Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Document and announce migration guide for Dockershim #104878

Closed
dims opened this issue Sep 9, 2021 · 32 comments
Closed

Document and announce migration guide for Dockershim #104878

dims opened this issue Sep 9, 2021 · 32 comments
Assignees
@PranshuSrivastava @Debanitrkl
Labels
kind/feature Categorizes issue or PR as related to a new feature. priority/important-soon Must be staffed and worked on either currently, or very soon, ideally in time for the next release. sig/docs Categorizes an issue or PR as relevant to SIG Docs. sig/node Categorizes an issue or PR as relevant to SIG Node. triage/accepted Indicates an issue or PR is ready to be actively worked on.
Projects
Docs - Dockershim Removal

Comments

@dims
Copy link
Member

dims commented Sep 9, 2021

In the KEP-2221: Removing dockershim from kubelet KEP:
https://github.com/kubernetes/enhancements/blob/master/keps/sig-node/2221-remove-dockershim/README.md

we have a line item that says:

  • Document and announce migration guide

We need to have this ready by 1.24, so we should start earlier in 1.23 itself.

There are a bunch of things we can draw inspiration from:

and we have some info already in our docs:

cc @SergeyKanzhelev @endocrimes @adisky @ehashman
@dims dims added the kind/feature Categorizes issue or PR as related to a new feature. label Sep 9, 2021
@k8s-ci-robot k8s-ci-robot added needs-sig Indicates an issue or PR lacks a `sig/foo` label and requires one. needs-triage Indicates an issue or PR lacks a `triage/foo` label and requires one. labels Sep 9, 2021
@dims
Copy link
Member Author

dims commented Sep 9, 2021

/sig node
/sig docs

@k8s-ci-robot k8s-ci-robot added sig/node Categorizes an issue or PR as relevant to SIG Node. sig/docs Categorizes an issue or PR as relevant to SIG Docs. and removed needs-sig Indicates an issue or PR lacks a `sig/foo` label and requires one. labels Sep 9, 2021
@Debanitrkl
Copy link
Member

I can work on this
/assign

@SergeyKanzhelev
Copy link
Member

Yes, this was created as a starting point: https://kubernetes.io/docs/tasks/administer-cluster/migrating-from-dockershim/

Step by step migration is different depending on where k8s is run. One specific issue tracking this: kubernetes/website#25879

also another clarification is needed here: kubernetes/website#28449

@SergeyKanzhelev
Copy link
Member

Filed another one: kubernetes/website#29665

@SergeyKanzhelev
Copy link
Member

KEP xref: kubernetes/enhancements#2221 for tracking

@PranshuSrivastava
Copy link

Hey, can I also work on this?

@PranshuSrivastava
Copy link

/assign

@Debanitrkl
Copy link
Member

Debanitrkl commented Sep 15, 2021
edited
Loading

Started this https://hackmd.io/@XzECIhDGRqCtGVrLiJFzxQ/rkyZS_JQF for the documentation, will be updating here

@SergeyKanzhelev
Copy link
Member

@Debanitrkl if you want to take an individual item like kubernetes/website#25879 - it is very straightforward to write. Issue points to a similar document, need to explain how to drain node, stop kubelet, change config, start kubelet back. Only missing step comparing to the linked document is how to change configuration.

@Debanitrkl
Copy link
Member

Okay alright, will begin with that issue

@PranshuSrivastava
Copy link

Started this https://hackmd.io/@XzECIhDGRqCtGVrLiJFzxQ/rkyZS_JQF for the documentation, will be updating here

I will also be adding to this file.

@adisky
Copy link
Contributor

adisky commented Sep 21, 2021
edited
Loading

Consolidating all the issues

kubernetes/website#25879 : Create a doc to explain how to change the runtime (mostly moving away from dockershim)
helpful docs:

kubernetes/website#29665: Dockershim deprecation: Private registries support with Containerd
helpful doc:

kubernetes/website#28449: Deprecation of the Docker container runtime should be clear in /docs/setup/production-environment/container-runtimes/
(This one is easy fix, only to add a deprecation warning)

@adisky
Copy link
Contributor

adisky commented Oct 5, 2021

We also need to update the guide for running local-up-cluster.sh to use CRI runtimes rather than docker https://github.com/kubernetes/community/blob/master/contributors/devel/running-locally.md

This was referenced Oct 18, 2021
Closed
Merged
@sftim
Copy link
Contributor

sftim commented Nov 20, 2021

/triage accepted
for SIG Docs

@k8s-ci-robot k8s-ci-robot added triage/accepted Indicates an issue or PR is ready to be actively worked on. and removed needs-triage Indicates an issue or PR lacks a `triage/foo` label and requires one. labels Nov 20, 2021
@neolit123 neolit123 mentioned this issue Nov 23, 2021
Closed
@celestehorgan celestehorgan moved this from To Do to TBD - Pre 1.24 in Docs - Dockershim Removal Dec 6, 2021
@sftim
Copy link
Contributor

sftim commented Dec 8, 2021

Triaging for SIG Docs
/priority important-soon

@k8s-ci-robot k8s-ci-robot added the priority/important-soon Must be staffed and worked on either currently, or very soon, ideally in time for the next release. label Dec 8, 2021
@sftim
Copy link
Contributor

sftim commented Dec 8, 2021

#97252 is the actual code change BTW

This was referenced Dec 9, 2021
Closed
Closed
Closed
Closed
Merged
@shannonxtreme
Copy link

Since this issue is focused on the basic migration guide, let's discuss the structure. @SergeyKanzhelev @sftim please feel free to correct or add to this.

Migrate from Docker to containerd

  • Overview of the page, who it applies to (people using Docker in Kubernetes who are upgrading to 1.24+), and why containerd. Mention slight differences for other preferred runtimes and to see their install instructions for help with those.

Before you begin

  • Standard before you begin and version check
  • kubeadm (is this required? What are the alternatives?)

Find your container runtime

Check for Docker dependencies

Use the systemd cgroup driver

Migrate worker nodes to containerd

For each worker node using Docker, do the following:

  1. Cordon
  2. Drain
  3. Uninstall Docker
  4. Install containerd
  5. Change kubeadm flags to point to the new endpoint and systemd
  6. Start the kubelet
  7. Describe the node
  8. Uncordon the node

Repeat for every worker node. Then find the container runtime again to verify it's migrated.

Migrate control plane nodes to containerd

Warn about kubelet and control plane unavailability if control plane is a single node.

Steps are same as worker nodes. Tips for troubleshooting:

  • Use journalctl and crictl to follow logs
  • Reset the node after draining it

What's next

@shannonxtreme
Copy link

I'm happy to take this on and draft a page up for review, using Sergey's existing page as a base :)

@Debanitrkl
Copy link
Member

@shannonxtreme I'm working on this kubernetes/website#30141 here see if you could help out

@mrbobbytables
Copy link
Member

@shannonxtreme @Debanitrkl

  • Cordon
  • Drain
  • Uninstall Docker
  • Install containerd
  • Change kubeadm flags to point to the new endpoint and systemd
  • Start the kubelet
  • Describe the node
  • Uncordon the node

One optional step to potentially include might be the export of images from docker to import into containerd. It doesn't necessarily have to be a step, but a callout or FYI for folk to automate if they don't want to potentially retrigger downloading images again (there are sadly a fair amount of people with 10GB+ images 😬 ). It could even be a 1 liner that pipes from docker save to ctr -n=k8s.io images import

@sftim sftim mentioned this issue Dec 15, 2021
Closed
@afbjorklund
Copy link

It could even be a 1 liner that pipes from docker save to ctr -n=k8s.io images import

Too bad that crictl doesn't handle "load", but I suppose it's docker push and crictl pull

@afbjorklund
Copy link

Add guide for installing crictl

https://kubernetes.io/docs/tasks/debug-application-cluster/crictl/

@sftim
Copy link
Contributor

sftim commented Jan 8, 2022

callout or FYI for folk to automate if they don't want to potentially retrigger downloading images again (there are sadly a fair amount of people with 10GB+ images grimacing )

MVP: point out that it's something to consider

@endocrimes
Copy link
Member

There's also https://github.com/containerd/nerdctl#whale-nerdctl-load - (and nerdctl in general) for helping folks through the transition.

@afbjorklund
Copy link

afbjorklund commented Jan 9, 2022
edited
Loading

There's also https://github.com/containerd/nerdctl#whale-nerdctl-load - (and nerdctl in general) for helping folks through the transition.

And there is as well sudo podman load, if deciding to replace docker with cri-o instead of replacing docker with containerd.

https://docs.podman.io/en/latest/markdown/podman-load.1.html

@afbjorklund

This comment was marked as off-topic.

Sign in to view
@sftim
Copy link
Contributor

sftim commented Feb 4, 2022

@afbjorklund I recommend shifting this kind of discussion into issue 106917 - https://github.com/kubernetes/kubernetes/issues/106917

I'd like to treat this issue is a parent / umbrella issue for work we've already accepted.

@afbjorklund
Copy link

Missed that it was only about containerd, sorry

@nate-double-u
Copy link

/milestone 1.24

@k8s-ci-robot
Copy link
Contributor

@nate-double-u: The provided milestone is not valid for this repository. Milestones in this repository: [next-candidate, v1.16, v1.17, v1.18, v1.19, v1.20, v1.21, v1.22, v1.23, v1.24, v1.25, v1.26]

Use /milestone clear to clear the milestone.

In response to this:

/milestone 1.24

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@chrisnegus
Copy link

The PRs associated with the issue represent a lot of good work. They seem to all be merged or closed at this point. I'm going to close this Issue now. However, please feel free to reopen or, better yet, open a new issue if we have missed any work still needing to be done on this topic.
/close

@k8s-ci-robot
Copy link
Contributor

@chrisnegus: Closing this issue.

In response to this:

The PRs associated with the issue represent a lot of good work. They seem to all be merged or closed at this point. I'm going to close this Issue now. However, please feel free to reopen or, better yet, open a new issue if we have missed any work still needing to be done on this topic.
/close

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

Docs - Dockershim Removal automation moved this from PRs in Flight (Needs Review) to Done Apr 15, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@PranshuSrivastava PranshuSrivastava

@Debanitrkl Debanitrkl

Labels
kind/feature Categorizes issue or PR as related to a new feature. priority/important-soon Must be staffed and worked on either currently, or very soon, ideally in time for the next release. sig/docs Categorizes an issue or PR as relevant to SIG Docs. sig/node Categorizes an issue or PR as relevant to SIG Node. triage/accepted Indicates an issue or PR is ready to be actively worked on.
Projects
Docs - Dockershim Removal
Done
Milestone
No milestone
Development

No branches or pull requests