apt-get update && apt-get install -y apt-transport-https curl
curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | apt-key add -
cat <<EOF >/etc/apt/sources.list.d/kubernetes.list
deb http://apt.kubernetes.io/ kubernetes-xenial main
EOF
apt-get update && apt-get install -y kubelet=1.13.3-00 kubeadm=1.13.3-00 kubectl=1.13.3-00
swapoff -a
vim /etc/fstab
https://github.com/containerd/cri/blob/master/docs/installation.md
apt-get install libseccomp2
export VERSION=1.2.2
# https://storage.googleapis.com/cri-containerd-release/
wget https://storage.googleapis.com/cri-containerd-release/cri-containerd-${VERSION}.linux-amd64.tar.gz
tar --no-overwrite-dir -C / -xzf cri-containerd-${VERSION}.linux-amd64.tar.gz
cat <<EOF >/etc/systemd/system/kubelet.service.d/0-containerd.conf
[Service]
Environment="KUBELET_EXTRA_ARGS=--container-runtime=remote --runtime-request-timeout=15m --container-runtime-endpoint=unix:///run/containerd/containerd.sock"
EOF
systemctl daemon-reload
systemctl enable containerd
systemctl start containerd
ls -ltr /var/run/containerd/containerd.sock
systemctl enable kubelet
systemctl start kubelet
modprobe overlay
modprobe br_netfilter
# Setup required sysctl params, these persist across reboots.
cat > /etc/sysctl.d/99-kubernetes-cri.conf <<EOF
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
net.bridge.bridge-nf-call-ip6tables = 1
EOF
sysctl --system
kubeadm init --pod-network-cidr=10.244.0.0/16 --cri-socket=/var/run/containerd/containerd.sock
mkdir -p $HOME/.kube
cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
chown $(id -u):$(id -g) $HOME/.kube/config
kubectl taint nodes --all node-role.kubernetes.io/master-
mount bpffs /sys/fs/bpf -t bpf
vim /etc/fstab
bpffs /sys/fs/bpf bpf defaults 0 0
cat <<EOF | sudo tee /etc/systemd/system/sys-fs-bpf.mount
[Unit]
Description=Cilium BPF mounts
Documentation=http://docs.cilium.io/
DefaultDependencies=no
Before=local-fs.target umount.target
After=swap.target
[Mount]
What=bpffs
Where=/sys/fs/bpf
Type=bpf
[Install]
WantedBy=multi-user.target
EOF
wget https://raw.githubusercontent.com/cilium/cilium/v1.4/examples/kubernetes/1.13/cilium-crio.yaml
cat <<EOF | sudo tee ./cilium.patch
diff --git a/cilium-crio.yaml b/cilium-crio.yaml
index 126ae24..12783b5 100644
--- a/cilium-crio.yaml
+++ b/cilium-crio.yaml
@@ -192,7 +192,8 @@ spec:
- --debug=\$(CILIUM_DEBUG)
- --kvstore=etcd
- --kvstore-opt=etcd.config=/var/lib/etcd-config/etcd.config
- - --container-runtime=crio
+ - --container-runtime=containerd
+ - --container-runtime-endpoint=containerd=/var/run/containerd/containerd.sock
command:
- cilium-agent
env:
@@ -387,8 +388,8 @@ spec:
name: cni-path
- mountPath: /host/etc/cni/net.d
name: etc-cni-netd
- - mountPath: /var/run/crio/crio.sock
- name: crio-socket
+ - mountPath: /var/run/containerd/containerd.sock
+ name: containerd-socket
readOnly: true
- mountPath: /var/lib/etcd-config
name: etcd-config-path
@@ -444,9 +445,9 @@ spec:
name: cilium-run
# To read labels from CRI-O containers running in the host
- hostPath:
- path: /var/run/crio/crio.sock
+ path: /var/run/containerd/containerd.sock
type: Socket
- name: crio-socket
+ name: containerd-socket
# To install cilium cni plugin in the host
- hostPath:
path: /opt/cni/bin
EOF
git apply cilium.patch
kubectl apply -f cilium.yaml