richard
/
kubespray
mirror of https://github.com/kubernetes-sigs/kubespray.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
6397 Commits
29 Branches
81 Tags
146 MiB
Tree: 45262da726
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '45262da726'
${ noResults }
kubespray/docs/docker.md

105 lines
3.0 KiB
Raw Normal View History

[docker] add support for cri-dockerd as a replacement for dockershim (#8623)
2 years ago
  1. # Docker support
  3. The docker runtime is supported by kubespray and while the `dockershim` is deprecated to be removed in kubernetes 1.24+ there are alternative ways to use docker such as through the [cri-dockerd](https://github.com/Mirantis/cri-dockerd) project supported by Mirantis.
  5. Using the docker container manager:
  7. ```yaml
  8. container_manager: docker
  9. ```
  11. Using `cri-dockerd` instead of `dockershim`:
  13. ```yaml
  14. cri_dockerd_enabled: false
  15. ```
  17. *Note:* The `cri_dockerd_enabled: true` setting will become the default in a future kubespray release once kubespray 1.24+ is supported and `dockershim` is removed. At that point, changing this option will be deprecated and silently ignored.
  19. Enabling the `overlay2` graph driver:
  21. ```yaml
  22. docker_storage_options: -s overlay2
  23. ```
  25. Enabling `docker_container_storage_setup`, it will configure devicemapper driver on Centos7 or RedHat7.
  26. Deployers must be define a disk path for `docker_container_storage_setup_devs`, otherwise docker-storage-setup will be executed incorrectly.
  28. ```yaml
  29. docker_container_storage_setup: true
  30. docker_container_storage_setup_devs: /dev/vdb
  31. ```
  33. Changing the Docker cgroup driver (native.cgroupdriver); valid options are `systemd` or `cgroupfs`, default is `systemd`:
  35. ```yaml
  36. docker_cgroup_driver: systemd
  37. ```
  39. If you have more than 3 nameservers kubespray will only use the first 3 else it will fail. Set the `docker_dns_servers_strict` to `false` to prevent deployment failure.
  41. ```yaml
  42. docker_dns_servers_strict: false
  43. ```
  45. Set the path used to store Docker data:
  47. ```yaml
  48. docker_daemon_graph: "/var/lib/docker"
  49. ```
  51. Changing the docker daemon iptables support:
  53. ```yaml
  54. docker_iptables_enabled: "false"
  55. ```
  57. Docker log options:
  59. ```yaml
  60. # Rotate container stderr/stdout logs at 50m and keep last 5
  61. docker_log_opts: "--log-opt max-size=50m --log-opt max-file=5"
  62. ```
  64. Changre the docker `bin_dir`, this should not be changed unless you use a custom docker package:
  66. ```yaml
  67. docker_bin_dir: "/usr/bin"
  68. ```
  70. To keep docker packages after installation; speeds up repeated ansible provisioning runs when '1'.
  71. kubespray deletes the docker package on each run, so caching the package makes sense:
  73. ```yaml
  74. docker_rpm_keepcache: 1
  75. ```
  77. Allowing insecure-registry access to self hosted registries. Can be ipaddress and domain_name.
  79. ```yaml
  80. ## example define 172.19.16.11 or mirror.registry.io
  81. docker_insecure_registries:
  82. - mirror.registry.io
  83. - 172.19.16.11
  84. ```
  86. Adding other registry, i.e. China registry mirror:
  88. ```yaml
  89. docker_registry_mirrors:
  90. - https://registry.docker-cn.com
  91. - https://mirror.aliyuncs.com
  92. ```
  94. Overriding default system MountFlags value. This option takes a mount propagation flag: `shared`, `slave` or `private`, which control whether mounts in the file system namespace set up for docker will receive or propagate mounts and unmounts. Leave empty for system default:
  96. ```yaml
  97. docker_mount_flags:
  98. ```
  100. Adding extra options to pass to the docker daemon:
  102. ```yaml
  103. ## This string should be exactly as you wish it to appear.
  104. docker_options: ""
  105. ```