Configure isulad
Configure the pod-sandbox-image
in /etc/isulad/daemon.json
:
"pod-sandbox-image": "my-pause:1.0.0"
Configure the endpoint
of isulad
:
"hosts": [
"unix:///var/run/isulad.sock"
]
if hosts
is not configured, the default endpoint is unix:///var/run/isulad.sock
.
Restart isulad
:
$ sudo systemctl restart isulad
Start kubelet
based on the configuration or default value:
$ /usr/bin/kubelet
--container-runtime-endpoint=unix:///var/run/isulad.sock
--image-service-endpoint=unix:///var/run/isulad.sock
--pod-infra-container-image=my-pause:1.0.0
--container-runtime=remote
...
RuntimeClass is a feature for selecting the container runtime configuration. The container runtime configuration is used to run a Pod's containers. For more information, please refer to runtime-class. Currently isulad
only supports kata-containers
and runc
.
Configure isulad
in /etc/isulad/daemon.json
:
"runtimes": {
"kata-runtime": {
"path": "/usr/bin/kata-runtime",
"runtime-args": [
"--kata-config",
"/usr/share/defaults/kata-containers/configuration.toml"
]
}
}
Extra configuration
iSulad
supports the overlay2
and devicemapper
as storage drivers. The default value is overlay2
.
In some scenarios, using block device type as storage drivers is a better choice, such as run a kata-containers
. The procedure for configuring the devicemapper
is as follows:
First, create ThinPool:
$ sudo pvcreate /dev/sdb1 # /dev/sdb1 for example
$ sudo vgcreate isulad /dev/sdb
$ sudo echo y | lvcreate --wipesignatures y -n thinpool isulad -L 200G
$ sudo echo y | lvcreate --wipesignatures y -n thinpoolmeta isulad -L 20G
$ sudo lvconvert -y --zero n -c 512K --thinpool isulad/thinpool --poolmetadata isulad/thinpoolmeta
$ sudo lvchange --metadataprofile isulad-thinpool isulad/thinpool
Then,add configuration for devicemapper
in /etc/isulad/daemon.json
:
"storage-driver": "devicemapper"
"storage-opts": [
"dm.thinpooldev=/dev/mapper/isulad-thinpool",
"dm.fs=ext4",
"dm.min_free_space=10%"
]
Restart isulad
:
$ sudo systemctl restart isulad
Create kata-runtime.yaml
. For example:
apiVersion: node.k8s.io/v1beta1
kind: RuntimeClass
metadata:
name: kata-runtime
handler: kata-runtime
Execute kubectl apply -f kata-runtime.yaml
Create pod spec kata-pod.yaml
. For example:
apiVersion: v1
kind: Pod
metadata:
name: kata-pod-example
spec:
runtimeClassName: kata-runtime
containers:
- name: kata-pod
image: busybox:latest
command: ["/bin/sh"]
args: ["-c", "sleep 1000"]
Run pod:
$ kubectl create -f kata-pod.yaml
$ kubectl get pod
NAME READY STATUS RESTARTS AGE
kata-pod-example 1/1 Running 4 2s
iSulad realize the CRI interface to connect to the CNI network, parse the CNI network configuration files, join or exit CNI network. In this section, we call CRI interface to start pod to verify the CNI network configuration for simplicity.
Configure isulad
in /etc/isulad/daemon.json
:
"network-plugin": "cni",
"cni-bin-dir": "/opt/cni/bin",
"cni-conf-dir": "/etc/cni/net.d",
Prepare CNI network plugins:
Compile and genetate the CNI plugin binaries, and copy binaries to the directory /opt/cni/bin
.
$ git clone https://github.com/containernetworking/plugins.git
$ cd plugins && ./build_linux.sh
$ cd ./bin && ls
bandwidth bridge dhcp firewall flannel ...
Prepare CNI network configuration:
The conf file suffix can be .conflist
or .conf
, the difference is whether it contains multiple plugins. For example, we create 10-mynet.conflist
file under directory /etc/cni/net.d/
, the content is as follows:
{
"cniVersion": "0.3.1",
"name": "default",
"plugins": [
{
"name": "default",
"type": "ptp",
"ipMasq": true,
"ipam": {
"type": "host-local",
"subnet": "10.1.0.0/16",
"routes": [
{
"dst": "0.0.0.0/0"
}
]
}
},
{
"type": "portmap",
"capabilities": {
"portMappings": true
}
}
]
}
Configure sandbox-config.json :
{
"port_mappings":[{"protocol": 1, "container_port": 80, "host_port": 8080}],
"metadata": {
"name": "test",
"namespace": "default",
"attempt": 1,
"uid": "hdishd83djaidwnduwk28bcsb"
},
"labels": {
"filter_label_key": "filter_label_val"
},
"linux": {
}
}
Restart isulad
and start Pod:
$ sudo systemctl restart isulad
$ sudo crictl -i unix:///var/run/isulad.sock -r unix:///var/run/isulad.sock runp sandbox-config.json
View pod network informations:
$ sudo crictl -i unix:///var/run/isulad.sock -r unix:///var/run/isulad.sock inspectp <pod-id>
此处可能存在不合适展示的内容,页面不予展示。您可通过相关编辑功能自查并修改。
如您确认内容无涉及 不当用语 / 纯广告导流 / 暴力 / 低俗色情 / 侵权 / 盗版 / 虚假 / 无价值内容或违法国家有关法律法规的内容,可点击提交进行申诉,我们将尽快为您处理。