This article describes how to switch the container engine in a Kubernetes cluster from docker to containerd
Official document: https://kubernetes.io/zh/docs/setup/production-environment/container-runtimes/#containerd
surroundings
- OS: CentOS 7.8
- Container runtime: Docker CE 19.03.9
- Governors: v1.20
1. View the container engine currently used in the Kubernetes cluster
2. Switch the container engine of node k8s-node02 from docker to containerd
2. 1 Mark the node as unschedulable, and expel the pod resources on the node
# 1、查看该node当前运行一个名为web-96d5df5c8-s7lnq的pod
# kubectl get pods -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
web-96d5df5c8-s7lnq 1/1 Running 0 19m 10.244.58.195 k8s-node02 <none> <none>
# 2、将该node标记为不可被调度
# kubectl cordon k8s-node02
# 3、驱逐该node节点上的pod资源到集群中的其它节点上去
# kubectl drain k8s-node02 --delete-local-data --force --ignore-daemonsets
# 4、查看之前运行在该node上的pod被调度到了集群中的哪个节点
# kubectl get pods -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
web-96d5df5c8-m8s7d 1/1 Running 0 57s 10.244.85.195 k8s-node01 <none> <none>
从以上信息来看可以发现,之前k8s-node02节点上的pod资源被驱逐到了k8s-node01上运行
# 5、查看Kubernetes集群中的node资源信息
# kubectl get nodes
NAME STATUS ROLES AGE VERSION
k8s-master01 Ready control-plane,master 4h20m v1.20.0
k8s-node01 Ready <none> 3h47m v1.20.0
k8s-node02 Ready,SchedulingDisabled <none> 3h47m v1.20.0
如上信息,k8s-node02节点已经不可被调度了,接下来开始切换容器引擎2.2, switch container engine
2.2.1 Configuration prerequisites
# cat <<EOF | sudo tee /etc/modules-load.d/containerd.conf
overlay
br_netfilter
EOF
# modprobe overlay
# modprobe br_netfilter
# 设置必需的 sysctl 参数,这些参数在重新启动后仍然存在。
# cat <<EOF | sudo tee /etc/sysctl.d/99-kubernetes-cri.conf
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
net.bridge.bridge-nf-call-ip6tables = 1
EOF
# sysctl --system2.2.2 Install containerd
# yum install -y yum-utils device-mapper-persistent-data lvm2
# yum-config-manager \
--add-repo \
https://download.docker.com/linux/centos/docker-ce.repo
# yum install -y containerd.io
# mkdir -p /etc/containerd
# containerd config default | sudo tee /etc/containerd/config.toml
# systemctl restart containerd.service2.2.3 Modify the configuration file
# 1、搜索关键字"sandbox_image",将镜像地址替换为国内阿里云的
57 sandbox_image = "registry.aliyuncs.com/google_containers/pause:3.2"
# 2、指定使用systemd作为Cgroup的驱动程序
需要添加,这里是在96后,也可以搜素关键字"options",在其下一行添加如下内容
97 SystemdCgroup = "true"
# 3、搜索关键字"endpoint",修改镜像加速地址
106 endpoint = ["https://5uhltnnr.mirror.aliyuncs.com"]
# 4、重启containerd
# systemctl restart containerd.service2.2.4 Configure kubelet to use containerd
# vim /etc/sysconfig/kubelet
KUBELET_EXTRA_ARGS="--container-runtime=remote --container-runtime-endpoint=unix:///run/containerd/containerd.sock --cgroup-driver=systemd"
# systemctl status kubelet3. Verify whether the container engine is successfully switched to containerd
From the information results in the above figure, it can be found that the container engine currently used by the node k8s-node02 is containerd. So far, the container engine used by the node has been successfully switched from docker to containerd. Next. Cancel the unschedulable mark of the node so that it can be scheduled normally.
4. Cancel the unschedulable mark of k8s-node02 node
# kubectl uncordon k8s-node02
node/k8s-node02 uncordoned
# kubectl get nodes
NAME STATUS ROLES AGE VERSION
k8s-master01 Ready control-plane,master 5h1m v1.20.0
k8s-node01 Ready <none> 4h28m v1.20.0
k8s-node02 Ready <none> 4h28m v1.20.4