废柴阿尤5个月前更新关注私信 Index of linux/centos/7/x86_64/stable/Packages/ (docker.com) Kubernetes自v1.24移除了对docker-shim的支持,而Docker Engine默认又不支持CRI规范,因而二者将无法直接完成整合。为此,Mirantis和Docker联合创建了cri-dockerd项目,用于为Docker Engine提供一个能够支持到CRI规范的垫片,从而能够让Kubernetes基于CRI控制Docker 。 项目地址:https://github.com/Mirantis/cri-dockerd wget https://github.com/Mirantis/cri-dockerd/releases/download/v0.3.13/cri-dockerd-0.3.13-3.el7.x86_64.rpm wget https://download.docker.com/linux/centos/7/x86_64/stable/Packages/docker-ce-20.10.24-3.el7.x86_64.rpm wget https://download.docker.com/linux/centos/7/x86_64/stable/Packages/docker-ce-rootless-extras-20.10.24-3.el7.x86_64.rpm wget https://download.docker.com/linux/centos/7/x86_64/stable/Packages/docker-ce-cli-20.10.24-3.el7.x86_64.rpm wget https://download.docker.com/linux/centos/7/x86_64/stable/Packages/containerd.io-1.4.9-3.1.el7.x86_64.rpm yum localinstall -y *.rpm cat >/etc/docker/daemon.json <<EOF { "registry-mirrors": ["https://r12vlsbe.mirror.aliyuncs.com","https://docker.mirrors.ustc.edu.cn/","https://hub-mirror.c.163.com/","https://reg-mirror.qiniu.com"], "exec-opts": ["native.cgroupdriver=systemd"] } EOF systemctl enable --now docker [root@master ~]# vim /usr/lib/systemd/system/cri-docker.service ...... ExecStart=/usr/bin/cri-dockerd --container-runtime-endpoint fd:// --pod-infra-container-image=registry.aliyuncs.com/google_containers/pause:3.9 --network-plugin=cni --cni-bin-dir=/opt/cni/bin --cni-cache-dir=/var/lib/cni/cache --cni-conf-dir=/etc/cni/net.d ...... [root@master ~]# systemctl enable --now cri-docker 需要添加的各配置参数(各参数的值要与系统部署的CNI插件的实际路径相对应): –pod-infra-container-image :指定使用的pause镜像 –network-plugin:指定网络插件规范的类型,这里要使用CNI; –cni-bin-dir:指定CNI插件二进制程序文件的搜索目录; –cni-cache-dir:CNI插件使用的缓存目录; –cni-conf-dir:CNI插件加载配置文件的目录; 在初始化k8s集群前们可以优先拉取k8s所要用到镜像 [root@master ~]# kubeadm config images pull --image-repository registry.aliyuncs.com/google_containers --kubernetes-version v1.28.2 Found multiple CRI endpoints on the host. Please define which one do you wish to use by setting the 'criSocket' field in the kubeadm configuration file: unix:///var/run/containerd/containerd.sock, unix:///var/run/cri-dockerd.sock To see the stack trace of this error execute with --v=5 or higher 在拉取过程中提示我们有两个容器运行时接口(CRI)端点,因为在安装docker时containerd是作为docker依赖包安装的,当然在安装docker时也可以不用安装cri-dockerd容器运行时,可以直接用containerd作为容器运行时接口,但docker最为现在最流行的容器化技术,我想大部分人还是更亲近于docker。解决上述问题也比较简单,只需要在拉取镜像时使用--cri-socket参数字段指定CRI接口就可以。 [root@master ~]# kubeadm config images pull --image-repository registry.aliyuncs.com/google_containers --kubernetes-version v1.28.2 --cri-socket unix:///run/cri-dockerd.sock [config/images] Pulled registry.aliyuncs.com/google_containers/kube-apiserver:v1.28.2 [config/images] Pulled registry.aliyuncs.com/google_containers/kube-controller-manager:v1.28.2 [config/images] Pulled registry.aliyuncs.com/google_containers/kube-scheduler:v1.28.2 [config/images] Pulled registry.aliyuncs.com/google_containers/kube-proxy:v1.28.2 [config/images] Pulled registry.aliyuncs.com/google_containers/pause:3.9 [config/images] Pulled registry.aliyuncs.com/google_containers/etcd:3.5.9-0 [config/images] Pulled registry.aliyuncs.com/google_containers/coredns:v1.10.1 当然上述步骤只是为了在初始化集群时不用等待更长的时间而已,如果上述操作执行也可以直接进行以下步骤进行初始化操作,当然别忘记在初始化时指定容器运行时CRI接口--cri-socket哦 [root@master ~]# kubeadm init --kubernetes-version=1.28.2 --image-repository registry.aliyuncs.com/google_containers --service-cidr=10.200.0.0/16 --pod-network-cidr=10.100.0.0/16 --token-ttl=0 --cri-socket unix:///run/cri-dockerd.sock --upload-certs 在初始化master节点完成后在master节点复制config文件用于管理k8s集群 [root@master ~]# mkdir -p $HOME/.kube [root@master ~]# sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config [root@master ~]# sudo chown $(id -u):$(id -g) $HOME/.kube/config 然后将master节点生成的token复制到node节点,让其加入k8s集群即可 [root@node1 ~]# kubeadm join 10.0.0.200:6443 --token lyucm5.gnw8xj09w562yw3d --discovery-token-ca-cert-hash sha256:4505e11c1ecdc724eee04d508e95150002188b56c149b7545d79e2c743c4f267 --cri-socket unix:///run/cri-dockerd.sock © 版权声明文章版权归作者所有,未经允许请勿转载。THE ENDKubernetes 喜欢就支持一下吧点赞13赞赏 分享QQ空间微博QQ好友海报分享复制链接收藏