# Kubernetes, Docker, and containerd Installation - [Prerequisites](#prerequisites) - [Set Up Kernel Modules and Kernel Settings](#set-up-kernel-modules-and-kernel-settings) - [Install, Configure, and Run Docker](#install-configure-and-run-docker) - [Install, Configure and Run Containerd](#install-configure-and-run-containerd) - [Install Kubernetes Components](#install-kubernetes-components) ## Prerequisites Kubernetes is known to not work well with Linux swapping; as a result, swapping should be turned off. Before installing Kubernetes, do the following: 1. Disable swapping on all devices: ```bash swapoff -a ``` 2. If swapoff doesn't completely turn off the swapping after a reboot. Remove the following package: ```bash dnf remove zram-generator-defaults ``` 3. Check if swapping is off: ```bash swapon --show ``` 4. Verify that no zram device is listed: ```bash lsblk ``` 5. Remove any swap-specific entries from `/etc/fstab`. ## Set Up Kernel Modules and Kernel Settings 1. Load the following kernel modules and add them to `modules-load` so they get automatically loaded during the reboot: ```bash modprobe overlay modprobe br_netfilter cat <", "httpsProxy": "", "noProxy": "localhost,127.0.0.1" } } } ``` 6. Start the Docker daemon: ```bash systemctl start docker ``` 7. Create a local registry and verify that it is running. Note that this requires Docker login credentials to set up an authentication token on a local node. ```bash docker login ``` ```text Authenticating with existing credentials... WARNING! Your password will be stored unencrypted in /root/.docker/config.json. Configure a credential helper to remove this warning. See https://docs.docker.com/engine/reference/commandline/login/#credentials-store Login Succeeded ``` ```bash docker run -d -p 5000:5000 --restart=always --name registry registry:2 docker ps ``` ```text CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 99d9b2ede2ea registry:2 "/entrypoint.sh /etc…" 36 seconds ago Up 35 seconds 0.0.0.0:5000->5000/tcp registry ``` ## Install, Configure, and Run Containerd 1. Create `/etc/crictl.yaml` with following contents: ```bash cat /etc/crictl.yaml ``` ```text runtime-endpoint: unix:///run/containerd/containerd.sock image-endpoint: unix:///run/containerd/containerd.sock timeout: 10 debug: true ``` 2. Enable containerd services and configure default settings and proxies: ```bash systemctl enable containerd.service mkdir -p /etc/containerd containerd config default | tee /etc/containerd/config.toml ``` 3. In the `/etc/containerd/config.toml` file, under `[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc.options]`, set `SystemCgroup` to `true`. The file would look as below: ```toml ... [plugins."io.containerd.grpc.v1.cri".containerd.runtimes] [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc] runtime_type = "io.containerd.runc.v2" runtime_engine = "" runtime_root = "" privileged_without_host_devices = false base_runtime_spec = "" [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc.options] SystemdCgroup = true ... ``` 4. Create the following directory: ```bash mkdir -p /usr/lib/systemd/system/containerd.service.d ``` 5. Create a proxy file as shown below. In this example, the pod network is 10.244.0.0/16, service network is 10.96.0.0/16, and API server, local API endpoint, control plane endpoint is 192.168.110.5. ```bash cat /usr/lib/systemd/system/containerd.service.d/proxy.conf ``` ```text [Service] Environment="HTTP_PROXY=" Environment="HTTPS_PROXY=" Environment="NO_PROXY=localhost,127.0.0.1,::1,10.244.0.0/16,10.96.0.0/16,192.168.0.0/16," ``` 6. Configure the following environment variables for proxy settings for containerd. Include the host IP address, pod subnet, and service subnet in the `no_proxy` setting. ```bash export no_proxy=127.0.0.1,localhost,192.168.0.0/16,,, export https_proxy= export http_proxy= ``` 7. Start the containerd services: ```bash systemctl start containerd.service ``` 8. Check the status. It should show it running as below: ```bash systemctl status containerd.service ``` ```text containerd.service - containerd container runtime Loaded: loaded (/usr/lib/systemd/system/containerd.service; enabled; vendor preset: disabled) Drop-In: /usr/lib/systemd/system/containerd.service.d └─proxy.conf Active: active (running) since Thu 2022-07-14 13:29:25 IST; 9min ago Docs: https://containerd.io Process: 100768 ExecStartPre=/sbin/modprobe overlay (code=exited, status=0/SUCCESS) Main PID: 100769 (containerd) Tasks: 37 Memory: 19.8M CPU: 663ms CGroup: /system.slice/containerd.service └─100769 /usr/bin/containerd <...> level=info msg="Start subscribing containerd event" <...> level=info msg="Start recovering state" <...> level=info msg=serving... address=/run/containerd/container> <...> level=info msg=serving... address=/run/containerd/container> <...> level=info msg="containerd successfully booted in 0.039112s" <...> systemd[1]: Started containerd container runtime. <...> level=info msg="Start event monitor" <...> level=info msg="Start snapshots syncer" <...> level=info msg="Start cni network conf syncer" <...> level=info msg="Start streaming server" ``` ## Install Kubernetes Components 1. Set up the Kubernetes repo manager. Please follow the link[Install K8S](https://kubernetes.io/docs/tasks/tools/install-kubectl-linux/#install-using-native-package-management) Below is just a sample example to install version 1.25. ```bash cat <