docker -> containerd 이관

#Worker Node 진행 kubeadm 1.24 설치

sudo apt-get install -y kubeadm=1.24.xx-00

#Master에서 진행 업그레이드할 워커노드 drain

kubectl drain {node-name}  --ignore-daemonsets --delete-emptydir-data

#Worker Node 진행  kubectl, kubelet 1.24 설치

sudo apt-get install kubectl=1.24.xx-00 kubelet=1.24.xx-00 -y

#Worker Node 진행 kubelet 중지, 도커 제거, containerd 설치

sudo systemctl stop kubelet
sudo systemctl disable docker.service --now
sudo apt-get purge docker-ce docker-ce-cli
sudo apt-get install -y containerd
sudo mkdir -p /etc/containerd
containerd config default | sudo tee /etc/containerd/config.toml

#containerd config 수정

sudo vi /etc/containerd/config.toml

아래 내용 추가

#이미지 pull할때 http: server gave HTTP response to HTTPS client 발생하는 경우
   [plugins."io.containerd.grpc.v1.cri".registry.configs."{ip}:{port}".tls] 
        ca_file = ""
        cert_file = "" 
        insecure_skip_verify = true 
        key_file = ""
    [plugins."io.containerd.grpc.v1.cri".registry.mirrors."{ip}:{port}"] 
        endpoint = ["http://{ip}:{port}"] 
    
#해당 옵션 없으면 pod가 계속 재시작됨
#systemd를 cgroup driver로 사용
    [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc.options]
        SystemdCgroup = true

 

#containerd 시작

sudo systemctl enable containerd
sudo systemctl restart containerd
sudo sed -i 's/--network-plugin=cni/--container-runtime=remote\ --container-runtime-endpoint=unix\:\/\/\/run\/containerd\/containerd.sock/g' /var/lib/kubelet/kubeadm-flags.env

#Master에서 진행 drain시킨 node edit

sudo kubectl edit no {node-name}
"kubeadhttp://m.alpha.kubernetes.io/cri-socket"
/var/run/dockershim.sock => unix:///run/containerd/containerd.sock

#Worker Node 진행 kubelet 재시작

sudo systemctl daemon-reload
sudo systemctl restart kubelet

#Master에서 진행 drain 시키 워커노드 활성

kubectl uncordon {node-name}