1、实验环境
本实验共两台节点,xianchaomaster1是master,xianchaonode1是worker
kubernetes版本是v1.23.1
系统版本是 centos7.6
具体如下:
[root@xianchaomaster1 ~]# kubectl get nodes -owide NAME STATUS ROLES AGE VERSION INTERNAL-IP EXTERNAL-IP OS-IMAGE KERNEL-VERSION CONTAINER-RUNTIME xianchaomaster1 Ready control-plane,master 52d v1.23.1 192.168.40.180 <none> CentOS Linux 7 (Core) 3.10.0-1160.11.1.el7.x86_64 docker://20.10.16 xianchaonode1 Ready <none> 52d v1.23.1 192.168.40.181 <none> CentOS Linux 7 (Core) 3.10.0-1160.11.1.el7.x86_64 docker://20.10.16 [root@xianchaomaster1 ~]# kubectl get pods NAME READY STATUS RESTARTS AGE wordpress-54fc87d546-gqvc2 1/1 Running 0 18d wordpress-mysql-f59cd675f-xkwsp 1/1 Running 0 18d
2、迁移master
(1)对k8s控制节点xianchaomaster1进行drain
[root@xianchaomaster1 ~]# kubectl drain xianchaomaster1--delete-emptydir-data --force --ignore-daemonsets
备注:
drain:驱逐节点
首先,驱逐node上的pod,其他节点重新创建,接着,将节点调为** SchedulingDisabled**
drain的参数
--force
当一些pod不是经ReplicationController, ReplicaSet, Job, DaemonSet 或者StatefulSet 管理的时候,就需要用--force来强制执行 (例如:kube-proxy)
--ignore-daemonsets
驱逐daemonset管理的pod
--delete-emptydir-data
如果有mount local volumn的pod,会强制驱逐pod
(2)关闭并卸载Docker
[root@xianchaomaster1 ~]# systemctl disable docker --now [root@xianchaomaster1 ~]# yum remove docker-ce docker-ce-cli -y
(3)安装并配置containerd
[root@xianchaomaster1 ~]# yum install containerd.io cri-tools -y [root@xianchaomaster1 ~]# crictl config runtime-endpoint unix:///var/run/containerd/containerd.sock
生成配置文件
[root@xianchaomaster1 ~]# containerd config default > /etc/containerd/config.toml
使用vim编辑器打开/etc/containerd/config.toml
第一步:搜素mirrors,把
改成:
[plugins."io.containerd.grpc.v1.cri".registry.mirrors] [plugins."io.containerd.grpc.v1.cri".registry.mirrors."docker.io"] endpoint = ["https://rsbud4vc.mirror.aliyuncs.com"]
第二步:搜索sandbox,把
改成:sandbox_image = "registry.aliyuncs.com/google_containers/pause:3.7"
第三步:搜索SystemdCgroup,把
改成:
[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc.options] SystemdCgroup = true
保存退出
(4)重启containerd服务
[root@xianchaomaster1 ~]# systemctl enable containerd ; systemctl restart containerd
3、配置并启动kubelet
设置kubelet启动参数
[root@xianchaomaster1 ~]# vim /etc/sysconfig/kubelet KUBELET_EXTRA_ARGS="--container-runtime=remote --runtime-request-timeout=15m --container-runtime-endpoint=unix:///run/containerd/containerd.sock"
重启kubelet服务
[root@xianchaomaster1 ~]# systemctl restart kubelet
4、对master节点进行uncordon
[root@xianchaomaster1 ~]# kubectl uncordon xianchaomaster1
5、验证是否把容器运行时由docker迁移到containerd
[root@xianchaomaster1 ~]# kubectl get nodes -owide NAME STATUS ROLES AGE VERSION INTERNAL-IP EXTERNAL-IP OS-IMAGE KERNEL-VERSION CONTAINER-RUNTIME xianchaomaster1 Ready control-plane,master 52d v1.23.1 192.168.40.180 <none> CentOS Linux 7 (Core) 3.10.0-1160.11.1.el7.x86_64 containerd://1.6.6 xianchaonode1 Ready <none> 52d v1.23.1 192.168.40.181 <none> CentOS Linux 7 (Core) 3.10.0-1160.11.1.el7.x86_64 docker://20.10.16
4、迁移work节点
(1)对k8s工作节点xianchaonode1进行drain
[root@xianchaomaster1 ~]# kubectl drain xianchaonode1 --delete-emptydir-data --force --ignore-daemonsets
(2)关闭并卸载Docker
[root@xianchaonode1 ~]# systemctl disable docker --now [root@ xianchaonode1 ~]# yum remove docker-ce docker-ce-cli -y
(3)安装并配置containerd
[root@ xianchaonode1 ~]# yum install containerd.io cri-tools -y [root@ xianchaonode1 ~]# crictl config runtime-endpoint unix:///var/run/containerd/containerd.sock
生成配置文件
[root@ xianchaonode1 ~]# containerd config default > /etc/containerd/config.toml
使用vim编辑器打开/etc/containerd/config.toml
第一步:搜素mirrors,把
改成:
[plugins."io.containerd.grpc.v1.cri".registry.mirrors] [plugins."io.containerd.grpc.v1.cri".registry.mirrors."docker.io"] endpoint = ["https://rsbud4vc.mirror.aliyuncs.com"]
第二步:搜索sandbox,把
改成:sandbox_image = "registry.aliyuncs.com/google_containers/pause:3.7"
第三步:搜索SystemdCgroup,把
改成:
[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc.options] SystemdCgroup = true
保存退出
(4)重启containerd服务
[root@ xianchaonode1 ~]# systemctl enable containerd ; systemctl restart containerd
3、配置并启动kubelet
设置kubelet启动参数
[root@ xianchaonode1 ~]# vim /etc/sysconfig/kubelet KUBELET_EXTRA_ARGS="--container-runtime=remote --runtime-request-timeout=15m --container-runtime-endpoint=unix:///run/containerd/containerd.sock"
重启kubelet服务
[root@ xianchaonode1 ~]# systemctl restart kubelet
4、对master节点进行uncordon
[root@ xianchaonode1 ~]# kubectl uncordon xianchaonode1
5、验证是否把容器运行时由docker迁移到containerd
[root@xianchaomaster1 ~]# kubectl get nodes -owide NAME STATUS ROLES AGE VERSION INTERNAL-IP EXTERNAL-IP OS-IMAGE KERNEL-VERSION CONTAINER-RUNTIME xianchaomaster1 Ready control-plane,master 52d v1.23.1 192.168.40.180 <none> CentOS Linux 7 (Core) 3.10.0-1160.11.1.el7.x86_64 containerd://1.6.6 xianchaonode1 Ready <none> 52d v1.23.1 192.168.40.181 <none> CentOS Linux 7 (Core) 3.10.0-1160.11.1.el7.x86_64 containerd://1.6.6
