Zenn
👻

K3sのコンテナランタイムをDockerに変更する

2022/05/31に公開1
Docker
Kubernetes
k3s
tech

はじめに

K3sはコンテナランタイムとしてcontainerdを使っている。KubernetesのコンテナランタイムとしてのDockerは非推奨(正確にはdockershimが非推奨)となるようだが、とはいえDockerコマンドが同一サーバー上で使えなくなると困る場面も多いのではないか。

K3sはコンテナランタイムにdockerを指定することも可能で、公式ドキュメントにもコンテナランタイム変更方法の記載がある。だが記載の通りに試しても正常に起動しなかった。
https://rancher.com/docs/k3s/latest/en/advanced/#using-docker-as-the-container-runtime

検証環境
Ubuntu 22.04
Docker 20.10.16
K3s 1.23.6+k3s1

コンテナランタイムのみ変更した場合

公式ドキュメントの手順でコンテナランタイムをDockerに指定しK3s環境の構築を試してみる。

$ curl -sfL https://get.k3s.io | sh -s - --docker
[INFO]  Finding release for channel stable
[INFO]  Using v1.23.6+k3s1 as release
[INFO]  Downloading hash https://github.com/k3s-io/k3s/releases/download/v1.23.6+k3s1/sha256sum-amd64.txt
[INFO]  Downloading binary https://github.com/k3s-io/k3s/releases/download/v1.23.6+k3s1/k3s
[INFO]  Verifying binary download
[INFO]  Installing k3s to /usr/local/bin/k3s
[INFO]  Skipping installation of SELinux RPM
[INFO]  Creating /usr/local/bin/kubectl symlink to k3s
[INFO]  Creating /usr/local/bin/crictl symlink to k3s
[INFO]  Skipping /usr/local/bin/ctr symlink to k3s, command exists in PATH at /usr/bin/ctr
[INFO]  Creating killall script /usr/local/bin/k3s-killall.sh
[INFO]  Creating uninstall script /usr/local/bin/k3s-uninstall.sh
[INFO]  env: Creating environment file /etc/systemd/system/k3s.service.env
[INFO]  systemd: Creating service file /etc/systemd/system/k3s.service
[INFO]  systemd: Enabling k3s unit
Created symlink /etc/systemd/system/multi-user.target.wants/k3s.service → /etc/systemd/system/k3s.service.
[INFO]  systemd: Starting k3s
Job for k3s.service failed because the control process exited with error code.
See "systemctl status k3s.service" and "journalctl -xeu k3s.service" for details.

k3s.serviceの起動に失敗している。ログを確認する。

$ sudo journalctl -xeu k3s.service
...snip...
May 30 00:40:00 ubuntu-jammy k3s[9704]: E0531 00:42:09.115439    9704 server.go:298] "Failed to run kubelet" err="failed to run Kubelet: misconfiguration: kubelet cgroup driver: \"cgroupfs\" is different from docker cgroup driver: \"systemd\""
May 30 00:40:00 ubuntu-jammy systemd[1]: k3s.service: Main process exited, code=exited, status=1/FAILURE

Cgroupドライバにミスマッチが発生している様子。
kubeletはcgroupfsをドライバに設定しているが、Dockerはsystemdをドライバに設定しており、これが原因でサービス起動に失敗しているようだ。

コンテナランタイムとCgroupドライバを変更

コンテナランタイムにあわせて、CgroupドライバもDockerにあわせるよう手順を変更する。

$ curl -sfL https://get.k3s.io | sh -s - --docker --kubelet-arg 'cgroup-driver=systemd'
[INFO]  Finding release for channel stable
[INFO]  Using v1.23.6+k3s1 as release
[INFO]  Downloading hash https://github.com/k3s-io/k3s/releases/download/v1.23.6+k3s1/sha256sum-amd64.txt
[INFO]  Skipping binary downloaded, installed k3s matches hash
[INFO]  Skipping installation of SELinux RPM
[INFO]  Skipping /usr/local/bin/kubectl symlink to k3s, already exists
[INFO]  Skipping /usr/local/bin/crictl symlink to k3s, already exists
[INFO]  Skipping /usr/local/bin/ctr symlink to k3s, command exists in PATH at /usr/bin/ctr
[INFO]  Creating killall script /usr/local/bin/k3s-killall.sh
[INFO]  Creating uninstall script /usr/local/bin/k3s-uninstall.sh
[INFO]  env: Creating environment file /etc/systemd/system/k3s.service.env
[INFO]  systemd: Creating service file /etc/systemd/system/k3s.service
[INFO]  systemd: Enabling k3s unit
Created symlink /etc/systemd/system/multi-user.target.wants/k3s.service → /etc/systemd/system/k3s.service.
[INFO]  systemd: Starting k3s

今度は無事にエラーログなくk3sサービス起動が完了している。

$ systemctl status k3s.service
● k3s.service - Lightweight Kubernetes
     Loaded: loaded (/etc/systemd/system/k3s.service; enabled; vendor preset: enabled)
     Active: active (running) since Tue 2022-05-31 00:45:00 UTC; 1min 1s ago
       Docs: https://k3s.io
    Process: 15925 ExecStartPre=/bin/sh -xc ! /usr/bin/systemctl is-enabled --quiet nm-cloud-setup.service (code=exited, status=0/SUCCESS)
    Process: 15927 ExecStartPre=/sbin/modprobe br_netfilter (code=exited, status=0/SUCCESS)
    Process: 15928 ExecStartPre=/sbin/modprobe overlay (code=exited, status=0/SUCCESS)
   Main PID: 15929 (k3s-server)
      Tasks: 31
     Memory: 422.9M
        CPU: 30.547s
     CGroup: /system.slice/k3s.service
             └─15929 "/usr/local/bin/k3s server" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" ""

$ kubectl cluster-info
Kubernetes control plane is running at https://127.0.0.1:6443
CoreDNS is running at https://127.0.0.1:6443/api/v1/namespaces/kube-system/services/kube-dns:dns/proxy
Metrics-server is running at https://127.0.0.1:6443/api/v1/namespaces/kube-system/services/https:metrics-server:https/proxy

To further debug and diagnose cluster problems, use 'kubectl cluster-info dump'.

Discussion

hacchthaccht

いま2022/12/06時点で公式ドキュメント通りにインストールしたら無事にK3s入りますね。よかった。

$ curl -sfL https://get.k3s.io | sh -s - --docker
[INFO]  Finding release for channel stable
[INFO]  Using v1.25.4+k3s1 as release
[INFO]  Downloading hash https://github.com/k3s-io/k3s/releases/download/v1.25.4+k3s1/sha256sum-amd64.txt
[INFO]  Downloading binary https://github.com/k3s-io/k3s/releases/download/v1.25.4+k3s1/k3s
[INFO]  Verifying binary download
[INFO]  Installing k3s to /usr/local/bin/k3s
[INFO]  Skipping installation of SELinux RPM
[INFO]  Creating /usr/local/bin/kubectl symlink to k3s
[INFO]  Creating /usr/local/bin/crictl symlink to k3s
[INFO]  Skipping /usr/local/bin/ctr symlink to k3s, command exists in PATH at /usr/bin/ctr
[INFO]  Creating killall script /usr/local/bin/k3s-killall.sh
[INFO]  Creating uninstall script /usr/local/bin/k3s-uninstall.sh
[INFO]  env: Creating environment file /etc/systemd/system/k3s.service.env
[INFO]  systemd: Creating service file /etc/systemd/system/k3s.service
[INFO]  systemd: Enabling k3s unit
Created symlink /etc/systemd/system/multi-user.target.wants/k3s.service → /etc/systemd/system/k3s.service.
[INFO]  systemd: Starting k3s