【K8S运维知识汇总】第3天3：flanneld安装部署详解

安装flanneld

[root@hdss7-22 ~]# cd /opt/src/[root@hdss7-22 src]# rz[root@hdss7-21 src]# ll总用量 452336-rw-r--r-- 1 root root 9850227 6月 22 21:16 etcd-v3.1.20-linux-amd64.tar.gz-rw-r--r-- 1 root root 9565743 6月 22 20:24 flannel-v0.11.0-linux-amd64.tar.gz-rw-r--r-- 1 root root 443770238 6月 22 21:11 kubernetes-server-linux-amd64-v1.15.2.tar.gz[root@hdss7-21 src]# mkdir /opt/flannel-v0.11.0[root@hdss7-21 src]# tar -xzvf flannel-v0.11.0-linux-amd64.tar.gz -C /opt/flannel-v0.11.0/ [root@hdss7-21 src]# cd !$[root@hdss7-21 flannel-v0.11.0]# ll总用量 34436-rwxr-xr-x 1 root root 35249016 1月 29 2019 flanneld-rwxr-xr-x 1 root root 2139 10月 23 2018 mk-docker-opts.sh-rw-r--r-- 1 root root 4300 10月 23 2018 README.md[root@hdss7-21 flannel-v0.11.0]# ln -s /opt/flannel-v0.11.0/ /opt/flannel[root@hdss7-22 opt]# cd flannel[root@hdss7-22 flannel]# ll总用量 34436-rwxr-xr-x 1 root root 35249016 1月 29 2019 flanneld-rwxr-xr-x 1 root root 2139 10月 23 2018 mk-docker-opts.sh-rw-r--r-- 1 root root 4300 10月 23 2018 README.md

复制证书（完成与etcd的通信）

[root@hdss7-21 flannel]# mkdir cert[root@hdss7-21 flannel]# cd cert [root@hdss7-21 cert]# scp 10.4.7.200:/opt/certs/ca.pem .root@10.4.7.200's password: ca.pem 100% 1346 2.0MB/s 00:00 [root@hdss7-21 cert]# scp 10.4.7.200:/opt/certs/client.pem .root@10.4.7.200's password: client.pem 100% 1371 1.7MB/s 00:00 [root@hdss7-21 cert]# scp 10.4.7.200:/opt/certs/client-key.pem .root@10.4.7.200's password: client-key.pem 100% 1675 1.7MB/s 00:00 [root@hdss7-21 cert]# ll总用量 12-rw-r--r-- 1 root root 1346 7月 2 11:26 ca.pem-rw------- 1 root root 1675 7月 2 11:27 client-key.pem-rw-r--r-- 1 root root 1371 7月 2 11:26 client.pem

创建配置文件

[root@hdss7-22 cert]# cd ..[root@hdss7-21 flannel]# vi subnet.env# 根据实际主机修改 FLANNEL_SUBNET=172.7.21.1/24[root@hdss7-21 flannel]# cat subnet.env FLANNEL_NETWORK=172.7.0.0/16FLANNEL_SUBNET=172.7.21.1/24FLANNEL_MTU=1500FLANNEL_IPMASQ=false[root@hdss7-21 flannel]# vi flanneld.sh[root@hdss7-21 flannel]# cat flanneld.sh #!/bin/sh./flanneld \ --public-ip=10.4.7.21 \ --etcd-endpoints=\ --etcd-keyfile=./cert/client-key.pem \ --etcd-certfile=./cert/client.pem \ --etcd-cafile=./cert/ca.pem \ --iface=ens33 \ --subnet-file=./subnet.env \ --healthz-port=2401 [root@hdss7-21 flannel]# chmod +x /opt/flannel/flanneld.sh [root@hdss7-21 flannel]# mkdir -p /data/logs/flanneld

在etcd中增加网络配置信息

[root@hdss7-21 flannel]# cd /opt/etcd# 查看集群中的主服务器，在主服务器上去配置参数[root@hdss7-21 etcd]# ./etcdctl member list988139385f78284: name=etcd-server-7-22 peerURLs=clientURLs=isLeader=false5a0ef2a004fc4349: name=etcd-server-7-21 peerURLs=clientURLs=isLeader=falsef4a0cb0a765574a8: name=etcd-server-7-12 peerURLs=clientURLs=isLeader=true# 使用 host-gw模型 # 寻找集群中的任意一台etcd服务，且只运行一次写入etcd中即可[root@hdss7-21 etcd]# ./etcdctl set /coreos.com/network/config '{"Network": "172.7.0.0/16", "Backend": {"Type": "host-gw"}}'{"Network": "172.7.0.0/16", "Backend": {"Type": "host-gw"}}# 查看网络模型配置[root@hdss7-21 etcd]# ./etcdctl get /coreos.com/network/config{"Network": "172.7.0.0/16", "Backend": {"Type": "host-gw"}}

创建启动脚本

编辑supervisor启动脚本：

[program:flanneld-7-21] 部分记得修改[root@hdss7-22 etcd]# vi /etc/supervisord.d/flannel.ini[program:flanneld-7-21]command=/opt/flannel/flanneld.sh ; the program (relative uses PATH, can take args)numprocs=1 ; number of processes copies to start (def 1)directory=/opt/flannel ; directory to cwd to before exec (def no cwd)autostart=true ; start at supervisord start (default: true)autorestart=true ; retstart at unexpected quit (default: true)startsecs=30 ; number of secs prog must stay running (def. 1)startretries=3 ; max # of serial start failures (default 3)exitcodes=0,2 ; 'expected' exit codes for process (default 0,2)stopsignal=QUIT ; signal used to kill process (default TERM)stopwaitsecs=10 ; max num secs to wait b4 SIGKILL (default 10)user=root ; setuid to this UNIX account to run the programredirect_stderr=true ; redirect proc stderr to stdout (default false)stdout_logfile=/data/logs/flanneld/flanneld.stdout.log ; stderr log path, NONE for none; default AUTOstdout_logfile_maxbytes=64MB ; max # logfile bytes b4 rotation (default 50MB)stdout_logfile_backups=4 ; # of stdout logfile backups (default 10)stdout_capture_maxbytes=1MB ; number of bytes in 'capturemode' (default 0)stdout_events_enabled=false ; emit events on stdout writes (default false)[root@hdss7-21 etcd]# mkdir -p /data/logs/flanneld/[root@hdss7-21 etcd]# supervisorctl update[root@hdss7-21 etcd]# supervisorctl statusetcd-server-7-21 RUNNING pid 12272, uptime 5 days, 23:36:17flanneld-7-21 STARTING kube-apiserver-7-21 RUNNING pid 13277, uptime 5 days, 0:09:58kube-controller-manager-7-21 RUNNING pid 64267, uptime 1 day, 1:32:05kube-kubelet-7-21 RUNNING pid 17290, uptime 3 days, 17:30:48kube-proxy-7-21 RUNNING pid 55520, uptime 3 days, 14:16:13kube-scheduler-7-21 RUNNING pid 64261, uptime 1 day, 1:32:05# 也可以使用该命令启动对应的脚本[root@hdss7-22 flannel]# supervisorctl start flanneld-7-22

验证不同宿主机中的容器是否能够通信

[root@hdss7-21 etcd]# ping 172.7.21.2 PING 172.7.21.2 (172.7.21.2) 56(84) bytes of data.64 bytes from 172.7.21.2: icmp_seq=1 ttl=64 time=0.092 ms64 bytes from 172.7.21.2: icmp_seq=2 ttl=64 time=0.098 ms64 bytes from 172.7.21.2: icmp_seq=3 ttl=64 time=0.043 ms64 bytes from 172.7.21.2: icmp_seq=4 ttl=64 time=0.094 ms[root@hdss7-21 etcd]# curl 172.7.21.2

Welcome to nginx!

If you see this page, the nginx web server is successfully installed andworking. Further configuration is required.

For online documentation and support please refer to