# Kubernetes with containerd wip. <!-- ## create virtual machine ### create qcow2 image file ```bash # qemu-img create -f qcow2 ``` ### create virtual machine ```bash # ``` --> ## Setup containerd ### Install containerd ```bash # add docker-ce repository dnf -y config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo # install containerd, cni plugins dnf -y install containerd.io ``` ### Configure containerd ```bash container_registry="192.168.100.1:5000" # enable cri plugin perl -p -i -e 's/(disabled_plugins.*)"cri"(.*)/$1$2/g' /etc/containerd/config.toml # configure cri plugin cat << EOF >> /etc/containerd/config.toml [plugins] [plugins."io.containerd.grpc.v1.cri".containerd] [plugins."io.containerd.grpc.v1.cri".containerd.runtimes] [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc] [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc.options] SystemdCgroup = true [plugins."io.containerd.grpc.v1.cri".registry] config_path = "/etc/containerd/certs.d" EOF # configure insecure registry mkdir -p /etc/containerd/certs.d/${container_registry} cat << EOF >> /etc/containerd/certs.d/${container_registry}/hosts.toml server = "http://${container_registry}" [host."http://${container_registry}"] capabilities = ["pull", "resolve", "push"] skip_verify = true EOF ``` ### Start containerd ```bash systemctl daemon-reload systemctl enable containerd systemctl start containerd ``` ### Install nerdctl instead of docker CLI ```bash nerdctl_version="1.1.0" curl -fsSL https://github.com/containerd/nerdctl/releases/download/v${nerdctl_version}/nerdctl-${nerdctl_version}-linux-amd64.tar.gz -o - | \ tar zxvf - -C /usr/local/bin nerdctl chown root:root /usr/local/bin/nerdctl chmod u+s /usr/local/bin/nerdctl ```