| k8s+crio+podman搭建集群 | 您所在的位置:网站首页 › containerd podman docker 区别 › k8s+crio+podman搭建集群 |
k8s+crio+podman搭建集群
|
前言
在传统的k8s集群中,我们都是使用docker engine做为底层的容器管理软件的,而docker engine因为不是k8s亲生的解决方案,所以实际使用中会有更多的分层。之前我们也讲过,k8s为了调用docker engine,专门写了一个dockershim做为CRI,而在1.20版本的时候,k8s就宣布停止更新dockershim了,也就是说再往后的版本就不推荐使用k8s+dockershim+docker engine的方案了。 而k8s官方比较推荐的解决方案中,官方比较推荐的是cri-o或者containerd,前者是基于开放容器计划(OCI)的实现,后者是基于docker的containerd,后脱离出来进行独立开发的组件,现归属于CNCF组织。 CRI-O vs containerd vs docker daemon 这三者有啥区别呢? 首先,cri-o是cri的实现,可以直接调用底层的runc 其次,containerd是CRI-Containerd的实现,可以调用底层的runc 而docker则需要先调用dockershim,然后调用docker,再调用containerd,最后调用底层的runc 三者区别如图:
k8s+crio+podman实现 podman安装 可参考我前一篇文章 docker的平替--podman - eryoung2 - 博客园 三台机都需要安装podman k8s的安装可参考我另一篇文章 kubernetes 搭建集群 - eryoung2 - 博客园 三台机都需要安装kubelet/kubeadm/kubectl,并启动kubelet cri-o的安装 Ubuntu(18.04)1 准备 modprobe overlay # 打开overlay modprobe br_netfilter # 打开netfilter cat > /etc/sysctl.d/99-kubernetes-cri.conf = 1.0.0), containernetworking-plugins Replaces: cri-o-1.19, cri-o-1.20, cri-o-1.21, cri-o-1.22 Homepage: https://github.com/cri-o/cri-o Download-Size: 19.9 MB APT-Manual-Installed: yes APT-Sources: http://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable:/cri-o:/1.23/xUbuntu_18.04 Packages Description: OCI-based implementation of Kubernetes Container Runtime Interface. N: Ignoring file 'ystemctlqq' in directory '/etc/apt/sources.list.d/' as it has no filename extension systemctl enable crio.service systemctl start crio.service root@home:~# systemctl status crio ● crio.service - Container Runtime Interface for OCI (CRI-O) Loaded: loaded (/usr/lib/systemd/system/crio.service; enabled; vendor preset: enabled) Active: active (running) since Wed 2022-07-13 01:26:03 CST; 16h ago Docs: https://github.com/cri-o/cri-o Main PID: 5338 (crio) Tasks: 15 CGroup: /system.slice/crio.service └─5338 /usr/bin/crio4 使用cri-o 查看状态 root@home:~# crictl info { "status": { "conditions": [ { "type": "RuntimeReady", "status": true, "reason": "", "message": "" }, { "type": "NetworkReady", "status": true, "reason": "", "message": "" } ] } }查看镜像 root@home:~# crictl images IMAGE TAG IMAGE ID SIZE docker.io/calico/cni v3.23.2 a87d3f6f1b8fd 263MB docker.io/calico/node v3.23.2 a3447b26d32c7 224MB docker.io/library/nginx latest 41b0e86104ba6 146MB k8s.gcr.io/coredns/coredns v1.8.6 a4ca41631cc7a 47MB k8s.gcr.io/etcd 3.5.3-0 aebe758cef4cd 301MB k8s.gcr.io/kube-apiserver v1.24.2 d3377ffb7177c 131MB k8s.gcr.io/kube-controller-manager v1.24.2 34cdf99b1bb3b 121MB k8s.gcr.io/kube-proxy v1.24.2 a634548d10b03 112MB k8s.gcr.io/kube-scheduler v1.24.2 5d725196c1f47 52.3MB k8s.gcr.io/pause 3.6 6270bb605e12e 690kB k8s.gcr.io/pause 3.7 221177c6082a8 718kBCentos(7) 1 准备 VERSION=1.22 sudo curl -L -o /etc/yum.repos.d/devel:kubic:libcontainers:stable.repo https://download.opensuse.org/repositories/devel:kubic:libcontainers:stable/CentOS_7/devel:kubic:libcontainers:stable.repo sudo curl -L -o /etc/yum.repos.d/devel:kubic:libcontainers:stable:cri-o:${VERSION}.repo https://download.opensuse.org/repositories/devel:kubic:libcontainers:stable:cri-o:${VERSION}/CentOS_7/devel:kubic:libcontainers:stable:cri-o:${VERSION}.repo2 安装 yum update -y yum install cri-o cri-tools -y3 查看cri-o版本 [root@node1 systemd]# rpm -qi cri-o Name : cri-o Epoch : 0 Version : 1.22.5 Release : 2.2.el7 Architecture: x86_64 Install Date: 2022年07月13日 星期三 01时36分47秒 Group : Unspecified Size : 236845729 License : ASL 2.0 Signature : RSA/SHA256, 2022年07月10日 星期日 12时53分28秒, Key ID 4d64390375060aa4 Source RPM : cri-o-1.22.5-2.2.el7.src.rpm Build Date : 2022年07月10日 星期日 12时53分00秒 Build Host : sheep87 Relocations : (not relocatable) Vendor : obs://build.opensuse.org/devel:kubic URL : https://github.com/cri-o/cri-o Summary : Open Container Initiative-based implementation of Kubernetes Container Runtime Interface Description : Open Container Initiative-based implementation of Kubernetes Container Runtime Interface.4 启动cri-o systemctl enable --now cri-o5 查看cri-o状态 [root@node1 systemd]# systemctl status crio ● crio.service - Container Runtime Interface for OCI (CRI-O) Loaded: loaded (/usr/lib/systemd/system/crio.service; enabled; vendor preset: disabled) Active: active (running) since 三 2022-07-13 01:41:06 CST; 16h ago Docs: https://github.com/cri-o/cri-o Main PID: 24127 (crio) Tasks: 15 Memory: 13.7M CGroup: /system.slice/crio.service └─24127 /usr/bin/crio三台机都安装cri-o并启动。 K8S启动 在master上,跑下列命令: kubeadm init --apiserver-advertise-address 192.168.1.150 --apiserver-bind-port 6443 --kubernetes-version 1.24.2 --pod-network-cidr 10.244.0.0/16然后等5分钟,就创建了一个k8s集群的master node。 Your Kubernetes control-plane has initialized successfully! To start using your cluster, you need to run the following as a regular user: mkdir -p $HOME/.kube sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config sudo chown $(id -u):$(id -g) $HOME/.kube/config Alternatively, if you are the root user, you can run: export KUBECONFIG=/etc/kubernetes/admin.conf You should now deploy a pod network to the cluster. Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at: https://kubernetes.io/docs/concepts/cluster-administration/addons/ Then you can join any number of worker nodes by running the following on each as root: kubeadm join 192.168.1.150:6443 --token gjxt6y.0wljlhfkjz90v12m --discovery-token-ca-cert-hash sha256:d69fc5929e442210c97ab85c05a8c2906f5819a74d5b0fa3481032d6a8f3fc07在三台机上跑这三条命令 mkdir -p $HOME/.kube sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config sudo chown $(id -u):$(id -g) $HOME/.kube/config否则会报错。 The connection to the server localhost:8080 was refused - did you specify the right host or port?检查集群 在以上所有内容都完成之后,我们可以看一下nodes或者pods root@home:~# kubectl get nodes NAME STATUS ROLES AGE VERSION home Ready control-plane 179m v1.24.2 node1 Ready 179m v1.24.2 node2 Ready 179m v1.24.2 root@home:~# kubectl get pods -A NAMESPACE NAME READY STATUS RESTARTS AGE kube-system coredns-6d4b75cb6d-4wxjh 1/1 Running 0 179m kube-system coredns-6d4b75cb6d-7qxpv 1/1 Running 0 179m kube-system etcd-home 1/1 Running 2 3h kube-system kube-apiserver-home 1/1 Running 2 3h kube-system kube-controller-manager-home 1/1 Running 2 3h kube-system kube-proxy-9w7mf 1/1 Running 0 179m kube-system kube-proxy-hpw6c 1/1 Running 0 179m kube-system kube-proxy-tbpr8 1/1 Running 0 179m kube-system kube-scheduler-home 1/1 Running 2 3h鸣谢 Using CRI-O as container runtime for Kubernetes Ubuntu安装CRI-O Install CRI-O Container Runtime on CentOS 8 / CentOS 7 | ComputingForGeeks |
【本文地址】
公司简介
联系我们