richard
/
kubespray
mirror of https://github.com/kubernetes-sigs/kubespray.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
6719 Commits
29 Branches
81 Tags
146 MiB
Tree: 262c96ec0b
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '262c96ec0b'
${ noResults }
kubespray/docs/docker.md

99 lines
2.8 KiB
Raw Normal View History

[docker] add support for cri-dockerd as a replacement for dockershim (#8623)
2 years ago
[docker] use cri-dockerd instead of dockershim for any kubernetes version deployed with docker as the container_manager
2 years ago
[docker] add support for cri-dockerd as a replacement for dockershim (#8623)
2 years ago
  1. # Docker support
  3. The docker runtime is supported by kubespray and while the `dockershim` is deprecated to be removed in kubernetes 1.24+ there are alternative ways to use docker such as through the [cri-dockerd](https://github.com/Mirantis/cri-dockerd) project supported by Mirantis.
  5. Using the docker container manager:
  7. ```yaml
  8. container_manager: docker
  9. ```
  11. *Note:* `cri-dockerd` has replaced `dockershim` across supported kubernetes version in kubespray 2.20.
  13. Enabling the `overlay2` graph driver:
  15. ```yaml
  16. docker_storage_options: -s overlay2
  17. ```
  19. Enabling `docker_container_storage_setup`, it will configure devicemapper driver on Centos7 or RedHat7.
  20. Deployers must be define a disk path for `docker_container_storage_setup_devs`, otherwise docker-storage-setup will be executed incorrectly.
  22. ```yaml
  23. docker_container_storage_setup: true
  24. docker_container_storage_setup_devs: /dev/vdb
  25. ```
  27. Changing the Docker cgroup driver (native.cgroupdriver); valid options are `systemd` or `cgroupfs`, default is `systemd`:
  29. ```yaml
  30. docker_cgroup_driver: systemd
  31. ```
  33. If you have more than 3 nameservers kubespray will only use the first 3 else it will fail. Set the `docker_dns_servers_strict` to `false` to prevent deployment failure.
  35. ```yaml
  36. docker_dns_servers_strict: false
  37. ```
  39. Set the path used to store Docker data:
  41. ```yaml
  42. docker_daemon_graph: "/var/lib/docker"
  43. ```
  45. Changing the docker daemon iptables support:
  47. ```yaml
  48. docker_iptables_enabled: "false"
  49. ```
  51. Docker log options:
  53. ```yaml
  54. # Rotate container stderr/stdout logs at 50m and keep last 5
  55. docker_log_opts: "--log-opt max-size=50m --log-opt max-file=5"
  56. ```
  58. Changre the docker `bin_dir`, this should not be changed unless you use a custom docker package:
  60. ```yaml
  61. docker_bin_dir: "/usr/bin"
  62. ```
  64. To keep docker packages after installation; speeds up repeated ansible provisioning runs when '1'.
  65. kubespray deletes the docker package on each run, so caching the package makes sense:
  67. ```yaml
  68. docker_rpm_keepcache: 1
  69. ```
  71. Allowing insecure-registry access to self hosted registries. Can be ipaddress and domain_name.
  73. ```yaml
  74. ## example define 172.19.16.11 or mirror.registry.io
  75. docker_insecure_registries:
  76. - mirror.registry.io
  77. - 172.19.16.11
  78. ```
  80. Adding other registry, i.e. China registry mirror:
  82. ```yaml
  83. docker_registry_mirrors:
  84. - https://registry.docker-cn.com
  85. - https://mirror.aliyuncs.com
  86. ```
  88. Overriding default system MountFlags value. This option takes a mount propagation flag: `shared`, `slave` or `private`, which control whether mounts in the file system namespace set up for docker will receive or propagate mounts and unmounts. Leave empty for system default:
  90. ```yaml
  91. docker_mount_flags:
  92. ```
  94. Adding extra options to pass to the docker daemon:
  96. ```yaml
  97. ## This string should be exactly as you wish it to appear.
  98. docker_options: ""
  99. ```