Bootstraping kubernetes with containerd

I am using ubuntu 16.04 to build the kubernetes cluster with the following information:

  • zu-k8s-containerd-master
  • zu-k8s-containerd-worker

The first thing is add name resolution

sudo nano /etc/hosts zu-k8s-containerd-master zu-k8s-containerd-worker

Install containerd

apt-get update && apt-get install -y apt-transport-https ca-certificates curl software-properties-common
curl -fsSL | apt-key add -

add-apt-repository \
    "deb [arch=amd64] \
    $(lsb_release -cs) \

apt-get update && apt-get install -y

mkdir -p /etc/containerd
containerd config default > /etc/containerd/config.toml

edit some network linux configuration

modprobe br_netfilter
cat <<EOF >>  /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
sysctl --system

nano /etc/sysctl.conf
net.ipv4.ip_forward = 1
sudo sysctl -p

restart containerd

systemctl restart containerd

Install kubernetes

sudo apt install -y apt-transport-https; curl -s | sudo apt-key add -

cat << EOF > /etc/apt/sources.list.d/kubernetes.list
deb kubernetes-xenial main

sudo apt update; sudo apt install -y kubectl kubelet kubeadm
apt-mark hold kubelet kubeadm kubectl

Modify kubelet to use containerd

cat <<EOF > /etc/systemd/system/kubelet.service.d/0-containerd.conf
Environment="KUBELET_EXTRA_ARGS=--container-runtime=remote --runtime-request-timeout=15m --container-runtime-endpoint=unix:///run/containerd/containerd.sock"

systemctl daemon-reload
systemctl restart kubelet

Bootstraping kubernetes on master

swapon -s
sudo swapoff -a
sudo kubeadm init --pod-network-cidr=

create config directory for kubectl

mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config

install CNI, the example is flannel

kubectl apply -f kube-flannel.yml
kubectl get pods --all-namespaces --watch

Join worker, this script is generated with kubeadm init

swapon -s
sudo swapoff -a
kubeadm join --token j2pap8.t0cji20hoygrw6hr \
    --discovery-token-ca-cert-hash sha256:2b34395e2f7b4a997572332aa77a07609dcf9dd7f12460605e4f7497c72565d1

Comments are closed.