How to Deploy Containers with nerdctl

How many ways can you deploy a container? Shall we count them?

Seriously, we don’t have all day.

Really, there are more ways to deploy containers than I can count on my hands. For some, that might be a bit of an overkill situation. For those who like options, however, the idea that there are so many deployment methods is a big plus.

To those who fall into that category, let me add yet another method to your ever-growing pile of possibilities. Said method is by way of nerdctl.

How can you resist that name? You can’t, that’s how.

The nerdctl command sits on top of containerd to make it possible to deploy containers via that runtime. Why? Because on its own, containerd isn’t much help. In fact, you can’t deploy containers with containerd, as it’s a runtime that is used in conjunction with other tools for that purpose.

Ergo, nerdctl.

Let’s first install containerd on a Ubuntu Server system and then add nerdctl on top of it. Then we’ll deploy our first container.

Why use nerdctl?

Besides the cool name, nerdctl offers features like:

• Functions similarly to docker
• Supports Docker Compose
• Supports rootless mode (without slirp overhead)
• Supports lazy-pulling of images
• Supports encrypted images
• Supports P2P image distribution
• Supports container image signing and verifying

Requirements

To successfully install these tools, you’ll need a running instance of Ubuntu Server 22.04 and a user with sudo privileges. Once you have those bits in place, it’s time to get busy.

Installing containerd

The first thing to be done is the installation of containerd. Before you do anything, make sure to check the Containerd Download Page to make sure you’re downloading the latest version of the software. As of this writing, that would be 1.6.8.

Log into your instance of Ubuntu and open a terminal window. From the terminal, issue the command:

Once the download completes, unpack containerd into /usr/local with the command:

Awesome!

We next must download the runc command line tool with the command:

Install runc with:

Next, we’ll need the Container Network Interface (CNI), which can be downloaded with:

Create a new directory to house CNI with:

Unpack CNI into the new directory with:

We now must configure containerd. Create a directory to house the configuration with:

Generate the configuration file with:

We next must enable the SystemdCgroup with:

To be able to manage the containerd service, we must download a pre-configure systemd file with the command:

Reload the systemd daemon with:

Start and enable containerd with:

Huzzah! You’re now ready for nerdctl

Installing nerdctl

Before we can install nerdctl, we must first add a couple of necessary dependencies with the command:

With the dependencies taken care of, download the nerdctl file with:

Unpack the file into/usr/local/bin with the command:

You should be able to verify that nerdctl is ready to use with the command:

You should see:

Now, we need to configure the system to be able to deploy rootless containers. Create a systemd file with:

In the new file, paste the following:

Save and close the file. To setup containerd for rootless, issue the command:

containerd-rootless-setuptool.sh install

In order to run nerdctl without using sudo, issue the following two commands:

We’re now ready to rock our first container.

Deploying a Container with nerdctl

Fortunately, deploying containers with nerdctl is very similar to that of Docker. For example, to deploy an NGINX container with Docker, the command would be:

To do the same thing with nerdctl, the command would be:

Congratulations, your container deployment just got a bit nerdier (and who doesn’t appreciate that?). If you find yourself in a situation where containerd is the engine of choice, and you want Docker-like deployment, you cannot go wrong with nerdctl.