Installing Container Runtime Interface
You can select one of the supported container runtime interfaces for your Kubernetes cluster infrastructure. Since Kubernetes is deprecating Docker as a container runtime after v1.20, I choose
containerd
as my runtime interface and writing an Ansible role to install it. Let's do deep dive on how to install containerd
. You can find my Ansible role here.containerd expects some kernel parameters and kernel modules to be set persistently. I am handling that step in a separate playbook as below:
---
- name: Enable kernel module
lineinfile:
path: /etc/modules-load.d/containerd.conf
line: "{{ item }}"
state: present
create: true
mode: '0644'
loop:
- overlay
- br_netfilter
- name: Reload kernel modules
modprobe:
name: "{{ item }}"
state: present
loop:
- overlay
- br_netfilter
- name: Setup required sysctl params
sysctl:
name: "{{ item.name }}"
value: "{{ item.value }}"
sysctl_file: /etc/sysctl.d/99-kubernetes-cri.conf
reload: true
loop:
- { name: net.bridge.bridge-nf-call-iptables, value: 1 }
- { name: net.ipv4.ip_forward, value: 1}
- { name: net.bridge.bridge-nf-call-ip6tables, value: 1}
I am covering containerd installation on Centos 7, Ubuntu 18.04, and Ubuntu 20.04. Each operating system has its own installation requirements. I prefer to split them into different plays and include them in my
tasks/main.yml
as below:- name: Install containerd
include_tasks: "install_{{ ansible_distribution | lower }}.yaml"
So each supported operating system calls its own
yaml
file as below:CENTOS 7
Ubuntu 18.04 / 20.04
tasks/install_centos.yaml
---
- name: Install on CentOS 7
block:
- name: Install required packages
package:
name:
- yum-utils
- device-mapper-persistent-data
- lvm2
state: present
- name: Create docker-ce package repository
get_url:
url: "https://download.docker.com/linux/centos/docker-ce.repo"
dest: /etc/yum.repos.d/docker-ce.repo
owner: root
group: root
mode: '0644'
- name: Install containerd.io
package:
name: containerd.io
state: present
when: ansible_distribution_major_version | int == 7
tasks/install_ubuntu.yaml
---
- name: Install containerd on Ubuntu 18.04 / 20.04
apt:
name: containerd
update_cache: yes
when: (ansible_distribution_version.split(".") | join == "1804") or
(ansible_distribution_version.split(".") | join == "2004")
containerd version is not defined in the current version of the Ansible role. In the near future, I can add it to provide more stability but for now, I will go with the latest version always.
Once the binary is installed, we need to create the configuration file under
/etc/containerd/config.toml
. Then we will need to enable and restart the service so the new configuration can be read by the daemon. Since the configuration step is common on all operating systems, I created a single play and include it in the main play. Let's take a look at the configuration code:tasks/configure.yaml
---
- name: Create /etc/containerd
file:
path: /etc/containerd
state: directory
mode: '0755'
- name: Check if /etc/containerd/config.toml exists
stat:
path: /etc/containerd/config.toml
register: containerd_config
- name: Copy containerd configuration
shell: "containerd config default > /etc/containerd/config.toml"
args:
warn: no
tags: ['skip_ansible_lint']
when: not containerd_config.stat.exists
notify: restart containerd
- name: Enable containerd
service:
name: containerd
enabled: true
All the above steps are included in the main playbook of the role as below:
tasks/main.yml
- name: Handle prereqs
include_tasks: prereq.yaml
- name: Install containerd
include_tasks: "install_{{ ansible_distribution | lower }}.yaml"
- name: Configure containerd
include_tasks: configure.yaml
Calling this role will enable us to install containerd on supported operating systems. Now we can continue with installing kubeadm, kubelet, and kubectl.