I took Kubernetes 1.24 for a spin that has dockershim removed. I wished to install it on Debian 11 using kubeadm and here are the issue that I had to tackle to get it working.
Disable swap
If it’s a fresh install of Debian, during installation disable the swap partition completely. Even with a swap partition disabled system still creates a swap file. Use the following command to disable it completely.
$ {
sudo sed -i '/swap/d' /etc/fstab
sudo swapoff -a
}
Enable overlay and br_netfilter kernel module
overlay module supports filesystem overlay as required for OCI / docker image. br_netfilter is for virtual networking.
$ cat <<EOF | sudo tee /etc/modules-load.d/k8s.conf
overlay
br_netfilter
EOF
$ cat <<EOF | sudo tee /etc/sysctl.d/k8s.conf
net.ipv4.ip_forward = 1
net.netfilter.nf_conntrack_max = 524288
EOF
Once the above changes are applied restart the system or run the below command to reload sysctl params without reboot
$ sudo sysctl --system
Install containerd runtime
Installation of containerd runtime is fairly straightforward. Expect that its defaults are geared towards Docker rather than Kubernetes. It took some time for me to figure it out.
$ sudo apt install apt-transport-https ca-certificates curl gnupg lsb-release -y
$ curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
$ echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"| sudo tee /etc/apt/sources.list.d/docker.list >/dev/null
$ sudo apt-get update && sudo apt-get install containerd.io=1.6.4-1 -y
Once installed check if containerd is running
$ systemctl is-enabled containerd
$ systemctl status containerd
As containerd is going to be used as Kubernetes runtime default configs doesn’t work out of the box. Delete and re-create the configs and once created let containerd know that it’s running under the systemd system.
$ rm -rf /etc/containerd/config.toml
$ containerd config default | sudo tee /etc/containerd/config.toml
Find the following section [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc.options] And set the value of SystemdCgroup to true in the newley generated config.toml file or run below command which does the same.
$ sed -i 's/SystemdCgroup = false/SystemdCgroup = true/' /etc/containerd/config.toml
Install kubeadm, kubelet and kubectl
Steps are directly from Kubernetes docs
$ sudo curl -fsSLo /usr/share/keyrings/kubernetes-archive-keyring.gpg https://packages.cloud.google.com/apt/doc/apt-key.gpg
$ echo "deb [signed-by=/usr/share/keyrings/kubernetes-archive-keyring.gpg] https://apt.kubernetes.io/ kubernetes-xenial main"| sudo tee /etc/apt/sources.list.d/kubernetes.list
$ sudo apt-get update && sudo apt-get install kubelet=1.24.0-00 kubeadm=1.24.0-00 kubectl=1.24.0-00 -y
$ sudo apt-mark hold kubelet kubeadm kubectl
Follow Kubernetes docs from here on to initialise the cluster, add the CNI plugin and join the worker nodes.