search

oomichi / try-kubernetes

11 stars 5 forks source link

Kubespray: Failed to deploy kata-container #120

Closed oomichi closed 2 years ago

oomichi commented 2 years ago

以下のように Kata Container を指定したはずが、runc が動いているように見える。

--- a/inventory/sample/group_vars/k8s_cluster/k8s-cluster.yml
+++ b/inventory/sample/group_vars/k8s_cluster/k8s-cluster.yml
@@ -206,7 +206,7 @@ dns_domain: "{{ cluster_name }}"
 container_manager: containerd

 # Additional container runtimes
-kata_containers_enabled: false
+kata_containers_enabled: true

 kubeadm_certificate_key: "{{ lookup('password', credentials_dir + '/kubeadm_certificate_key.creds length=64 chars=hexdigits') | lower }}"
$
$ vagrant up

Linuxプロセス

root       18593       1  0 00:05 ?        00:00:00 /usr/local/bin/containerd-shim-runc-v2 -namespace k8s.io -id 12f96d49a3a436ded8f5b159c0fcf0402b8fc36917ae2ecc9dad5dfa75bca19f -address /run/containerd/containerd.sock
root       18611       1  0 00:05 ?        00:00:00 /usr/local/bin/containerd-shim-runc-v2 -namespace k8s.io -id fb7b32848bb5bb3d55fb60f8b70bf68c969f40506c3bb18c041448a2e303e2ae -address /run/containerd/containerd.sock

containerd version: 1.6.4

# containerd --version
containerd github.com/containerd/containerd v1.6.4 212e8b6fa2f44b9c21b2798135fc6fb7c53efc16
oomichi commented 2 years ago

containerdの設定ファイル

# cat /etc/containerd/config.toml
version = 2
root = "/var/lib/containerd"
state = "/run/containerd"
oom_score = 0

[grpc]
  max_recv_message_size = 16777216
  max_send_message_size = 16777216

[debug]
  level = "info"

[metrics]
  address = ""
  grpc_histogram = false

[plugins]
  [plugins."io.containerd.grpc.v1.cri"]
    sandbox_image = "k8s.gcr.io/pause:3.3"
    max_container_log_line_size = -1
    [plugins."io.containerd.grpc.v1.cri".containerd]
      default_runtime_name = "runc"
      snapshotter = "overlayfs"
      [plugins."io.containerd.grpc.v1.cri".containerd.runtimes]
        [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc]
          runtime_type = "io.containerd.runc.v2"
          runtime_engine = ""
          runtime_root = ""
          [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc.options]
            systemdCgroup = true
        [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.kata-qemu]
          runtime_type = "io.containerd.kata-qemu.v2"
    [plugins."io.containerd.grpc.v1.cri".registry]
      [plugins."io.containerd.grpc.v1.cri".registry.mirrors]
        [plugins."io.containerd.grpc.v1.cri".registry.mirrors."docker.io"]
          endpoint = ["https://registry-1.docker.io"]
oomichi commented 2 years ago

default_runtime_name を変更する必要がありそう。

- default_runtime_name = "runc"
+ default_runtime_name = "kata-qemu"

上記を指定する containerd_default_runtime という設定項目が Kubespray にある。 上記を変更したところ、Kata container が Linux プロセスとして見えるようになった。

root         863       1  0 00:52 ?        00:00:00 /opt/kata/bin/containerd-shim-kata-v2 -namespace k8s.io -address /run/containerd/containerd.sock -publish-binary /usr/local/bin/containerd -id 4e985e15ae192fa9079eab6166e2f92fb4afedc242d6fe18609db07acb4dd909
root         864       1  0 00:52 ?        00:00:00 /opt/kata/bin/containerd-shim-kata-v2 -namespace k8s.io -address /run/containerd/containerd.sock -publish-binary /usr/local/bin/containerd -id 0d1166ea5df7199619cccb377a98421cfb9d6318acd44574351220dc8d1a31db
root         876       1  0 00:52 ?        00:00:00 /opt/kata/bin/containerd-shim-kata-v2 -namespace k8s.io -address /run/containerd/containerd.sock -publish-binary /usr/local/bin/containerd -id 658348a39d720b2989dbbed51c884ff241b7fd701a6fa48c5144b70c3880828a
oomichi commented 2 years ago

上記設定項目に関する Kubespray の Doc 更新 Pull Requestを出したのでクローズ。