Install and configure CRI-O runtime. sudo pacman -S cri-o crun iptables-nftCreate/etc/crio/crio.conf.d/00-crun.conf specifying the default runtimeascrun instead ofrunc.
[crio.runtime]default_runtime = "crun"[crio.runtime.runtimes.crun]runtime_path = "/usr/bin/crun"runtime_type = "oci"runtime_root = "/run/crun"Create/etc/crio/crio.conf.d/10-plugin-dir.conf to specify what pathscri-o looks for cni plugins.
[crio.network]plugin_dirs = [ "/usr/lib/cni", "/opt/cni/bin"]sudo modprobe overlaysudo modprobe br_netfiltersudo systemctl enable crio --nowsudo pacman -S kubeadm kubelet kubectl helm cilium-clisudo systemctl enable kubelet --nowsudo kubeadm init \ --cri-socket='unix:///run/crio/crio.sock' \ --skip-phases=addon/kube-proxymkdir -p $HOME/.kubesudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/configsudo chown $(id -u):$(id -g) $HOME/.kube/configexport KUBECONFIG="$HOME/.kube/config"kubectl taint nodes <node-name> \ node-role.kubernetes.io/control-plane:NoSchedule-cilium-cli install \ --set l2announcements.enabled=true \ --set kubeProxyReplacement=trueapiVersion :cilium.io/v2alpha1 kind :CiliumL2AnnouncementPolicy metadata :name :l2-enp4s0 spec :interfaces : -^enp4s0 externalIPs :yes loadBalancerIPs :yes apiVersion :cilium.io/v2alpha1 kind :CiliumLoadBalancerIPPool metadata :name :lan-pool spec :blocks : -start :192.168.0.20 stop :192.168.0.49 helm upgrade --install ingress-nginx ingress-nginx \ --repo https://kubernetes.github.io/ingress-nginx \ --namespace ingress-nginx --create-namespacehelm repo add jetstack https://charts.jetstack.io --force-updatehelm repo updatekubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.14.4/cert-manager.crds.yamlhelm install \ cert-manager jetstack/cert-manager \ --namespace cert-manager \ --create-namespace \ --version v1.14.4---apiVersion :cert-manager.io/v1 kind :ClusterIssuer metadata :name :letsencrypt-prod spec :acme :email :" lol@lol.com" server :" https://acme-v02.api.letsencrypt.org/directory" privateKeySecretRef :name :letsencrypt-prod solvers : -dns01 :cloudflare :email :" lol@lol.com" apiTokenSecretRef :name :cloudflare-lol-token key :api-token