cri-dockerd VS selfhost

$ wget https://github.com/Mirantis/cri-dockerd/releases/download/v0.3.9/cri-dockerd-0.3.9.amd64.tgz $ tar zxvf cri-dockerd-0.3.9.amd64.tgz $ cd cri-dockerd $ sudo mkdir -p /usr/local/bin $ sudo install -o root -g root -m 0755 cri-dockerd/usr/local/bin/cri-dockerd $ mkdir foo; cd foo $ git clone [email protected]:Mirantis/cri-dockerd.git $ cd cri-dockerd $ sudo install packaging/systemd/* /etc/systemd/system $ sudo sed -i -e 's,/usr/bin/cri-dockerd,/usr/local/bin/cri-dockerd,' /etc/systemd/system/cri-docker.service $ sudo systemctl daemon-reload $ sudo systemctl enable --now cri-docker.socket

I installed cri-dockerd using this documentation https://github.com/Mirantis/cri-dockerd

99% of what you just said is completely incorrect. containerd is not a facade for Docker, in fact the Docker engine is a facade for containerd. The OCI spec is also not a facade for Docker, Docker is simply one application which can create OCI compliant images which can be executed by runtimes like runc. Kubernetes has zero facades for Docker, unless you count the optional open-source cri-dockerd.

https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/create-cluster-kubeadm/ Adjust netplan for static IP Adding br_netfilter and overlay to kernel Creating /etc/modules-load.d/k8s.conf with bridging and forwarding https://kubernetes.io/docs/setup/production-environment/container-runtimes/#forwarding-ipv4-and-letting-iptables-see-bridged-traffic Installing docker components https://kubernetes.io/docs/setup/production-environment/container-runtimes/#docker Installing cri-dockerd https://github.com/Mirantis/cri-dockerd Disabling swap https://graspingtech.com/disable-swap-ubuntu/ install kubeadm kubectl kubelet https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/install-kubeadm/

Im trying to learn how to set up kubernetes cluster with kubeadm. Im using official kubernetes documentation ( maybe there is a better source?). My goal is to set it up with cri-dockerd and systemd. And to be honest its quite hard task to do it. Informations are scattered arround with links and sometimes its hard to know the order which steps should be executed. I have 2 Virtualbox machines, connected together with NAT network. A master and worker node. I performed these steps on both of them: https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/create-cluster-kubeadm/ Adjust netplan for static IP Adding br_netfilter and overlay to kernel Creating /etc/modules-load.d/k8s.conf with bridging and forwarding https://kubernetes.io/docs/setup/production-environment/container-runtimes/#forwarding-ipv4-and-letting-iptables-see-bridged-traffic Installing docker components https://kubernetes.io/docs/setup/production-environment/container-runtimes/#docker Installing cri-dockerd https://github.com/Mirantis/cri-dockerd Disabling swap install kubeadm kubectl kubelet https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/install-kubeadm/ configure kubelet cgroup driver https://kubernetes.io/docs/tasks/administer-cluster/kubeadm/configure-cgroup-driver/ So currently im at the configuring cgroup driver. I tried to execute kubeadm init kubeadm-config.yaml but kubeadm found 2 CRI endpoints. So i tried to point the correct one with this command kubeadm join --cri-socket /var/run/cri-dockerd.sock but i got discover:Invalid value: ::: bootstrapToken or file must be set And now im completely lost. And also im confused is this a moment for installing CNI (probably i will try with Calico) for pod communication or should i start the cluster first?

But not to worry, you can still use Docker as a container runtime in Kubernetes using the cri-dockerd adapter. cri-dockerd provides a shim for Docker Engine that lets you control Docker via the Kubernetes CRI. ****

As of version 1.24, either one of the other supported runtimes (e.g. containerd or CRI-O) or, in case you still want to rely on Docker Engine, cri-dockerd must be used. Further information on precautions that may be necessary due to the removal of Dockershim is provided by Kubernetes in a guide.

Kubernetes requires a tool which implements the Container Runtime Interface, a standardized API for starting & managing containers. This is from 2015-2016[1].

For a while Kubernetes has included something called the "dockershim", it's own implementation of a CRI interface that, under the hood, calls Docker or Podman. There's also tools like kind[2] ("kubernetes in docker") that go further- not just hosting Kubernetes worker containers in Docker, but hosting the main kubernetes daemons also in Docker.

Kubernetes deprecated Dockershim, formally in December 2020, but is just throwing the switch now in the upcoming 1.24, expected mid-April[3]. A company Mirantis has pledged to take over support of Dockershim[4], and is calling the new effort "cri-dockerd"[5]. This should allow Kubernetes workers to continue to run via Docker or Podman.

Kind is unaffected, since it runs the main Kubernetes controllers in Docker, which then launch their own opencontainerd (one off the main CRI implementations) inside that Docker container, nested like, so no dockership/cri-dockerd is needed).

[1] https://kubernetes.io/blog/2016/12/container-runtime-interfa...

[2] https://kind.sigs.k8s.io/

[3] https://kubernetes.io/blog/2022/01/07/kubernetes-is-moving-o...

[4] https://www.mirantis.com/blog/mirantis-to-take-over-support-...

[5] https://github.com/Mirantis/cri-dockerd

I just started using Pyinfra to wrangle a bunch of servers and it is a breath of fresh air compared to Ansible. I moved all of my server OS installs to Fedora CoreOS which doesn't ship with Python in the OS and since Pyinfra doesn't need Python on the host node I can kick off tasks in bulk to do server things. It is great. I cannot wait to see where the Pyinfra project goes.

On a side note, one of the most hacky things I came up with to get Ansible working on Fedora CoreOS was to bind mount a container rootfs that had python 3 and then symlink it into the right spots. You can of course add Python in with rpm-ostree if you want but I wanted to avoid layering packages at the time. I wasn't proud of it. But it worked.

https://github.com/forem/selfhost/blob/main/playbooks/templa...

This is not the suggested way of deployment by the forem team, nevertheless I found it easier and smother than using the deployment selfhost, however I think it's good to know different approaches and use the one suits you the most, if you don't have time to manage a server I think using a pass like Render does the job, and it's cheaper then Heroku at the time of this post.

Forem Self-Host. You should probably know Forem. But in case you don't, just know that DEV is hosted on it.

I only use Podman for my workloads these days. Docker was always a headache for me on Linux. Podman allows me to quickly do whatever I want with containers and I can use systemd or a simple bash script to easily create services on my workstation or in production with Nomad with https://github.com/hashicorp/nomad-driver-podman

I am super thankful for the team of developers that work on Podman. It has really come a long way since 2.0 and they are very responsive to issues in my experiences. If you are using Linux as your daily driver and you use Containers give Podman a try. Here are some examples of the things I have done with Podman.

https://github.com/forem/selfhost

https://github.com/jdoss/ppngx

https://gist.github.com/jdoss/25f9dac0a616e524f8794a89b7989e...

https://gist.github.com/jdoss/ad87375b776178e9031685b71dbe37...

To automatically generate a TOC, you can use an online tool like the GitHub Wiki TOC generator. I used this tool to create the TOC in Forem’s Selfhost project when I was a developer advocate there.

Hi, everyone; I just tried the tutorial for deploying a self-hosted instance of forem (https://github.com/forem/selfhost) on AWS. A step in the tutorial asks for the creation of an AWS user with Programmatic access called forem-selfhost with the following

We (I work for Forem) have an opensource selfhost installer [0] so you can have total control over your data and community too.

[0] https://github.com/forem/selfhost

If you know what Forem you want to build, please follow the instructions and go live — again, the Self-Host instructions are available here!