 保活服务(check-dns-podman.service),持续检测 DNS 可用性 +- 支持 x86_64 和 ARM64 架构的服务器 + +国际 + +```shell +bash <(wget -qO- https://raw.githubusercontent.com/oneclickvirt/podman/main/podmaninstall.sh) +``` + +国内 + +```shell +bash <(wget -qO- https://cdn.spiritlhl.net/https://raw.githubusercontent.com/oneclickvirt/podman/main/podmaninstall.sh) +``` + +:::tip +安装完成后建议执行 `podman ps -a` 验证 Podman 环境是否正常运行 +::: + +## 卸载 Podman 环境 + +一键卸载 Podman 全套环境,包括所有容器、镜像、网络、辅助文件: + +国际 + +```shell +bash <(wget -qO- https://raw.githubusercontent.com/oneclickvirt/podman/main/podmanuninstall.sh) +``` + +国内 + +```shell +bash <(wget -qO- https://cdn.spiritlhl.net/https://raw.githubusercontent.com/oneclickvirt/podman/main/podmanuninstall.sh) +``` + +:::warning +脚本会在执行前要求输入 `yes` 确认,操作不可逆。删除内容包括所有容器、镜像、Podman 网络配置。 +复测流程:先执行卸载,再执行安装,即可从零验证整个安装流程。 +::: diff --git a/docs/guide/podman/podman_precheck.md b/docs/guide/podman/podman_precheck.md new file mode 100644 index 0000000000..997ae0d7a5 --- /dev/null +++ b/docs/guide/podman/podman_precheck.md @@ -0,0 +1,73 @@ +--- +outline: deep +--- + +# 前言 + +以下为非自定义部分的介绍,自定义部分有自己对应的介绍,勿弄混了 + +如果你的宿主机本身没有IPV6的子网又想给容器分配IPV6地址,需要宿主机本身已有公网IPV6地址,安装脚本会自动检测并配置 + +:::warning +Podman 方案**不支持 KVM/QEMU 虚拟机**,仅支持 Linux 容器(LXC),适用于无 KVM 硬件虚拟化支持的环境。 +::: + +欢迎给项目一个 ```Star``` 进行免费的支持-->[https://github.com/oneclickvirt/podman](https://github.com/oneclickvirt/podman) + +## 项目特点 + +基于 Podman(daemonless 架构)运行时,通过批量或单独开设 NAT 服务器 + +- 使用各发行版官方软件包安装 Podman(无守护进程,daemonless 架构) +- 使用本仓库自编译的基础镜像(存储在 GitHub Releases),优先离线加载,无法获取时回退到 ghcr.io 镜像 +- 每个容器自带 1 个外网 SSH 端口,25 个内外网一致端口,可选择是否绑定独立 IPV6 地址 +- 支持 lxcfs 挂载(若宿主机安装了 lxcfs),提供容器内真实 /proc 视图 +- 原生支持 rootless(本方案使用 root 运行以简化网络配置) +- 支持国内 CDN 镜像加速 + +## 支持的系统 + +| 系统 | amd64 | arm64 | +|------|-------|-------| +| Ubuntu 22.04 | ✓ | ✓ | +| Debian 12 | ✓ | ✓ | +| Alpine latest | ✓ | ✓ | +| AlmaLinux 9 | ✓ | ✓ | +| RockyLinux 9 | ✓ | ✓ | +| OpenEuler 22.03 | ✓ | ✓ | + +## 配置要求 + +- 宿主机系统:Ubuntu、Debian、RockyLinux 9+、AlmaLinux 9+、CentOS 9+、Alpine、Arch +- 架构:x86_64(amd64)或 ARM64 +- 内核需支持 overlay 文件系统 +- 网络能连接 Github 的 raw 界面即可 +- 空闲硬盘有 3G 以上即可 +- **不需要 KVM 硬件支持** + +## 与 containerd 和 docker 对比 + +| 特性 | podman(本项目) | containerd | docker | +|------|----------------|-----------|--------| +| 守护进程 | 无(daemonless)| 轻量级 containerd | 重量级 Docker daemon | +| 运行时 | crun/runc | runc | runc | +| 管理命令 | podman | nerdctl | docker | +| rootless 支持 | 原生支持 | 需配置 | 需配置 | +| 镜像格式 | OCI | OCI | OCI | +| 网络后端 | netavark/CNI | CNI | Docker bridge | +| 容器支持 | Linux 容器(LXC) | Linux 容器(LXC) | Linux 容器 + KVM 虚拟机 | +| 安装方式 | 系统包管理器 | nerdctl-full bundle | Docker 官方脚本 | + +推荐在开设 NAT 服务器前先增加部分 SWAP 虚拟内存,避免突发的内存占用导致宿主机卡死 + +国际 + +```shell +curl -L https://raw.githubusercontent.com/spiritLHLS/addswap/main/addswap.sh -o addswap.sh && chmod +x addswap.sh && bash addswap.sh +``` + +国内 + +```shell +curl -L https://cdn.spiritlhl.net/https://raw.githubusercontent.com/spiritLHLS/addswap/main/addswap.sh -o addswap.sh && chmod +x addswap.sh && bash addswap.sh +``` diff --git a/docs/guide/podman/podman_qa.md b/docs/guide/podman/podman_qa.md new file mode 100644 index 0000000000..00973770e9 --- /dev/null +++ b/docs/guide/podman/podman_qa.md @@ -0,0 +1,118 @@ +--- +outline: deep +--- + +# 常见问题答疑 + +## podman: command not found + +Podman 环境未正确安装,请重新执行安装脚本: + +国际 + +```shell +bash <(wget -qO- https://raw.githubusercontent.com/oneclickvirt/podman/main/podmaninstall.sh) +``` + +国内 + +```shell +bash <(wget -qO- https://cdn.spiritlhl.net/https://raw.githubusercontent.com/oneclickvirt/podman/main/podmaninstall.sh) +``` + +## 容器无法访问外网(IPv4) + +检查 iptables NAT 规则是否存在: + +```shell +iptables -t nat -L POSTROUTING -n -v | grep 172.21 +``` + +如果没有,手动添加: + +```shell +iptables -t nat -A POSTROUTING -s 172.21.0.0/16 ! -d 172.21.0.0/16 -j MASQUERADE +iptables -A FORWARD -s 172.21.0.0/16 -j ACCEPT +iptables -A FORWARD -d 172.21.0.0/16 -j ACCEPT +``` + +## 容器 IPv6 未生效 + +1. 确认宿主机有公网 IPv6 地址 +2. 检查 podman-ipv6 网络是否存在: + +```shell +podman network ls | grep ipv6 +``` + +3. 检查 ndpresponder 容器是否运行: + +```shell +podman ps | grep ndpresponder +``` + +## Podman 与 Docker 命令对比 + +| 功能 | Docker 命令 | Podman 命令 | +|------|------------|------------| +| 查看容器 | `docker ps -a` | `podman ps -a` | +| 进入容器 | `docker exec -it` | `podman exec -it` | +| 删除容器 | `docker rm -f` | `podman rm -f` | +| 查看镜像 | `docker images` | `podman images` | +| 删除镜像 | `docker rmi` | `podman rmi` | +| 查看日志 | `docker logs` | `podman logs` | + +## 镜像拉取失败 + +优先通过 GitHub Releases 下载离线 tar 包,无法访问时回退到 ghcr.io: + +```shell +ghcr.io/oneclickvirt/podman:-amd64 +ghcr.io/oneclickvirt/podman:-arm64 +ghcr.io/oneclickvirt/podman: # multi-arch manifest +``` + +手动拉取镜像示例: + +```shell +podman pull ghcr.io/oneclickvirt/podman:debian-amd64 +``` + +## 如何完全重置 Podman 环境 + +先卸载,再重新安装: + +国际 + +```shell +bash <(wget -qO- https://raw.githubusercontent.com/oneclickvirt/podman/main/podmanuninstall.sh) +bash <(wget -qO- https://raw.githubusercontent.com/oneclickvirt/podman/main/podmaninstall.sh) +``` + +国内 + +```shell +bash <(wget -qO- https://cdn.spiritlhl.net/https://raw.githubusercontent.com/oneclickvirt/podman/main/podmanuninstall.sh) +bash <(wget -qO- https://cdn.spiritlhl.net/https://raw.githubusercontent.com/oneclickvirt/podman/main/podmaninstall.sh) +``` + +## Podman 与 containerd 如何选择 + +- 如需 daemonless 无守护进程架构,或希望使用系统包管理安装,选 **Podman** +- 如需更轻量的守护进程 + nerdctl 命令行体验,选 **containerd** +- 如需同时运行 KVM 虚拟机(Windows/macOS/Android),选 **docker** 或 **PVE/Incus/LXD** 方案 + +## DNS 问题 + +Podman 安装时会配置 check-dns-podman.service 服务,检查是否运行: + +```shell +systemctl status check-dns-podman +``` + +手动修复 DNS: + +```shell +echo "nameserver 8.8.8.8" >> /etc/resolv.conf +echo "nameserver 1.1.1.1" >> /etc/resolv.conf +``` diff --git a/docs/guide/podman/podman_thanks.md b/docs/guide/podman/podman_thanks.md new file mode 100644 index 0000000000..e618ad58db --- /dev/null +++ b/docs/guide/podman/podman_thanks.md @@ -0,0 +1,21 @@ +## 致谢 + +https://github.com/containers/podman + +https://github.com/containers/buildah + +https://github.com/containers/netavark + +https://github.com/containers/crun + +https://github.com/opencontainers/runc + +https://github.com/yoursunny/ndpresponder + +https://github.com/lxc/lxcfs + +https://github.com/SuperManito/LinuxMirrors + +https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/ + +感谢 [@spiritlhls](https://github.com/spiritlhls) 提供的 Podman 容器运行时方案 diff --git a/package-lock.json b/package-lock.json index 07089e710c..fb38482be6 100644 --- a/package-lock.json +++ b/package-lock.json @@ -158,7 +158,6 @@ "integrity": "sha512-9rUYcMIBOrCtYiLX49djyzxqdK9Dya/6Z/8sebPn94BekT+KLOpaZCuc6s0Fpfq7nx5J6YY5LIVFQrtioK9u0g==", "dev": true, "license": "MIT", - "peer": true, "dependencies": { "@algolia/client-common": "5.25.0", "@algolia/requester-browser-xhr": "5.25.0", @@ -1484,7 +1483,6 @@ "integrity": "sha512-n73BVorL4HIwKlfJKb4SEzAYkR3Buwfwbh+MYxg2mloFph2fFGV58E90QTzdbfzWrLn4HE5Czx/WTjI8fcHaMg==", "dev": true, "license": "MIT", - "peer": true, "dependencies": { "@algolia/client-abtesting": "5.25.0", "@algolia/client-analytics": "5.25.0", @@ -1683,7 +1681,6 @@ "integrity": "sha512-xx560wGBk7seZ6y933idtjJQc1l+ck+pI3sKvhKozdBV1dRZoKhkW5xoCaFv9tQiX5RH1xfSxjuNu6g+lmN/gw==", "dev": true, "license": "MIT", - "peer": true, "dependencies": { "tabbable": "^6.2.0" } @@ -2216,11 +2213,12 @@ } }, "node_modules/undici-types": { - "version": "7.16.0", - "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-7.16.0.tgz", - "integrity": "sha512-Zz+aZWSj8LE6zoxD+xrjh4VfkIG8Ya6LvYkZqtUQGJPZjYl53ypCaUwWqo7eI0x66KBGeRo+mlBEkMSeSZ38Nw==", + "version": "7.18.2", + "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-7.18.2.tgz", + "integrity": "sha512-AsuCzffGHJybSaRrmr5eHr81mwJU3kjw6M+uprWvCXiNeN9SOGwQ3Jn8jb8m3Z6izVgknn1R0FTCEAP2QrLY/w==", "dev": true, - "optional": true + "optional": true, + "peer": true }, "node_modules/unist-util-is": { "version": "6.0.0", @@ -2366,6 +2364,17 @@ } } }, + "node_modules/vitepress/node_modules/@types/node": { + "version": "25.3.3", + "resolved": "https://registry.npmjs.org/@types/node/-/node-25.3.3.tgz", + "integrity": "sha512-DpzbrH7wIcBaJibpKo9nnSQL0MTRdnWttGyE5haGwK86xgMOkFLp7vEyfQPGLOJh5wNYiJ3V9PmUMDhV9u8kkQ==", + "dev": true, + "optional": true, + "peer": true, + "dependencies": { + "undici-types": "~7.18.0" + } + }, "node_modules/vitepress/node_modules/@vitejs/plugin-vue": { "version": "5.2.4", "resolved": "https://registry.npmjs.org/@vitejs/plugin-vue/-/plugin-vue-5.2.4.tgz", @@ -2386,7 +2395,6 @@ "integrity": "sha512-qO3aKv3HoQC8QKiNSTuUM1l9o/XX3+c+VTgLHbJWHZGeTPVAg2XwazI9UWzoxjIJCGCV2zU60uqMzjeLZuULqA==", "dev": true, "license": "MIT", - "peer": true, "dependencies": { "esbuild": "^0.21.3", "postcss": "^8.4.43", @@ -2447,7 +2455,6 @@ "integrity": "sha512-LbOm50/vZFG6Mhy6KscQYXZMQ0LMCC/y40HDJPPvGFQ+i/lUH+PJHR6C3assgOQiXdl6tAfsXHbXYVBZZu65ew==", "dev": true, "license": "MIT", - "peer": true, "dependencies": { "@vue/compiler-dom": "3.5.14", "@vue/compiler-sfc": "3.5.14", @@ -2583,7 +2590,6 @@ "resolved": "https://registry.npmjs.org/@algolia/client-search/-/client-search-5.25.0.tgz", "integrity": "sha512-9rUYcMIBOrCtYiLX49djyzxqdK9Dya/6Z/8sebPn94BekT+KLOpaZCuc6s0Fpfq7nx5J6YY5LIVFQrtioK9u0g==", "dev": true, - "peer": true, "requires": { "@algolia/client-common": "5.25.0", "@algolia/requester-browser-xhr": "5.25.0", @@ -3366,7 +3372,6 @@ "resolved": "https://registry.npmjs.org/algoliasearch/-/algoliasearch-5.25.0.tgz", "integrity": "sha512-n73BVorL4HIwKlfJKb4SEzAYkR3Buwfwbh+MYxg2mloFph2fFGV58E90QTzdbfzWrLn4HE5Czx/WTjI8fcHaMg==", "dev": true, - "peer": true, "requires": { "@algolia/client-abtesting": "5.25.0", "@algolia/client-analytics": "5.25.0", @@ -3503,7 +3508,6 @@ "resolved": "https://registry.npmjs.org/focus-trap/-/focus-trap-7.6.4.tgz", "integrity": "sha512-xx560wGBk7seZ6y933idtjJQc1l+ck+pI3sKvhKozdBV1dRZoKhkW5xoCaFv9tQiX5RH1xfSxjuNu6g+lmN/gw==", "dev": true, - "peer": true, "requires": { "tabbable": "^6.2.0" } @@ -3847,10 +3851,12 @@ "dev": true }, "undici-types": { - "version": "https://registry.npmjs.org/undici-types/-/undici-types-7.16.0.tgz", - "integrity": "sha512-Zz+aZWSj8LE6zoxD+xrjh4VfkIG8Ya6LvYkZqtUQGJPZjYl53ypCaUwWqo7eI0x66KBGeRo+mlBEkMSeSZ38Nw==", + "version": "7.18.2", + "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-7.18.2.tgz", + "integrity": "sha512-AsuCzffGHJybSaRrmr5eHr81mwJU3kjw6M+uprWvCXiNeN9SOGwQ3Jn8jb8m3Z6izVgknn1R0FTCEAP2QrLY/w==", "dev": true, - "optional": true + "optional": true, + "peer": true }, "unist-util-is": { "version": "6.0.0", @@ -3946,6 +3952,17 @@ "vue": "^3.5.13" }, "dependencies": { + "@types/node": { + "version": "25.3.3", + "resolved": "https://registry.npmjs.org/@types/node/-/node-25.3.3.tgz", + "integrity": "sha512-DpzbrH7wIcBaJibpKo9nnSQL0MTRdnWttGyE5haGwK86xgMOkFLp7vEyfQPGLOJh5wNYiJ3V9PmUMDhV9u8kkQ==", + "dev": true, + "optional": true, + "peer": true, + "requires": { + "undici-types": "~7.18.0" + } + }, "@vitejs/plugin-vue": { "version": "5.2.4", "resolved": "https://registry.npmjs.org/@vitejs/plugin-vue/-/plugin-vue-5.2.4.tgz", @@ -3958,7 +3975,6 @@ "resolved": "https://registry.npmjs.org/vite/-/vite-5.4.19.tgz", "integrity": "sha512-qO3aKv3HoQC8QKiNSTuUM1l9o/XX3+c+VTgLHbJWHZGeTPVAg2XwazI9UWzoxjIJCGCV2zU60uqMzjeLZuULqA==", "dev": true, - "peer": true, "requires": { "esbuild": "^0.21.3", "fsevents": "~2.3.3", @@ -3973,7 +3989,6 @@ "resolved": "https://registry.npmjs.org/vue/-/vue-3.5.14.tgz", "integrity": "sha512-LbOm50/vZFG6Mhy6KscQYXZMQ0LMCC/y40HDJPPvGFQ+i/lUH+PJHR6C3assgOQiXdl6tAfsXHbXYVBZZu65ew==", "dev": true, - "peer": true, "requires": { "@vue/compiler-dom": "3.5.14", "@vue/compiler-sfc": "3.5.14",