Switch Flatcar Linux to using containerd CRI

* Use containerd as the Kubernetes Container Runtime
This commit is contained in:
Dalton Hubble 2021-12-14 19:37:43 -08:00
parent bb5e5811ec
commit ef9c6aa423
11 changed files with 36 additions and 10 deletions

View File

@ -4,6 +4,12 @@ Notable changes between versions.
## Latest ## Latest
### Flatcar Linux
* Switch Kubernetes Container Runtime from `docker` to `containerd` ([#1087](https://github.com/poseidon/typhoon/pull/1087))
## v1.23.0
* Kubernetes [v1.23.0](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.23.md#v1230) * Kubernetes [v1.23.0](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.23.md#v1230)
* Normalize CA cert mounts in static Pods and kube-proxy ([#1078](https://github.com/poseidon/typhoon/pull/1078)) * Normalize CA cert mounts in static Pods and kube-proxy ([#1078](https://github.com/poseidon/typhoon/pull/1078))
* Set Kubelet resolver config to `/run/systemd/resolve/resolv.conf` ([#1082](https://github.com/poseidon/typhoon/pull/1082)) * Set Kubelet resolver config to `/run/systemd/resolve/resolv.conf` ([#1082](https://github.com/poseidon/typhoon/pull/1082))

View File

@ -78,7 +78,7 @@ systemd:
-v /run:/run \ -v /run:/run \
-v /sys/fs/cgroup:/sys/fs/cgroup \ -v /sys/fs/cgroup:/sys/fs/cgroup \
-v /var/lib/calico:/var/lib/calico:ro \ -v /var/lib/calico:/var/lib/calico:ro \
-v /var/lib/docker:/var/lib/docker \ -v /var/lib/containerd:/var/lib/containerd \
-v /var/lib/kubelet:/var/lib/kubelet:rshared \ -v /var/lib/kubelet:/var/lib/kubelet:rshared \
-v /var/log:/var/log \ -v /var/log:/var/log \
-v /opt/cni/bin:/opt/cni/bin \ -v /opt/cni/bin:/opt/cni/bin \
@ -88,6 +88,8 @@ systemd:
--authorization-mode=Webhook \ --authorization-mode=Webhook \
--bootstrap-kubeconfig=/etc/kubernetes/kubeconfig \ --bootstrap-kubeconfig=/etc/kubernetes/kubeconfig \
--cgroup-driver=systemd \ --cgroup-driver=systemd \
--container-runtime=remote \
--container-runtime-endpoint=unix:///run/containerd/containerd.sock \
--client-ca-file=/etc/kubernetes/ca.crt \ --client-ca-file=/etc/kubernetes/ca.crt \
--cluster_dns=${cluster_dns_service_ip} \ --cluster_dns=${cluster_dns_service_ip} \
--cluster_domain=${cluster_domain_suffix} \ --cluster_domain=${cluster_domain_suffix} \

View File

@ -53,7 +53,7 @@ systemd:
-v /run:/run \ -v /run:/run \
-v /sys/fs/cgroup:/sys/fs/cgroup \ -v /sys/fs/cgroup:/sys/fs/cgroup \
-v /var/lib/calico:/var/lib/calico:ro \ -v /var/lib/calico:/var/lib/calico:ro \
-v /var/lib/docker:/var/lib/docker \ -v /var/lib/containerd:/var/lib/containerd \
-v /var/lib/kubelet:/var/lib/kubelet:rshared \ -v /var/lib/kubelet:/var/lib/kubelet:rshared \
-v /var/log:/var/log \ -v /var/log:/var/log \
-v /opt/cni/bin:/opt/cni/bin \ -v /opt/cni/bin:/opt/cni/bin \
@ -63,6 +63,8 @@ systemd:
--authorization-mode=Webhook \ --authorization-mode=Webhook \
--bootstrap-kubeconfig=/etc/kubernetes/kubeconfig \ --bootstrap-kubeconfig=/etc/kubernetes/kubeconfig \
--cgroup-driver=systemd \ --cgroup-driver=systemd \
--container-runtime=remote \
--container-runtime-endpoint=unix:///run/containerd/containerd.sock \
--client-ca-file=/etc/kubernetes/ca.crt \ --client-ca-file=/etc/kubernetes/ca.crt \
--cluster_dns=${cluster_dns_service_ip} \ --cluster_dns=${cluster_dns_service_ip} \
--cluster_domain=${cluster_domain_suffix} \ --cluster_domain=${cluster_domain_suffix} \

View File

@ -75,7 +75,7 @@ systemd:
-v /run:/run \ -v /run:/run \
-v /sys/fs/cgroup:/sys/fs/cgroup \ -v /sys/fs/cgroup:/sys/fs/cgroup \
-v /var/lib/calico:/var/lib/calico:ro \ -v /var/lib/calico:/var/lib/calico:ro \
-v /var/lib/docker:/var/lib/docker \ -v /var/lib/containerd:/var/lib/containerd \
-v /var/lib/kubelet:/var/lib/kubelet:rshared \ -v /var/lib/kubelet:/var/lib/kubelet:rshared \
-v /var/log:/var/log \ -v /var/log:/var/log \
-v /opt/cni/bin:/opt/cni/bin \ -v /opt/cni/bin:/opt/cni/bin \
@ -85,6 +85,8 @@ systemd:
--authorization-mode=Webhook \ --authorization-mode=Webhook \
--bootstrap-kubeconfig=/etc/kubernetes/kubeconfig \ --bootstrap-kubeconfig=/etc/kubernetes/kubeconfig \
--cgroup-driver=systemd \ --cgroup-driver=systemd \
--container-runtime=remote \
--container-runtime-endpoint=unix:///run/containerd/containerd.sock \
--client-ca-file=/etc/kubernetes/ca.crt \ --client-ca-file=/etc/kubernetes/ca.crt \
--cluster_dns=${cluster_dns_service_ip} \ --cluster_dns=${cluster_dns_service_ip} \
--cluster_domain=${cluster_domain_suffix} \ --cluster_domain=${cluster_domain_suffix} \

View File

@ -50,7 +50,7 @@ systemd:
-v /run:/run \ -v /run:/run \
-v /sys/fs/cgroup:/sys/fs/cgroup \ -v /sys/fs/cgroup:/sys/fs/cgroup \
-v /var/lib/calico:/var/lib/calico:ro \ -v /var/lib/calico:/var/lib/calico:ro \
-v /var/lib/docker:/var/lib/docker \ -v /var/lib/containerd:/var/lib/containerd \
-v /var/lib/kubelet:/var/lib/kubelet:rshared \ -v /var/lib/kubelet:/var/lib/kubelet:rshared \
-v /var/log:/var/log \ -v /var/log:/var/log \
-v /opt/cni/bin:/opt/cni/bin \ -v /opt/cni/bin:/opt/cni/bin \
@ -60,6 +60,8 @@ systemd:
--authorization-mode=Webhook \ --authorization-mode=Webhook \
--bootstrap-kubeconfig=/etc/kubernetes/kubeconfig \ --bootstrap-kubeconfig=/etc/kubernetes/kubeconfig \
--cgroup-driver=systemd \ --cgroup-driver=systemd \
--container-runtime=remote \
--container-runtime-endpoint=unix:///run/containerd/containerd.sock \
--client-ca-file=/etc/kubernetes/ca.crt \ --client-ca-file=/etc/kubernetes/ca.crt \
--cluster_dns=${cluster_dns_service_ip} \ --cluster_dns=${cluster_dns_service_ip} \
--cluster_domain=${cluster_domain_suffix} \ --cluster_domain=${cluster_domain_suffix} \

View File

@ -83,7 +83,7 @@ systemd:
-v /run:/run \ -v /run:/run \
-v /sys/fs/cgroup:/sys/fs/cgroup \ -v /sys/fs/cgroup:/sys/fs/cgroup \
-v /var/lib/calico:/var/lib/calico:ro \ -v /var/lib/calico:/var/lib/calico:ro \
-v /var/lib/docker:/var/lib/docker \ -v /var/lib/containerd:/var/lib/containerd \
-v /var/lib/kubelet:/var/lib/kubelet:rshared \ -v /var/lib/kubelet:/var/lib/kubelet:rshared \
-v /var/log:/var/log \ -v /var/log:/var/log \
-v /opt/cni/bin:/opt/cni/bin \ -v /opt/cni/bin:/opt/cni/bin \
@ -93,6 +93,8 @@ systemd:
--authorization-mode=Webhook \ --authorization-mode=Webhook \
--bootstrap-kubeconfig=/etc/kubernetes/kubeconfig \ --bootstrap-kubeconfig=/etc/kubernetes/kubeconfig \
--cgroup-driver=systemd \ --cgroup-driver=systemd \
--container-runtime=remote \
--container-runtime-endpoint=unix:///run/containerd/containerd.sock \
--client-ca-file=/etc/kubernetes/ca.crt \ --client-ca-file=/etc/kubernetes/ca.crt \
--cluster_dns=${cluster_dns_service_ip} \ --cluster_dns=${cluster_dns_service_ip} \
--cluster_domain=${cluster_domain_suffix} \ --cluster_domain=${cluster_domain_suffix} \

View File

@ -58,7 +58,7 @@ systemd:
-v /run:/run \ -v /run:/run \
-v /sys/fs/cgroup:/sys/fs/cgroup \ -v /sys/fs/cgroup:/sys/fs/cgroup \
-v /var/lib/calico:/var/lib/calico:ro \ -v /var/lib/calico:/var/lib/calico:ro \
-v /var/lib/docker:/var/lib/docker \ -v /var/lib/containerd:/var/lib/containerd \
-v /var/lib/kubelet:/var/lib/kubelet:rshared \ -v /var/lib/kubelet:/var/lib/kubelet:rshared \
-v /var/log:/var/log \ -v /var/log:/var/log \
-v /opt/cni/bin:/opt/cni/bin \ -v /opt/cni/bin:/opt/cni/bin \
@ -68,6 +68,8 @@ systemd:
--authorization-mode=Webhook \ --authorization-mode=Webhook \
--bootstrap-kubeconfig=/etc/kubernetes/kubeconfig \ --bootstrap-kubeconfig=/etc/kubernetes/kubeconfig \
--cgroup-driver=systemd \ --cgroup-driver=systemd \
--container-runtime=remote \
--container-runtime-endpoint=unix:///run/containerd/containerd.sock \
--client-ca-file=/etc/kubernetes/ca.crt \ --client-ca-file=/etc/kubernetes/ca.crt \
--cluster_dns=${cluster_dns_service_ip} \ --cluster_dns=${cluster_dns_service_ip} \
--cluster_domain=${cluster_domain_suffix} \ --cluster_domain=${cluster_domain_suffix} \

View File

@ -86,7 +86,7 @@ systemd:
-v /run:/run \ -v /run:/run \
-v /sys/fs/cgroup:/sys/fs/cgroup \ -v /sys/fs/cgroup:/sys/fs/cgroup \
-v /var/lib/calico:/var/lib/calico:ro \ -v /var/lib/calico:/var/lib/calico:ro \
-v /var/lib/docker:/var/lib/docker \ -v /var/lib/containerd:/var/lib/containerd \
-v /var/lib/kubelet:/var/lib/kubelet:rshared \ -v /var/lib/kubelet:/var/lib/kubelet:rshared \
-v /var/log:/var/log \ -v /var/log:/var/log \
-v /opt/cni/bin:/opt/cni/bin \ -v /opt/cni/bin:/opt/cni/bin \
@ -96,6 +96,8 @@ systemd:
--authorization-mode=Webhook \ --authorization-mode=Webhook \
--bootstrap-kubeconfig=/etc/kubernetes/kubeconfig \ --bootstrap-kubeconfig=/etc/kubernetes/kubeconfig \
--cgroup-driver=systemd \ --cgroup-driver=systemd \
--container-runtime=remote \
--container-runtime-endpoint=unix:///run/containerd/containerd.sock \
--client-ca-file=/etc/kubernetes/ca.crt \ --client-ca-file=/etc/kubernetes/ca.crt \
--cluster_dns=${cluster_dns_service_ip} \ --cluster_dns=${cluster_dns_service_ip} \
--cluster_domain=${cluster_domain_suffix} \ --cluster_domain=${cluster_domain_suffix} \

View File

@ -61,7 +61,7 @@ systemd:
-v /run:/run \ -v /run:/run \
-v /sys/fs/cgroup:/sys/fs/cgroup \ -v /sys/fs/cgroup:/sys/fs/cgroup \
-v /var/lib/calico:/var/lib/calico:ro \ -v /var/lib/calico:/var/lib/calico:ro \
-v /var/lib/docker:/var/lib/docker \ -v /var/lib/containerd:/var/lib/containerd \
-v /var/lib/kubelet:/var/lib/kubelet:rshared \ -v /var/lib/kubelet:/var/lib/kubelet:rshared \
-v /var/log:/var/log \ -v /var/log:/var/log \
-v /opt/cni/bin:/opt/cni/bin \ -v /opt/cni/bin:/opt/cni/bin \
@ -71,6 +71,8 @@ systemd:
--authorization-mode=Webhook \ --authorization-mode=Webhook \
--bootstrap-kubeconfig=/etc/kubernetes/kubeconfig \ --bootstrap-kubeconfig=/etc/kubernetes/kubeconfig \
--cgroup-driver=systemd \ --cgroup-driver=systemd \
--container-runtime=remote \
--container-runtime-endpoint=unix:///run/containerd/containerd.sock \
--client-ca-file=/etc/kubernetes/ca.crt \ --client-ca-file=/etc/kubernetes/ca.crt \
--cluster_dns=${cluster_dns_service_ip} \ --cluster_dns=${cluster_dns_service_ip} \
--cluster_domain=${cluster_domain_suffix} \ --cluster_domain=${cluster_domain_suffix} \

View File

@ -75,7 +75,7 @@ systemd:
-v /run:/run \ -v /run:/run \
-v /sys/fs/cgroup:/sys/fs/cgroup \ -v /sys/fs/cgroup:/sys/fs/cgroup \
-v /var/lib/calico:/var/lib/calico:ro \ -v /var/lib/calico:/var/lib/calico:ro \
-v /var/lib/docker:/var/lib/docker \ -v /var/lib/containerd:/var/lib/containerd \
-v /var/lib/kubelet:/var/lib/kubelet:rshared \ -v /var/lib/kubelet:/var/lib/kubelet:rshared \
-v /var/log:/var/log \ -v /var/log:/var/log \
-v /opt/cni/bin:/opt/cni/bin \ -v /opt/cni/bin:/opt/cni/bin \
@ -85,6 +85,8 @@ systemd:
--authorization-mode=Webhook \ --authorization-mode=Webhook \
--bootstrap-kubeconfig=/etc/kubernetes/kubeconfig \ --bootstrap-kubeconfig=/etc/kubernetes/kubeconfig \
--cgroup-driver=systemd \ --cgroup-driver=systemd \
--container-runtime=remote \
--container-runtime-endpoint=unix:///run/containerd/containerd.sock \
--client-ca-file=/etc/kubernetes/ca.crt \ --client-ca-file=/etc/kubernetes/ca.crt \
--cluster_dns=${cluster_dns_service_ip} \ --cluster_dns=${cluster_dns_service_ip} \
--cluster_domain=${cluster_domain_suffix} \ --cluster_domain=${cluster_domain_suffix} \

View File

@ -50,7 +50,7 @@ systemd:
-v /run:/run \ -v /run:/run \
-v /sys/fs/cgroup:/sys/fs/cgroup \ -v /sys/fs/cgroup:/sys/fs/cgroup \
-v /var/lib/calico:/var/lib/calico:ro \ -v /var/lib/calico:/var/lib/calico:ro \
-v /var/lib/docker:/var/lib/docker \ -v /var/lib/containerd:/var/lib/containerd \
-v /var/lib/kubelet:/var/lib/kubelet:rshared \ -v /var/lib/kubelet:/var/lib/kubelet:rshared \
-v /var/log:/var/log \ -v /var/log:/var/log \
-v /opt/cni/bin:/opt/cni/bin \ -v /opt/cni/bin:/opt/cni/bin \
@ -60,6 +60,8 @@ systemd:
--authorization-mode=Webhook \ --authorization-mode=Webhook \
--bootstrap-kubeconfig=/etc/kubernetes/kubeconfig \ --bootstrap-kubeconfig=/etc/kubernetes/kubeconfig \
--cgroup-driver=systemd \ --cgroup-driver=systemd \
--container-runtime=remote \
--container-runtime-endpoint=unix:///run/containerd/containerd.sock \
--client-ca-file=/etc/kubernetes/ca.crt \ --client-ca-file=/etc/kubernetes/ca.crt \
--cluster_dns=${cluster_dns_service_ip} \ --cluster_dns=${cluster_dns_service_ip} \
--cluster_domain=${cluster_domain_suffix} \ --cluster_domain=${cluster_domain_suffix} \