summaryrefslogtreecommitdiff
path: root/kubernetes.md
diff options
context:
space:
mode:
authorMatthew Heon <matthew.heon@gmail.com>2017-11-01 13:22:04 -0400
committerMatthew Heon <matthew.heon@gmail.com>2017-11-01 13:22:04 -0400
commitc13f61798aa7bcf7b4de7ee31aa30148a3b08d97 (patch)
tree6f0c3297f91ecbe259d8dc5ff1b0ab3d63e44744 /kubernetes.md
parent92b31c0ff7c75fab3b875fb6b10c14f8e2c031e7 (diff)
downloadpodman-c13f61798aa7bcf7b4de7ee31aa30148a3b08d97.tar.gz
podman-c13f61798aa7bcf7b4de7ee31aa30148a3b08d97.tar.bz2
podman-c13f61798aa7bcf7b4de7ee31aa30148a3b08d97.zip
Prune Server package. Convert to new github location.
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
Diffstat (limited to 'kubernetes.md')
-rw-r--r--kubernetes.md105
1 files changed, 0 insertions, 105 deletions
diff --git a/kubernetes.md b/kubernetes.md
deleted file mode 100644
index a88a76a38..000000000
--- a/kubernetes.md
+++ /dev/null
@@ -1,105 +0,0 @@
-# Running CRI-O on kubernetes cluster
-
-## Switching runtime from docker to CRI-O
-
-In standard docker kubernetes cluster, kubelet is running on each node as systemd service and is taking care of communication between runtime and api service.
-It is reponsible for starting microservices pods (such as `kube-proxy`, `kubedns`, etc. - they can be different for various ways of deploying k8s) and user pods.
-Configuration of kubelet determines which runtime is used and in what way.
-
-Kubelet itself is executed in docker container (as we can see in `kubelet.service`), but, what is important, **it's not** a kubernetes pod (at least for now),
-so we can keep kubelet running inside container (as well as directly on the host), and regardless of this, run pods in chosen runtime.
-
-Below, you can find an instruction how to switch one or more nodes on running kubernetes cluster from docker to CRI-O.
-
-### Preparing crio
-
-You must prepare and install `crio` on each node you would like to switch. Here's the list of files that must be provided:
-
-| File path | Description | Location |
-|--------------------------------------------|----------------------------|-----------------------------------------------------|
-| `/etc/crio/crio.conf` | crio configuration | Generated on cri-o `make install` |
-| `/etc/crio/seccomp.conf` | seccomp config | Example stored in cri-o repository |
-| `/etc/containers/policy.json` | containers policy | Example stored in cri-o repository |
-| `/bin/{crio, runc}` | `crio` and `runc` binaries | Built from cri-o repository |
-| `/usr/local/libexec/crio/conmon` | `conmon` binary | Built from cri-o repository |
-| `/opt/cni/bin/{flannel, bridge,...}` | CNI plugins binaries | Can be built from sources `containernetworking/cni` |
-| `/etc/cni/net.d/10-mynet.conf` | Network config | Example stored in [README file](README.md) |
-
-`crio` binary can be executed directly on host, inside the container or in any way.
-However, recommended way is to set it as a systemd service.
-Here's the example of unit file:
-
-```
-# cat /etc/systemd/system/crio.service
-[Unit]
-Description=CRI-O daemon
-Documentation=https://github.com/kubernetes-incubator/cri-o
-
-[Service]
-ExecStart=/bin/crio --runtime /bin/runc --log /root/crio.log --log-level debug
-Restart=always
-RestartSec=10s
-
-[Install]
-WantedBy=multi-user.target
-```
-
-### Preparing kubelet
-At first, you need to stop kubelet service working on the node:
-```
-# systemctl stop kubelet
-```
-and stop all kubelet docker containers that are still runing.
-
-```
-# docker stop $(docker ps | grep k8s_ | awk '{print $1}')
-```
-
-We have to be sure that `kubelet.service` will start after `crio.service`.
-It can be done by adding `crio.service` to `Wants=` section in `/etc/systemd/system/kubelet.service`:
-
-```
-# cat /etc/systemd/system/kubelet.service | grep Wants
-Wants=docker.socket crio.service
-```
-
-If you'd like to change the way of starting kubelet (e.g. directly on host instead of docker container), you can change it here, but, as mentioned, it's not necessary.
-
-
-Kubelet parameters are stored in `/etc/kubernetes/kubelet.env` file.
-```
-# cat /etc/kubernetes/kubelet.env | grep KUBELET_ARGS
-KUBELET_ARGS="--pod-manifest-path=/etc/kubernetes/manifests
---pod-infra-container-image=gcr.io/google_containers/pause-amd64:3.0
---cluster_dns=10.233.0.3 --cluster_domain=cluster.local
---resolv-conf=/etc/resolv.conf --kubeconfig=/etc/kubernetes/node-kubeconfig.yaml
---require-kubeconfig"
-```
-
-You need to add following parameters to `KUBELET_ARGS`:
-* `--experimental-cri=true` - Use Container Runtime Interface. Will be true by default from kubernetes 1.6 release.
-* `--container-runtime=remote` - Use remote runtime with provided socket.
-* `--container-runtime-endpoint=/var/run/crio.sock` - Socket for remote runtime (default `crio` socket localization).
-* `--runtime-request-timeout=10m` - Optional but useful. Some requests, especially pulling huge images, may take longer than default (2 minutes) and will cause an error.
-
-Kubelet is prepared now.
-
-## Flannel network
-If your cluster is using flannel network, your network configuration should be like:
-```
-# cat /etc/cni/net.d/10-mynet.conf
-{
- "name": "mynet",
- "type": "flannel"
-}
-```
-Then, kubelet will take parameters from `/run/flannel/subnet.env` - file generated by flannel kubelet microservice.
-
-## Starting kubelet with CRI-O
-Start crio first, then kubelet. If you created `crio` service:
-```
-# systemctl start crio
-# systemctl start kubelet
-```
-
-You can follow the progress of preparing node using `kubectl get nodes` or `kubectl get pods --all-namespaces` on kubernetes master.