Migrate from Docker to containerd in Kubernetes

In my previous post I had walked you through on how to setup a 3 node Kubernetes cluster.

In this post I will tell you on how to change the container runtime from docker to containerd.

Kubernetes is deprecating Docker as a container runtime after v1.20. The dockershim/Docker, the layer between Kubernetes and containerd is deprecated and will be removed from version 1.22+. 

So if you are running docker you need to change to a supported container runtime interface (CRI). containerd is a good choice, it is already running on your Kubernetes node if you are running Docker. 

An extra advantage is, less overhead and there is no docker-shim and Docker translation layers.

 

Will change one node at a time, first the worker nodes then our control node...picking k8-worder2 node to switch

  1. Cordon and Drain node (from k8-master node execute below commands...) 
kubectl cordon k8s-worker2
kubectl drain k8s-worker2 --ignore-daemonsets
  1. Stop services (this is to be done on k8-worker2 node) 
systemctl stop kubelet
systemctl stop docker
  1. Remove docker (optional) (on k8-worker2 node) 
yum remove docker-ce docker-ce-cli
  1. Generate default config --> /etc/containerd/config.toml (on k8-worker2 node) 
sudo mkdir -p /etc/containerd
containerd config default | sudo tee /etc/containerd/config.toml
To use the systemd cgroup driver in /etc/containerd/config.toml with runc, set
[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc]
  ...
  [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc.options]
    SystemdCgroup = true
  1. Restart containerd (on k8-worker2 node)
systemctl restart containerd
  1. Edit the file /var/lib/kubelet/kubeadm-flags.env and add the containerd runtime to the flags (on k8-worker2 node). 
--container-runtime=remote and --container-runtime-endpoint=unix:///run/containerd/containerd.sock"
  1. Start kubelet and Uncordon node (on k8-worker2 node) 
systemctl start kubelet
kubectl uncordon k8s-worker2
  1. Check by running
kubectl get nodes -o wide

If all went fine , you should end up with...

 
NAME STATUS ROLES AGE VERSION INTERNAL-IP KERNEL-VERSION CONTAINER-RUNTIME
k8s-master Ready control-plane,master 94d v1.20.2 192.168.1.104 4.18.0-240.22.1.el8_3.x86_64 docker://20.10.5
k8s-worker1 Ready
94d v1.20.2 192.168.1.105 4.18.0-240.22.1.el8_3.x86_64 docker://20.10.5
k8s-worker2 Ready
94d v1.20.2 192.168.1.106 4.18.0-240.22.1.el8_3.x86_64 containerd://1.4.4
 
In the next post I will walk you through on how to change the container runtime from docker to..
  1. cri-o 
By at