diff --git a/arch_install.sh b/arch_install.sh
index 40c8bfd..591dc8f 100644
--- a/arch_install.sh
+++ b/arch_install.sh
@@ -1,44 +1,83 @@
 #!/usr/bin/env bash
 set -euo pipefail
 
-# Update system and install Docker stack from official Arch repos
+# Update system
 sudo pacman -Syu --noconfirm
+
+# Switch from legacy iptables to nft backend if needed
+if pacman -Q iptables >/dev/null 2>&1; then
+  sudo pacman -Rns --noconfirm iptables || true
+fi
+
+# Install Kubernetes prerequisites and container runtime
 sudo pacman -S --needed --noconfirm \
   ca-certificates \
   curl \
   wget \
-  docker \
-  docker-buildx \
-  docker-compose \
+  containerd \
+  crictl \
   kubelet \
   kubeadm \
   kubectl \
   conntrack-tools \
   socat \
-  ebtables \
-  ethtool
+  ethtool \
+  iptables-nft \
+  cni-plugins
 
-# Enable and start Docker daemon
-sudo systemctl enable --now docker.service
+# Enable and start containerd
+sudo systemctl enable --now containerd.service
 
-# Allow current user to run docker without sudo after next login
-if ! id -nG "$USER" | grep -qw docker; then
-  sudo usermod -aG docker "$USER"
+# Generate default containerd config if missing
+if [[ ! -f /etc/containerd/config.toml ]]; then
+  sudo mkdir -p /etc/containerd
+  containerd config default | sudo tee /etc/containerd/config.toml >/dev/null
 fi
 
-# Install bash aliases in a user-owned, Arch-friendly way
-if [[ -f .bash_aliases ]]; then
-  install -Dm644 .bash_aliases "$HOME/.bash_aliases"
+# Set SystemdCgroup = true for kubelet compatibility
+sudo sed -i 's/SystemdCgroup = false/SystemdCgroup = true/' /etc/containerd/config.toml
+sudo systemctl restart containerd
 
-  # Ensure ~/.bashrc loads ~/.bash_aliases
-  if [[ -f "$HOME/.bashrc" ]] && ! grep -qF '.bash_aliases' "$HOME/.bashrc"; then
-    cat >> "$HOME/.bashrc" <<'EOF'
-
-# Load user aliases if present
-if [[ -f ~/.bash_aliases ]]; then
-  . ~/.bash_aliases
-fi
+# Kernel modules for Kubernetes networking
+sudo tee /etc/modules-load.d/k8s.conf >/dev/null <<'EOF'
+overlay
+br_netfilter
 EOF
-  fi
-fi
 
+sudo modprobe overlay
+sudo modprobe br_netfilter
+
+# Sysctl settings required by Kubernetes
+sudo tee /etc/sysctl.d/k8s.conf >/dev/null <<'EOF'
+net.bridge.bridge-nf-call-iptables = 1
+net.bridge.bridge-nf-call-ip6tables = 1
+net.ipv4.ip_forward = 1
+EOF
+
+sudo sysctl --system
+
+# Disable swap now
+sudo swapoff -a
+
+# Disable swap on boot by commenting swap lines in /etc/fstab
+sudo sed -i.bak '/\sswap\s/s/^/#/' /etc/fstab
+
+# Enable kubelet
+sudo systemctl enable --now kubelet.service
+
+echo
+echo "Base Kubernetes packages are installed."
+echo "Next step:"
+echo "  sudo kubeadm init --pod-network-cidr=10.244.0.0/16"
+echo
+echo "Then set up kubectl for your user:"
+echo "  mkdir -p \$HOME/.kube"
+echo "  sudo cp -i /etc/kubernetes/admin.conf \$HOME/.kube/config"
+echo "  sudo chown \$(id -u):\$(id -g) \$HOME/.kube/config"
+echo
+echo "Then install Flannel:"
+echo "  kubectl apply -f https://raw.githubusercontent.com/flannel-io/flannel/master/Documentation/kube-flannel.yml"
+echo
+echo "Check status with:"
+echo "  systemctl status containerd kubelet --no-pager"
+echo "  crictl info"
\ No newline at end of file