From ab48d1b8465c3d8e26af085001b622e7bace274a Mon Sep 17 00:00:00 2001 From: windsonsea Date: Tue, 11 Feb 2025 17:08:36 +0800 Subject: [PATCH] Clean up two pages for migrating-from-dockershim --- .../migrating-from-dockershim/_index.md | 1 - .../migrate-dockershim-dockerd.md | 123 ------------------ ...oubleshooting-cni-plugin-related-errors.md | 37 +++--- 3 files changed, 19 insertions(+), 142 deletions(-) delete mode 100644 content/en/docs/tasks/administer-cluster/migrating-from-dockershim/migrate-dockershim-dockerd.md diff --git a/content/en/docs/tasks/administer-cluster/migrating-from-dockershim/_index.md b/content/en/docs/tasks/administer-cluster/migrating-from-dockershim/_index.md index 212dcd8f2307b..e906a1f71d668 100644 --- a/content/en/docs/tasks/administer-cluster/migrating-from-dockershim/_index.md +++ b/content/en/docs/tasks/administer-cluster/migrating-from-dockershim/_index.md @@ -35,7 +35,6 @@ configuration. These tasks will help you to migrate: * [Check whether Dockershim removal affects you](/docs/tasks/administer-cluster/migrating-from-dockershim/check-if-dockershim-removal-affects-you/) -* [Migrate Docker Engine nodes from dockershim to cri-dockerd](/docs/tasks/administer-cluster/migrating-from-dockershim/migrate-dockershim-dockerd/) * [Migrating telemetry and security agents from dockershim](/docs/tasks/administer-cluster/migrating-from-dockershim/migrating-telemetry-and-security-agents/) diff --git a/content/en/docs/tasks/administer-cluster/migrating-from-dockershim/migrate-dockershim-dockerd.md b/content/en/docs/tasks/administer-cluster/migrating-from-dockershim/migrate-dockershim-dockerd.md deleted file mode 100644 index 652d2d2724c8b..0000000000000 --- a/content/en/docs/tasks/administer-cluster/migrating-from-dockershim/migrate-dockershim-dockerd.md +++ /dev/null @@ -1,123 +0,0 @@ ---- -title: "Migrate Docker Engine nodes from dockershim to cri-dockerd" -weight: 20 -content_type: task ---- - -{{% thirdparty-content %}} - -This page shows you how to migrate your Docker Engine nodes to use `cri-dockerd` -instead of dockershim. You should follow these steps in these scenarios: - - * You want to switch away from dockershim and still use Docker Engine to run - containers in Kubernetes. - * You want to upgrade to Kubernetes v{{< skew currentVersion >}} and your - existing cluster relies on dockershim, in which case you must migrate - from dockershim and `cri-dockerd` is one of your options. - -To learn more about the removal of dockershim, read the [FAQ page](/dockershim). - -## What is cri-dockerd? {#what-is-cri-dockerd} - -In Kubernetes 1.23 and earlier, you could use Docker Engine with Kubernetes, -relying on a built-in component of Kubernetes named _dockershim_. -The dockershim component was removed in the Kubernetes 1.24 release; however, -a third-party replacement, `cri-dockerd`, is available. The `cri-dockerd` adapter -lets you use Docker Engine through the {{}}. - -{{}} -If you already use `cri-dockerd`, you aren't affected by the dockershim removal. -Before you begin, [Check whether your nodes use the dockershim](/docs/tasks/administer-cluster/migrating-from-dockershim/find-out-runtime-you-use/). -{{}} - -If you want to migrate to `cri-dockerd` so that you can continue using Docker -Engine as your container runtime, you should do the following for each affected -node: - -1. Install `cri-dockerd`. -1. Cordon and drain the node. -1. Configure the kubelet to use `cri-dockerd`. -1. Restart the kubelet. -1. Verify that the node is healthy. - -Test the migration on non-critical nodes first. - -You should perform the following steps for each node that you want to migrate -to `cri-dockerd`. - -## {{% heading "prerequisites" %}} - -* [`cri-dockerd`](https://mirantis.github.io/cri-dockerd/usage/install) - installed and started on each node. -* A [network plugin](/docs/concepts/extend-kubernetes/compute-storage-net/network-plugins/). - -## Cordon and drain the node - -1. Cordon the node to stop new Pods scheduling on it: - - ```shell - kubectl cordon - ``` - Replace `` with the name of the node. - -1. Drain the node to safely evict running Pods: - - ```shell - kubectl drain \ - --ignore-daemonsets - ``` - -## Configure the kubelet to use cri-dockerd - -The following steps apply to clusters set up using the kubeadm tool. If you use -a different tool, you should modify the kubelet using the configuration -instructions for that tool. - -1. Open `/var/lib/kubelet/kubeadm-flags.env` on each affected node. -1. Modify the `--container-runtime-endpoint` flag to - `unix:///var/run/cri-dockerd.sock`. -1. Modify the `--container-runtime` flag to `remote` - (unavailable in Kubernetes v1.27 and later). - -The kubeadm tool stores the node's socket as an annotation on the `Node` object -in the control plane. To modify this socket for each affected node: - -1. Edit the YAML representation of the `Node` object: - - ```shell - KUBECONFIG=/path/to/admin.conf kubectl edit no - ``` - Replace the following: - - * `/path/to/admin.conf`: the path to the kubectl configuration file, - `admin.conf`. - * ``: the name of the node you want to modify. - -1. Change `kubeadm.alpha.kubernetes.io/cri-socket` from - `/var/run/dockershim.sock` to `unix:///var/run/cri-dockerd.sock`. -1. Save the changes. The `Node` object is updated on save. - -## Restart the kubelet - -```shell -systemctl restart kubelet -``` - -## Verify that the node is healthy - -To check whether the node uses the `cri-dockerd` endpoint, follow the -instructions in [Find out which runtime you use](/docs/tasks/administer-cluster/migrating-from-dockershim/find-out-runtime-you-use/). -The `--container-runtime-endpoint` flag for the kubelet should be `unix:///var/run/cri-dockerd.sock`. - -## Uncordon the node - -Uncordon the node to let Pods schedule on it: - -```shell -kubectl uncordon -``` - -## {{% heading "whatsnext" %}} - -* Read the [dockershim removal FAQ](/dockershim/). -* [Learn how to migrate from Docker Engine with dockershim to containerd](/docs/tasks/administer-cluster/migrating-from-dockershim/change-runtime-containerd/). diff --git a/content/en/docs/tasks/administer-cluster/migrating-from-dockershim/troubleshooting-cni-plugin-related-errors.md b/content/en/docs/tasks/administer-cluster/migrating-from-dockershim/troubleshooting-cni-plugin-related-errors.md index 3a8534889fb1a..a9a7acce23849 100644 --- a/content/en/docs/tasks/administer-cluster/migrating-from-dockershim/troubleshooting-cni-plugin-related-errors.md +++ b/content/en/docs/tasks/administer-cluster/migrating-from-dockershim/troubleshooting-cni-plugin-related-errors.md @@ -17,7 +17,8 @@ Kubernetes. Service issues exist for pod CNI network setup and tear down in containerd v1.6.0-v1.6.3 when the CNI plugins have not been upgraded and/or the CNI config -version is not declared in the CNI config files. The containerd team reports, "these issues are resolved in containerd v1.6.4." +version is not declared in the CNI config files. The containerd team reports, +"these issues are resolved in containerd v1.6.4." With containerd v1.6.0-v1.6.3, if you do not upgrade the CNI plugins and/or declare the CNI config version, you might encounter the following "Incompatible @@ -59,23 +60,23 @@ your CNI plugins and editing the CNI config files. Here's an overview of the typical steps for each node: -1. [Safely drain and cordon the -node](/docs/tasks/administer-cluster/safely-drain-node/). -2. After stopping your container runtime and kubelet services, perform the -following upgrade operations: - - If you're running CNI plugins, upgrade them to the latest version. - - If you're using non-CNI plugins, replace them with CNI plugins. Use the - latest version of the plugins. - - Update the plugin configuration file to specify or match a version of the - CNI specification that the plugin supports, as shown in the following ["An - example containerd configuration - file"](#an-example-containerd-configuration-file) section. - - For `containerd`, ensure that you have installed the latest version (v1.0.0 - or later) of the CNI loopback plugin. - - Upgrade node components (for example, the kubelet) to Kubernetes v1.24 - - Upgrade to or install the most current version of the container runtime. -3. Bring the node back into your cluster by restarting your container runtime -and kubelet. Uncordon the node (`kubectl uncordon `). +1. [Safely drain and cordon the node](/docs/tasks/administer-cluster/safely-drain-node/). +1. After stopping your container runtime and kubelet services, perform the + following upgrade operations: + + - If you're running CNI plugins, upgrade them to the latest version. + - If you're using non-CNI plugins, replace them with CNI plugins. Use the + latest version of the plugins. + - Update the plugin configuration file to specify or match a version of the + CNI specification that the plugin supports, as shown in the following + ["An example containerd configuration file"](#an-example-containerd-configuration-file) section. + - For `containerd`, ensure that you have installed the latest version (v1.0.0 or later) + of the CNI loopback plugin. + - Upgrade node components (for example, the kubelet) to Kubernetes v1.24 + - Upgrade to or install the most current version of the container runtime. + +1. Bring the node back into your cluster by restarting your container runtime + and kubelet. Uncordon the node (`kubectl uncordon `). ## An example containerd configuration file