Shulou(Shulou.com)06/02 Report--

This article mainly explains "how to use kubeadm to deploy K8S cluster and use containerd to do container". The content in the article is simple and clear, and it is easy to learn and understand. please follow the editor's train of thought to study and learn "how to deploy K8S cluster with kubeadm and use containerd as container".

Preface

Dockershim was phased out in December when the Kubernetes community announced version 1.20, and there was a lot of self-media promoting Kubernetes's abandonment of Docker. In fact, I think this is a kind of misleading, maybe just for the heat.

Dockershim is a component of Kubernetes and its purpose is to operate Docker. Docker was launched in 2013, while Kubernetes was in 2016, so Docker didn't think of choreography at first, nor did it know that there would be a behemoth like Kubernetes (if it knew, it wouldn't fail so quickly.) However, when Kubernetes is created to run with Docker as a container, a lot of operation logic is aimed at Docker. As the community becomes more and more robust, in order to be compatible with more container runtimes, the relevant logic of Docker is separated to form dockershim.

Because of this, as long as any changes in Kubernetes or Docker, dockershim must be maintained to ensure sufficient support, but the essence of operating Docker through dockershim is the underlying runtime Containerd of operating Docker, and Containerd itself supports CRI (Container Runtime Interface), so why bypass a layer of Docker? Is it possible to interact with Containerd directly through CRI? This is one of the reasons why the community wants to start dockershim.

So what is Containerd?

Containerd is a separate project from Docker that aims to provide Kubernetes with a container runtime that manages the lifecycle of images and containers. But Containerd can work without Docker. Its features are as follows:

Supports the OCI image specification, that is, runc

Support for OCI runtime specification

Support for mirrored pull

Support for container network management

Storage supports multi-tenancy

Support for container runtime and container lifecycle management

Support for managing network namespaces

Some of the main differences in command usage between Containerd and Docker are as follows:

You can see that it is used in more or less the same way.

Here are the specific installation steps for installing a K8S cluster using kubeadm and using containerd as a container.

Environment description

Host node

Software description

Software version

Environmental preparation

(1) add hosts information on each node:

$cat / etc/hosts

192.168.0.5 k8s-master 192.168.0.125 k8s-node01

(2) disable the firewall:

$systemctl stop firewalld $systemctl disable firewalld

(3) disable SELINUX:

$setenforce 0$ cat / etc/selinux/config SELINUX=disabled

(4) create a / etc/sysctl.d/k8s.conf file and add the following:

Net.bridge.bridge-nf-call-ip6tables = 1 net.bridge.bridge-nf-call-iptables = 1 net.ipv4.ip_forward = 1

(5) execute the following order to make the changes effective:

$modprobe br_netfilter $sysctl-p / etc/sysctl.d/k8s.conf

(6) install ipvs

$cat > / etc/sysconfig/modules/ipvs.modules-- discovery-token-ca-cert-hash sha256:446623b965cdb0289c687e74af53f9e9c2063e854a42ee36be9aa249d3f0ccec [preflight] Running pre-flight checks [preflight] Reading configuration from the cluster... [preflight] FYI: You can look at this config file with 'kubectl-n kube-system get cm kubeadm-config-o yaml' [kubelet-start] Writing kubelet configuration to file "/ var/lib/kubelet/config.yaml" [kubelet-start] Writing kubelet environment file with flags to file "/ var/lib/kubelet/kubeadm-flags.env" [kubelet-start] Starting the kubelet [kubelet-start] Waiting for the kubelet to perform the TLS Bootstrap... This node has joined the cluster: * Certificate signing request was sent to apiserver and a response was received. * The Kubelet was informed of the new secure connection details. Run 'kubectl get nodes' on the control-plane to see this node join the cluster.

If you forget the above join command, you can use the command kubeadm token create-- print-join-command to retrieve it.

Run the get nodes command after successful execution:

$kubectl get no NAME STATUS ROLES AGE VERSION k8s-master NotReady control-plane,master 29m v1.20.5 k8s-node01 NotReady 28m v1.20.5

You can see that the NotReady status is due to the fact that the network plug-in is not yet installed. Next, to install the network plug-in, you can select our own network plug-in in the documentation https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/create-cluster-kubeadm/, where we install calio:

$wget https://docs.projectcalico.org/v3.8/manifests/calico.yaml

# because some nodes are multiple NICs, you need to specify the intranet Nic in the resource inventory file

$vi calico.yaml

. Add this environment variable value: interface=eth0 # to spec: containers:-env:-name: DATASTORE_TYPE value: kubernetes-name: IP_AUTODETECTION_METHOD # DaemonSet to specify the private network card-name: WAIT_FOR_DATASTORE value: "true"-name: CALICO_IPV4POOL_CIDR # due to the network segment configured in init, so you need to modify value: "172.16.0.

Install the calico network plug-in

$kubectl apply-f calico.yaml

Check the Pod running status every once in a while:

# kubectl get pod-n kube-system NAME READY STATUS RESTARTS AGE calico-kube-controllers-bcc6f659f-zmw8n 0 7m58s calico-node-c4vv7 1 ContainerCreating 0 7m58s calico-node-c4vv7 1 Running 0 7m58s calico-node-dtw7g 0 Universe 1 PodInitializing 0 7m58s coredns-54d67798b7-mrj2b 1/1 Running 0 46m coredns-54d67798b7-p667d 1/1 Running 0 46m etcd-k8s-master 1/1 Running 0 46m kube-apiserver-k8s-master 1/1 Running 0 46m kube-controller-manager-k8s-master 1/1 Running 0 46m kube-proxy-clf4s 1/1 Running 0 45m kube-proxy-mt7tt 1/1 Running 0 46m Kube-scheduler-k8s-master 1/1 Running 0 46m

The network plug-in runs successfully and the node status is normal:

# kubectl get nodes NAME STATUS ROLES AGE VERSION k8s-master Ready control-plane,master 47m v1.20.5 k8s-node01 Ready 46m v1.20.5

Just add another node in the same way.

Automatic completion of configuration command

Yum install-y bash-completion source / usr/share/bash-completion/bash_completion source > ~ / .bashrc Thank you for reading, the above is the content of "how to deploy K8S cluster with kubeadm and use containerd as container". After the study of this article, I believe you have a deeper understanding of how to deploy K8S cluster with kubeadm and use containerd as container. Here is, the editor will push for you more related knowledge points of the article, welcome to follow!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.