标签:00 Containerd 替换成 v1 io plugins 1.22 runtime containerd
详解:
1、k8s 版本1.22以后会弃用 docker,但是也可以用。但最好还是替换成解决方案中的。
2、Containerd 是一个行业标准的容器运行时,强调简单性、健壮性和可移植性。
3、Kubernetes 通过 CRI 接口的形式将 Containerd 用作 Kubernetes 集群的容器运行时。
架构图
一、部署 containerd
1、创建配置文件
[root@master1 ~]# cat /etc/modules-load.d/containerd.conf
overlay
br_netfilter
2、创建完配置文件执行以下命令
modprobe overlay
modprobe br_netfilter
3、立即生效
sysctl --system
4、下载 docker-ce 源
wget http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
或者
yum-config-manager \
--add-repo \
http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
5、安装 containerd 服务并加入开机启动
yum install -y containerd.io
systemctl enable containerd && systemctl start containerd
二、配置 containerd
1、创建路径
mkdir -p /etc/containerd
2、获取默认配置文件
containerd config default | sudo tee /etc/containerd/config.toml
3、修改配置文件,新增 "SystemdCgroup = true",使用 systemd 作为 cgroup 驱动程序
[root@master1 ~]# cat /etc/containerd/config.toml
version = 2
root = "/var/lib/containerd"
state = "/run/containerd"
plugin_dir = ""
disabled_plugins = []
required_plugins = []
oom_score = 0
[grpc]
address = "/run/containerd/containerd.sock"
tcp_address = ""
tcp_tls_cert = ""
tcp_tls_key = ""
uid = 0
gid = 0
max_recv_message_size = 16777216
max_send_message_size = 16777216
[ttrpc]
address = ""
uid = 0
gid = 0
[debug]
address = ""
uid = 0
gid = 0
level = ""
[metrics]
address = ""
grpc_histogram = false
[cgroup]
path = ""
[timeouts]
"io.containerd.timeout.shim.cleanup" = "5s"
"io.containerd.timeout.shim.load" = "5s"
"io.containerd.timeout.shim.shutdown" = "3s"
"io.containerd.timeout.task.state" = "2s"
[plugins]
[plugins."io.containerd.gc.v1.scheduler"]
pause_threshold = 0.02
deletion_threshold = 0
mutation_threshold = 100
schedule_delay = "0s"
startup_delay = "100ms"
[plugins."io.containerd.grpc.v1.cri"]
disable_tcp_service = true
stream_server_address = "127.0.0.1"
stream_server_port = "0"
stream_idle_timeout = "4h0m0s"
enable_selinux = false
selinux_category_range = 1024
sandbox_image = "k8s.gcr.io/pause:3.2"
stats_collect_period = 10
systemd_cgroup = false
enable_tls_streaming = false
max_container_log_line_size = 16384
disable_cgroup = false
disable_apparmor = false
restrict_oom_score_adj = false
max_concurrent_downloads = 3
disable_proc_mount = false
unset_seccomp_profile = ""
tolerate_missing_hugetlb_controller = true
disable_hugetlb_controller = true
ignore_image_defined_volumes = false
[plugins."io.containerd.grpc.v1.cri".containerd]
snapshotter = "overlayfs"
default_runtime_name = "runc"
no_pivot = false
disable_snapshot_annotations = true
discard_unpacked_layers = false
[plugins."io.containerd.grpc.v1.cri".containerd.default_runtime]
runtime_type = ""
runtime_engine = ""
runtime_root = ""
privileged_without_host_devices = false
base_runtime_spec = ""
[plugins."io.containerd.grpc.v1.cri".containerd.untrusted_workload_runtime]
runtime_type = ""
runtime_engine = ""
runtime_root = ""
privileged_without_host_devices = false
base_runtime_spec = ""
[plugins."io.containerd.grpc.v1.cri".containerd.runtimes]
[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc]
runtime_type = "io.containerd.runc.v2"
runtime_engine = ""
runtime_root = ""
privileged_without_host_devices = false
base_runtime_spec = ""
[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc.options]
SystemdCgroup = true ## 增加这个一行
[plugins."io.containerd.grpc.v1.cri".cni]
bin_dir = "/opt/cni/bin"
conf_dir = "/etc/cni/net.d"
max_conf_num = 1
conf_template = ""
[plugins."io.containerd.grpc.v1.cri".registry]
[plugins."io.containerd.grpc.v1.cri".registry.mirrors]
[plugins."io.containerd.grpc.v1.cri".registry.mirrors."docker.io"]
endpoint = ["https://registry-1.docker.io"]
[plugins."io.containerd.grpc.v1.cri".image_decryption]
key_model = ""
[plugins."io.containerd.grpc.v1.cri".x509_key_pair_streaming]
tls_cert_file = ""
tls_key_file = ""
[plugins."io.containerd.internal.v1.opt"]
path = "/opt/containerd"
[plugins."io.containerd.internal.v1.restart"]
interval = "10s"
[plugins."io.containerd.metadata.v1.bolt"]
content_sharing_policy = "shared"
[plugins."io.containerd.monitor.v1.cgroups"]
no_prometheus = false
[plugins."io.containerd.runtime.v1.linux"]
shim = "containerd-shim"
runtime = "runc"
runtime_root = ""
no_shim = false
shim_debug = false
[plugins."io.containerd.runtime.v2.task"]
platforms = ["linux/amd64"]
[plugins."io.containerd.service.v1.diff-service"]
default = ["walking"]
[plugins."io.containerd.snapshotter.v1.devmapper"]
root_path = ""
pool_name = ""
base_image_size = ""
async_remove = false
4、重启 containerd
systemctl restart containerd
5、查看 containerd 运行状态(以下状态视为正常)
[root@master1 ~]# systemctl status containerd
● containerd.service - containerd container runtime
Loaded: loaded (/usr/lib/systemd/system/containerd.service; enabled; vendor preset: disabled)
Active: active (running) since Sun 2022-03-06 08:09:00 CST; 1h 43min ago
Docs: https://containerd.io
Process: 931 ExecStartPre=/sbin/modprobe overlay (code=exited, status=0/SUCCESS)
Main PID: 941 (containerd)
Tasks: 11
Memory: 61.4M
CGroup: /system.slice/containerd.service
└─941 /usr/bin/containerd
Mar 06 08:09:00 master1 containerd[941]: time="2022-03-06T08:09:00.887356305+08:00" level=info msg="Start recovering state"
Mar 06 08:09:00 master1 containerd[941]: time="2022-03-06T08:09:00.887756475+08:00" level=info msg="loading plugin \"io.containerd.grpc.v1.introspection\"..." type=io.containerd.grpc.v1
Mar 06 08:09:00 master1 systemd[1]: Started containerd container runtime.
Mar 06 08:09:00 master1 containerd[941]: time="2022-03-06T08:09:00.890318315+08:00" level=info msg=serving... address=/run/containerd/containerd.sock.ttrpc
Mar 06 08:09:00 master1 containerd[941]: time="2022-03-06T08:09:00.890398891+08:00" level=info msg=serving... address=/run/containerd/containerd.sock
Mar 06 08:09:00 master1 containerd[941]: time="2022-03-06T08:09:00.892060037+08:00" level=info msg="containerd successfully booted in 0.074829s"
Mar 06 08:09:00 master1 containerd[941]: time="2022-03-06T08:09:00.977695574+08:00" level=info msg="Start event monitor"
Mar 06 08:09:00 master1 containerd[941]: time="2022-03-06T08:09:00.977773239+08:00" level=info msg="Start snapshots syncer"
Mar 06 08:09:00 master1 containerd[941]: time="2022-03-06T08:09:00.977799738+08:00" level=info msg="Start cni network conf syncer"
Mar 06 08:09:00 master1 containerd[941]: time="2022-03-06T08:09:00.977808051+08:00" level=info msg="Start streaming server"
5、更改端点
[root@master1 ~]# cat /etc/crictl.yaml
runtime-endpoint: unix:///run/containerd/containerd.sock
image-endpoint: unix:///run/containerd/containerd.sock
timeout: 10
debug: false
6、修改 k8s kubeadm-config.yaml 文件
[root@master1 ~]# cat kubeadm-config.yaml
apiVersion: kubeadm.k8s.io/v1beta2
bootstrapTokens:
- groups:
- system:bootstrappers:kubeadm:default-node-token
token: abcdef.0123456789abcdef
ttl: 24h0m0s
usages:
- signing
- authentication
kind: InitConfiguration
localAPIEndpoint:
advertiseAddress: 192.168.200.3 # 本机IP
bindPort: 6443
nodeRegistration:
criSocket: /run/containerd/containerd.sock # 此处千万不要忘记修改,如果不修改等于没有替换。(此处已经更改完了)
name: master1 # 本主机名
taints:
- effect: NoSchedule
key: node-role.kubernetes.io/master
---
apiServer:
timeoutForControlPlane: 4m0s
apiVersion: kubeadm.k8s.io/v1beta2
certificatesDir: /etc/kubernetes/pki
clusterName: kubernetes
controlPlaneEndpoint: "192.168.200.16:16443" # 虚拟IP和haproxy端口
controllerManager: {}
dns:
type: CoreDNS
etcd:
local:
dataDir: /var/lib/etcd
imageRepository: registry.aliyuncs.com/google_containers # 镜像仓库源要根据自己实际情况修改
kind: ClusterConfiguration
kubernetesVersion: v1.22.0 # k8s版本
networking:
dnsDomain: cluster.local
podSubnet: "10.244.0.0/16"
serviceSubnet: 10.96.0.0/12
scheduler: {}
---
apiVersion: kubeproxy.config.k8s.io/v1alpha1
kind: KubeProxyConfiguration
featureGates:
SupportIPVSProxyMode: true
mode: ipvs
标签:00,Containerd,替换成,v1,io,plugins,1.22,runtime,containerd 来源: https://www.cnblogs.com/lfl17718347843/p/15971355.html
本站声明: 1. iCode9 技术分享网(下文简称本站)提供的所有内容,仅供技术学习、探讨和分享; 2. 关于本站的所有留言、评论、转载及引用,纯属内容发起人的个人观点,与本站观点和立场无关; 3. 关于本站的所有言论和文字,纯属内容发起人的个人观点,与本站观点和立场无关; 4. 本站文章均是网友提供,不完全保证技术分享内容的完整性、准确性、时效性、风险性和版权归属;如您发现该文章侵犯了您的权益,可联系我们第一时间进行删除; 5. 本站为非盈利性的个人网站,所有内容不会用来进行牟利,也不会利用任何形式的广告来间接获益,纯粹是为了广大技术爱好者提供技术内容和技术思想的分享性交流网站。