728x90
목차
시작하며
k8s v1.20 이후 부터 container runtime으로 docker를 사용하는 것을 중단하였다. 심지어 대안책으로 나온 dockershim까지 v1.24 이후 부터 지원을 중단하면서 docker가 필요없어져서 삭제하기로 했다.
그러나 런타임에서 docker를 제거하더라도 docker에서 만든 컨테이너 이미지를 등록하고 실행하는 것은 가능하다. 이유는 docker가 생성하는 이미지는 docker에만 특정된 이미지가 아닌 OCI(Open Container Initiative)와 호환되는 이미지이기 때문이다.
대안으로는 컨테이너 런타임을 위해 containerd를 설치하기로 했다.
docker와 기존에 설치한 k8s를 삭제하는 방법은 아래 포스팅을 참고하길 바란다.
최소 사양
- 마스터 노드(Master Node):
- CPU: 2 코어 이상
- RAM: 2GB 이상
- 디스크: 20GB 이상의 여유 공간
- 워커 노드(Worker Node):
- CPU: 1 코어 이상
- RAM: 1GB 이상
- 디스크: 10GB 이상의 여유 공간
selinux 비활성화
[root@docker03 etc]# setenforce 0
setenforce: SELinux is disabled
swap 비활성화
[root@docker03 etc]# swapoff -a
방화벽 비활성화
[root@docker03 etc]# systemctl disable firewalld
[root@docker03 etc]# systemctl stop firewalld
containerd 설치 및 설정
[root@docker03 etc]# yum install -y yum-utils
[root@docker03 etc]# yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
[root@docker03 etc]# yum install containerd.io
[root@docker03 yum.repos.d]# cd /etc/modules-load.d/
[root@docker03 modules-load.d]# vim containerd.conf
---
overlay
br_netfilter
---
:wq
---
[root@docker03 modules-load.d]# modprobe overlay
[root@docker03 modules-load.d]# modprobe br_netfilter
[root@docker03 modules-load.d]# cd /etc/sysctl.d/
[root@docker03 modules-load.d]# vim 99-kubernetes-cri.conf
---
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
net.bridge.bridge-nf-call-ip6tables = 1
---
:wq
---
[root@docker03 sysctl.d]# sysctl --system
* Applying /usr/lib/sysctl.d/00-system.conf ...
net.bridge.bridge-nf-call-ip6tables = 0
net.bridge.bridge-nf-call-iptables = 0
net.bridge.bridge-nf-call-arptables = 0
* Applying /usr/lib/sysctl.d/10-default-yama-scope.conf ...
kernel.yama.ptrace_scope = 0
* Applying /usr/lib/sysctl.d/50-default.conf ...
kernel.sysrq = 16
kernel.core_uses_pid = 1
kernel.kptr_restrict = 1
net.ipv4.conf.default.rp_filter = 1
net.ipv4.conf.all.rp_filter = 1
net.ipv4.conf.default.accept_source_route = 0
net.ipv4.conf.all.accept_source_route = 0
net.ipv4.conf.default.promote_secondaries = 1
net.ipv4.conf.all.promote_secondaries = 1
fs.protected_hardlinks = 1
fs.protected_symlinks = 1
* Applying /etc/sysctl.d/99-kubernetes-cri.conf ...
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
net.bridge.bridge-nf-call-ip6tables = 1
* Applying /etc/sysctl.d/99-sysctl.conf ...
vm.swappiness = 1
* Applying /etc/sysctl.conf ...
vm.swappiness = 1
[root@docker03 modules-load.d]# vim /etc/containerd/config.toml
# 주석처리
disabled_plugins = ["cri"]
# 내용 추가
[plugins."io.containerd.grpc.v1.cri".containerd.default_runtime.options]
SystemdCgroup = true
다시 시작해서 적용
[root@docker03 modules-load.d]# systemctl restart containerd
설치 확인
[root@docker03 sysctl.d]# systemctl status containerd
● containerd.service - containerd container runtime
Loaded: loaded (/usr/lib/systemd/system/containerd.service; disabled; vendor preset: disabled)
Active: active (running) since Sun 2024-03-03 21:46:33 KST; 40s ago
Docs: https://containerd.io
Process: 36278 ExecStartPre=/sbin/modprobe overlay (code=exited, status=0/SUCCESS)
Main PID: 36280 (containerd)
Tasks: 95
Memory: 2.5G
CGroup: /system.slice/containerd.service
├─33552 /usr/bin/containerd-shim-runc-v2 -namespace k8s.io -id 79fc1589e50c808b...
├─33571 /usr/bin/containerd-shim-runc-v2 -namespace k8s.io -id c89976f208042e39...
├─36280 /usr/bin/containerd
├─kubepods-burstable-pod00e23bc2_2a42_4688_8dd5_5d8f22291121.slice:cri-containerd:c78bcd5704bb8620872079872938755f1216650dd4b02bbc0ba429f725cfc11b
│ ├─33952 /usr/local/bin/runsvdir -P /etc/service/enabled
│ ├─34028 runsv felix
│ ├─34029 runsv monitor-addresses
│ ├─34030 runsv allocate-tunnel-addrs
│ ├─34031 runsv node-status-reporter
│ ├─34032 runsv bird
│ ├─34033 runsv bird6
│ ├─34034 runsv confd
│ ├─34035 runsv cni
│ ├─34037 calico-node -monitor-addresses
│ ├─34039 calico-node -status-reporter
│ ├─34041 calico-node -confd
│ ├─34060 calico-node -monitor-token
│ ├─34199 bird6 -R -s /var/run/calico/bird6.ctl -d -c /etc/calico/confd/config/...
│ ├─34200 bird -R -s /var/run/calico/bird.ctl -d -c /etc/calico/confd/config/bi...
│ ├─35416 calico-node -allocate-tunnel-addrs
│ └─36086 calico-node -felix
├─kubepods-burstable-pod00e23bc2_2a42_4688_8dd5_5d8f22291121.slice:cri-containerd:c89976f208042e39c49168c7e4d49078e525a215b1fd3f19bef7ed33140ff078
│ └─33608 /pause
└─kubepods-besteffort-pod6ba323f8_4720_4a5d_9da5_01efa499f1d4.slice:cri-containerd:79fc1589e50c808bb945cefd1b62eadde9c5135d66e0edc6d83711adea15425d
└─33598 /pause
Mar 03 21:46:33 docker03 containerd[36280]: time="2024-03-03T21:46:33.076602139+09:00" l...60
Mar 03 21:46:33 docker03 containerd[36280]: time="2024-03-03T21:46:33.076983484+09:00" l...io
Mar 03 21:46:33 docker03 containerd[36280]: time="2024-03-03T21:46:33.077003570+09:00" l...m"
Mar 03 21:46:33 docker03 containerd[36280]: time="2024-03-03T21:46:33.087167717+09:00" l...n"
Mar 03 21:46:33 docker03 containerd[36280]: time="2024-03-03T21:46:33.268915488+09:00" l...r"
Mar 03 21:46:33 docker03 containerd[36280]: time="2024-03-03T21:46:33.268974607+09:00" l...r"
Mar 03 21:46:33 docker03 systemd[1]: Started containerd container runtime.
Mar 03 21:46:33 docker03 containerd[36280]: time="2024-03-03T21:46:33.268990433+09:00" l...t"
Mar 03 21:46:33 docker03 containerd[36280]: time="2024-03-03T21:46:33.269000696+09:00" l...r"
Mar 03 21:46:33 docker03 containerd[36280]: time="2024-03-03T21:46:33.269077615+09:00" l...s"
Hint: Some lines were ellipsized, use -l to show in full.
k8s 설치하기
[root@docker03 modules-load.d]# cd /etc/yum.repos.d/
[root@docker03 modules-load.d]# vim kubernetes.repo
---
[kubernetes]
name=Kubernetes
baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-\$basearch
enabled=1
gpgcheck=1
gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg
---
:wq
---
[root@docker03 modules-load.d]# mv kubernetes.repo Kubernetes.repo
[root@docker03 modules-load.d]# yum install kubelet kubeadm kubectl --disableexcludes=kubernetes
설치중 404 에러가 뜨는서버가 하나가 있었다. 이때는 repository 내용을 아래로 변경해서 설치하면 된다.
---
[kubernetes]
name=Kubernetes
baseurl=http://yum.kubernetes.io/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg
https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg
---
:wq
---
Master인 경우
[root@docker03 modules-load.d]# systemctl enable kubelet
[root@docker03 modules-load.d]# kubeadm init
[root@docker03 modules-load.d]# mkdir -p $HOME/.kube
[root@docker03 modules-load.d]# sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
[root@docker03 modules-load.d]# sudo chown $(id -u):$(id -g) $HOME/.kube/config
[root@docker03 modules-load.d]# export KUBECONFIG=/etc/kubernetes/admin.conf
Worker Node인 경우
[root@docker03 modules-load.d]# kubeadm reset
[root@docker03 modules-load.d]# kubeadm join {Master_IP}:6443 --token {token_키} --discovery-token-ca-cert-hash sha256:{hash_token_키}
node 추가를 위해 join하는 방법 정리 포스팅은 아래를 참고하세요.
728x90
'Infrastructure > Docker & Kubernetes' 카테고리의 다른 글
[kubernetes] rook-ceph Error: clock skew detected on mon.b, mon.d (0) | 2024.03.09 |
---|---|
[kubernetes] rook-ceph Error: mon d is low on available space (1) | 2024.03.09 |
[kubernetes] token, hash token 발급 후 join, node 추가 방법 (0) | 2024.03.03 |
[kubernetes] CentOS에서 k8s 완전 삭제하기 (0) | 2024.03.03 |
[kubernetes] CentOS에서 Docker 완전 삭제하기 (0) | 2024.03.03 |