[ Kube 97 ] Live switching of Kubernetes container runtime | From Docker to Containerd
HTML-код
- Опубликовано: 10 фев 2025
- In this video, I will show you how to change the container runtime on your existing kubernetes cluster with workloads running.
[ Kube 93 ] Kubernetes drops docker? What you need to know
• [ Kube 93 ] Kubernetes...
Learn Kubernetes Playlist:
• Learn Kubernetes
Github:
github.com/jus...
Hope you enjoyed this video. Please share it with your friends and don't forget to subscribe to my channel. For any questions/issues/feedback, please leave me a comment and I will be happy to help.
Thanks for watching.
If you wish to support me:
www.paypal.com...
![[ Kube 98.1 ] Kubernetes cluster with CRI-O container runtime | Step by step tutorial](http://i.ytimg.com/vi/bV5RcNiHlfw/mqdefault.jpg)
![[ Kube 98.1 ] Kubernetes cluster with CRI-O container runtime | Step by step tutorial](/img/tr.png)
![[ Kube 59.2 ] Using Kubernetes Ingress with MetalLB](http://i.ytimg.com/vi/UvwtALIb2U8/mqdefault.jpg)
![[ Kube 69 ] Using Private Docker Registry in Kubernetes](http://i.ytimg.com/vi/r15S2tBevoE/mqdefault.jpg)
Hello Viewers,
Apologies that I forgot to do a final step of uncordoning kmaster.
$ kubectl uncordon kmaster
How can you do that brother because master was Cordon then how could possible
@@krishnarajan319 Thank you so much, it looks like this works well for K8S cluster not managed by Rancher, in my case, Rancher 2.6.9 with four k8S 1.23.6 nodes running with Docker runtime 19.3.10 (1 master, 3 worker nodes), when I followed your method to switch to containerd 1.6.4 for worker node 1,2,3 (master still using docker runtime), all the pods kept being evicted and created, the total number of pods kept increasing, eventually triggering "disk space" usage issue for the k8S nodes.
Your way of explaining things is way good than others.
Many thanks for watching Akash.
Thanks for the video .It helped me to handle my cluster with containerd
Cool. Thanks for watching.
you're the bruce lee of typing on the keyboard ! lol
hehehe. 🤣 Thanks for watching though. Cheers.
You are a Samurai with a keyboard !!!
Everything comes with practice 😇. Thanks for watching.
Thank you for all the content Venkat, if I want to check something, I first come to your channel, no nonsense, to the point, clear explanation! Thanks again!
@@selvakumars6487 happy to hear that. Thank you.
I follow your steps and I been able to migrate from docker to containerd. I had to change a line : kubectl drain NODE --ignore-daemonsets --delete-local-data . now it's time to test it
finally.. lot of problems. Need to setup private registry. other things too
Great stuff! Just follow the steps. Thank you.
Hi Charles, thanks for watching.
thanks the Kubelet config is just what I needed to know
Thanks for watching Jamie.
Excellent. It worked perfectly! Thanks a lot.
Hi Fergus, thanks for watching. Cheers.
Great work. Thanks for your videos!
Hi Doe, thanks for watching.
Awesome Video, I greatly appreciate it. Thank you so much!
Hi Daryl, thanks for watching.
Worked seamlessly!
Hi Jan, thanks for watching.
This was very helpful. thanks! :)
Thanks for watching.
thanks it is very useful!
Hi, Thanks for watching.
Create as always. Thank you fro videos
Great video and very helpful, thank you. Pretty much the only video I've found on how to do the docker --> containerd switch. Did you reference any particular documentation for this?
Hi Peter, thanks for watching. There were no solid documentations on this topic so researched it myself. Cheers.
Super !
Hi Nur, thanks for watching. Cheers.
Mind-blowing
Do you have videos adding Windows Worker Node in a cluster with containerd as runtime? Looking forward to that. Thanks!
Hi Venkat , thanks for this gr8 video . I was able to change CONTAINER-RUNTIME from docker to containerd successfully . Can you make video on bootstrap file that uses "containerd " as "CONTAINER-RUNTIME" by default , when cluster come up with v1.20 ?
Thx,
Pradeep
Hi Venkat, hope you are doing well. Its been days you are not posting any videos, all of your viewers are waiting for you, please come back. Thank you.
Hi Rutvick, thanks for checking on me. I promise I will resume posting videos from next week. I had to pause for a while because I broke my laptop. It took sometime to sort out the new laptop. All good now. You can see my video from next week. Cheers.
hello. long Time no see.
nice course .
if U got free time.
plz do a dual stack course.
thx a lot.
Excellent!!
does this approach works for rke/rancher provisioned cluster?
have you tried new rke2 ?
Thanks for the video Venkat. I follow the steps and everything seems to work until I remove docker from the master node then nothing works after that. When I tried to run 'kubectl get nodes' I get 'Unable to connect to the server: Gateway Timeout'. Somehow, kubectl still depends on docker.
Hi Venkat,
Can you make a full video for installing openunison-orchestra on kubernetes
and integrating with K8s cluster for IAM.
Great video. I am curious to know the scenario when I have a kubernetes cluster running with more than 50 nodes., do I still need to login in to each node and do changes? Apart from this how do I enforce new worker nodes to come up with containerd not docker.
Thanks for watching. I was just demonstrating that there is a way you can change the container runtime on a running cluster. This doesn't mean you have to follow this approach. You would normally provision new worker nodes with containerd installed and migrate the workloads to these new nodes and get rid of the old nodes.
K8s 1.24.6 spun via Kubespray which also install containerd.
This containerd does not respect https_proxy available via shell ENV ?. The ctr prompt is also not found & permission denied. I am executing ctr as root. Status shows ctr running. Due to proxy, pods are now in ImagePullbackOff err. Any feedback on this?. On that node itself podman can access external registry, but containerd fails to go outside?.🥴
Hmm interesting. I haven't tried using proxy on an air-gapped environment. Need to read containerd documentation.
@@justmeandopensource
Okay, one needs to set http_proxy, no_proxy in the containerd proxy.cfg file.
May i know what terminal are you using for SSH connection in this video?
Hi, thanks for watching. I used Alacritty terminal in this video on I3 tiling window manager on Archlinux.
Great video. I am trying to make a deployment of jupyterhub in kubernetes. But I am unable to because of some version and other issues. Can you please make a video of jupyterhub deployment in kubernetes?
I can certainly give it a try. Cheers.
Hi Venkat, Good as always. I know that we are switching to containerd, so what is the best solution to build a docker image with cri-o or containerd?
buildah or kaniko
Hello. Thanks for the video!!
Does it work only with kubernetes 1.20.0? As I tried it with 1.17.3 and 1.19.3 provisioned by kubespray and it didn't work for me.
Hi Sergei, Thanks for watching. Kubespray is an automation tool. If you are using kubespray to manage your k8s cluster, then you don't have to follow this process. The process is different. You need to change the container runtime in the config file and rerun the playbook. However I tried and it didn't work.
Hi Venkat. Been a long time :-)
Do you have any plans to make videos on Gitlab-CI? It would be intreresting to take a look how to create a docker image from scratch then push it to Gitlab docker registry and deploy it to kubernetes.
Well, if you have time to make a series of videos on Gitlab CI/CD it would be just great. Thank you. ;-)
How can i able to change the containerd path from one location to another. Where that config file will be there and what are the steps to be followed to change the path?
Successfully done jobs .... from which registry containerd image will pull ??
It will pull from the registry where your image is stored. That simple.
Hello. I did search on the net but i did not find. Do you know how change container runtime on the AWS EKS? Thank you.
I have a question specific to K8S and container runtimes. I want to experiment running a variety of OCI compliant runtimes over a variety of worker nodes under K8S, for example Work1 runs containerd and Worker2 runs gVisor. Tell me please, is my assumption that I can do this accurate? PS: Thanks for this great video.
Hi Bob, I know I have already mentioned this in the slack workspace but for the benefit of RUclips viewers replying here too.
I am not entirely sure If thats possible literally like running containerd on one node and something else on another node. I haven't tried that. But I think you could configure containerd differently on your nodes to use different downstream runtimes that are OCI compliant. The default is runc and you could use containerd to use something else too I guess.
hi is there any way to detect container runtime endpoint after creating cluster ?
Great video!
You said that when master is down, there will be a short downtime. Is there any way of mitigating that other than having 2 masters?
Hi, thanks for watching. Absolutely no way with single master. Its not a downtime actually as the workloads in worker nodes continue to run. kubectl commands won't work.
@@justmeandopensource Thanks for replying! Is scaling to 2 master nodes as easy as scaling more worker nodes?
PS: Sorry have yet to watch your video on having multi master node
@@weitanglau You have to do the ground work when you initialize the cluster for the first time. Once you have set up a multi master cluster, then it will be easier to scale masters up or down. But you won't be able to convert your single master cluster to multi-master easily.
Also, it is recommended to use an odd number of Master’s, so that the cluster can determine quorum, I think that is the word. Basically the etcd database needs an odd number just in case one gets out of sync. By “Needs,” I mean best practices/recommended.
Also forgot to mention, you can actually run a master and worker as the same node, that is running workloads on a master.
Microk8s actually is one way of doing that.
Alternatively, you can manually set your Kubernetes Master to take workloads with kube ctl with taints. This would allow you to setup either a single node cluster or a 3 node master cluster running the workloads on the masters. Just make sure that you allow enough resources (RAM, CPU, and disk space) for running a node as a Master and worker.
I am actually using both methods right now to learn Kubernetes with limited resources, on virtual machines sort of bare metal, as I don’t want the costs of the cloud.
I have an lxd infrastructure and i want to install a kubernetes cluster on it.
I followed your latest video about it and i ran ./kubelx command.
It seems that cni and flannel network were not created and when i run a kubectl command it shows me the following message:
The connection to the server 10.211.7.165:6443 was refused - did you specify the right host or port?
I defined the kubeconfig parameter for the admin config but it continues the same behavior.
Any other ideas about what might be the problem?
Did it work? And whats your problem? I think I responded to this query on the other video where you originally asked.
@@justmeandopensource I answered there what happened!Unfortunately not! I dont know why the cni network is not ceated and i cannot run any kubectl command due to connection lost.
Hi Venkat where are you bro? everything is ok ? 2 month have no your videos on youtube (((
Hi Farid, thanks for checking. I broke my Dell XPS which served me last couple years. I have been trying to get a new one but already sent two of them back due to hardware issues. Hence the delay. Hopefully will get back on track soon.
hey bro i want docker runtime insted of conatiner runtime how it work please help me if i use containrd runtime it throw image pull back error on nodes
If we use cloud service kubernetes (Azure,aws,etc) even then should we have to do this?
Hi Raghu, thanks for watching. If you are using one of the managed kubernetes service in the cloud, your control planes will be done for you automatically, but you will have to do this on worker node pools/groups. Steps will be different obviously in the cloud to the one I explained in this video. Cheers.
Hello sir if possible could you please make video on istio. thank you
I have k8s on raspberry, containerd as runtime, and in config.toml - disabled_plugins = ["cri"] not commented, docker also installed... do you know how is that working :D ?
hi, thanks for watching. Thats kind of expected. This link may give you some information.
github.com/kinvolk/Flatcar/issues/283
@@justmeandopensource thank you, didn't know that's default setup.
@@madrag no worries. you are welcome.
Hello Venkat,
My application was working fine until today and today I have upgraded the cluster from 1.18.14 to 1.19.9. After the upgrade K8S is not able to pull images and launch images from the private registry. Getting below error as per kubectl describe command output.
'Failed to pull image "": rpc error: code = Unknown desc = failed to pull and unpack image "": unexpected end of JSON input'
Public images like MongoDB, ELK Stack, RabbitMQ are working fine without any issues. Getting error only for my owned docker images. Do we need to make any changes on the Docker image before using Containerd? Could you please help me.
Hmm. That was strange. I haven't encountered that before. Can you spin up a new k8s 1.19.9 cluster and test this to confirm?
Similar situation, Try setting the http_proxy & no_proxy on each node?.
The k8s 1.24 via Ansible (kubespray ) is with containerd.
The snapshots subfolder got deleted hence Control plane master KubeScheduler is not coming up. Here is the msg. Any suggestion how to recover.
kube-scheduler: failed to create containerd container: failed to create prepare snapshot dir : stat /data/containerd/io.containerd.snapshotter.v1.overlayfs/snapshots: no such file or directory Warning BackOff kubelet Back-off restarting failed container.
What zsh theme are you using?
Hi Gary, thanks for watching.
I use Powerlevel10k for theme and couple plugins (zsh-autosuggestion & zsh-syntax-highlighting)
Hi Venkat.. could you please make a vedio on kube monkey and chaos engineering
After I uninstalled docker, kubectl can't connect anymore. The following error will appear :The connection to server 192.168.1.1:6443 was refused - did you specify the right host or port ?
Hi, did you check if the api server is running on the master node?
@@justmeandopensource Uninstall docker directly on the master node, and the kubectl gets command can no longer be used, and nothing can be seen. . My os version is ubuntu16.04 and the k8 version is 1.20.4. On the master node, the containerd version is 1.5.2. Is my version wrong?
@@ccnankai5591 I am having the same issue. Mine are ubuntu 20.04, k8 1.23.3, container 1.5.5
Hi Vencat , why we dont see your fresh videos? is all good?
Hi Farid, many thanks for checking on me. All good. I was just taking some time off RUclips for few weeks.
Will be back with kubernetes videos from next week. Cheers.
Can you please show me the switching process in centos 7
Error: failed to start containerd task "win-cal": hcs::System::CreateProcess when we are deploying windows pod in windows node pool
what is the difference between cordon and drain ???
Hi Ayush, thanks for watching. Cordon just disables the node so that no more pods get scheduled on it. The pods that are already running on that node will continue to run. Drain evicts the pod from that node. Hope it makes sense.
@@justmeandopensource since draining a node also disables it for scheduling, you don't have to cordon it as well ;)
You only need that to stop kubernetes from scheduling new pods on that node for example :)
@@LampJustin You are right.
with CRI-O please
I will add it to my list. Cheers.
@@justmeandopensource wow .. thanks sir
@@Fickysyahreza You are welcome.
please any one let me know how to switch from cri-o run time to docker run time using commands.
Hi Bodakuntla, thanks for watching. Its not a good practice to live switching the underlying container runtime in your kubernetes cluster. I was just illustrating the possibility of doing that. Better and clean to bring up a new cluster with desired runtime and migrate stuff to it.
Hi,
By following your video, I have successfully migrated from docker to contained in my live cluster.
Now I have tried to upgrade the cluster from 1.19.4 to 1.20.2,
But facing with below problem.
[upgrade/config] Making sure the configuration is correct:
[upgrade/config] Reading configuration from the cluster...
[upgrade/config] FYI: You can look at this config file with 'kubectl -n kube-system get cm kubeadm-config -o yaml'
W0211 17:56:45.651061 2118 kubelet.go:200] cannot automatically set CgroupDriver when starting the Kubelet: cannot execute 'docker info -f {{.CgroupDriver}}': exit status 2
[preflight] Running pre-flight checks.
[upgrade] Running cluster health checks
[upgrade/version] You have chosen to change the cluster version to "v1.20.2"
[upgrade/versions] Cluster version: v1.19.5
[upgrade/versions] kubeadm version: v1.20.2
[upgrade/confirm] Are you sure you want to proceed with the upgrade? [y/N]: y
[upgrade/prepull] Pulling images required for setting up a Kubernetes cluster
[upgrade/prepull] This might take a minute or two, depending on the speed of your internet connection
[upgrade/prepull] You can also perform this action in beforehand using 'kubeadm config images pull'
[preflight] Some fatal errors occurred:
[ERROR ImagePull]: failed to pull image k8s.gcr.io/kube-apiserver:v1.20.2: output: Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?
, error: exit status 1
[ERROR ImagePull]: failed to pull image k8s.gcr.io/kube-controller-manager:v1.20.2: output: Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?
, error: exit status 1
[ERROR ImagePull]: failed to pull image k8s.gcr.io/kube-scheduler:v1.20.2: output: Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?
, error: exit status 1
[ERROR ImagePull]: failed to pull image k8s.gcr.io/kube-proxy:v1.20.2: output: Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?
, error: exit status 1
[ERROR ImagePull]: failed to pull image k8s.gcr.io/pause:3.2: output: Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?
, error: exit status 1
[ERROR ImagePull]: failed to pull image k8s.gcr.io/etcd:3.4.13-0: output: Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?
, error: exit status 1
[ERROR ImagePull]: failed to pull image k8s.gcr.io/coredns:1.7.0: output: Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?
, error: exit status 1
[preflight] If you know what you are doing, you can make a check non-fatal with `--ignore-preflight-errors=...`
To see the stack trace of this error execute with --v=5 or higher
It seems still is referring to the docker on kubeadm upgrade.
Please provide me your valuable suggestion
Hi Ganesh, thanks for watching.
Can you try this instead by explicitly specifying the runtime?
$ kubeadm config images pull --cri-socket /run/containerd/containerd.sock
And then try doing kubeadm upgrade plan and kubeadm upgrade apply etc...
can you make videos on cobbler.github.io/ and kickstart installations of linux.
@justmeandopensource - If we move from Kubernetes 1.23 to 1.28 will this continue to work? OR If we want to continue using Docker Engine we need to migrate to a CRI-compatible adapter like cri-dockerd. ?