二进制安装部署flannel网络插件

二进制安装部署flannel网络插件

master节点操作

1.将分配的子网写入etcd集群中

[root@master k8s]#/opt/etcd/bin/etcdctl --ca-file=ca.pem --key-file=etcd-key.pem --cert-file=etcd.pem --endpoints="set /coreos.com/network/config '{ "Network": "172.17.0.0/16", "Backend": {"Type": "vxlan"}}'

2.查看

[root@master k8s]# /opt/etcd/bin/etcdctl --ca-file=ca.pem --cert-file=etcd.pem --key-file=etcd-key.pem --endpoints="get /coreos.com/network/config{ "Network": "172.17.0.0/16", "Backend": {"Type": "vxlan"}}

Node节点操作

包 flannel-v0.10.0-linux-amd64.tar.gz

1.解压

[root@localhost ~]# tar zxvf flannel-v0.10.0-linux-amd64.tar.gzflanneldmk-docker-opts.shREADME.md

2创建工作目录

[root@localhost ~]# mkdir /opt/kubernetes/{cfg,bin,ssl} -p[root@localhost ~]# mv mk-docker-opts.sh flanneld /opt/kubernetes/bin/

3.创建配置文件

[root@localhost cfg]# pwd/opt/kubernetes/cfg[root@localhost cfg]# vim flanneldFLANNEL_OPTIONS="--etcd-endpoints=\-etcd-cafile=/opt/etcd/ssl/ca.pem \-etcd-certfile=/opt/etcd/ssl/etcd.pem \-etcd-keyfile=/opt/etcd/ssl/etcd-key.pem"

4，将flannel写入system

[root@localhost cfg]# vim /usr/lib/systemd/system/flanneld.service[Unit]Description=Flanneld overlay address etcd agentAfter=network-online.target network.targetBefore=docker.service[Service]Type=notifyEnvironmentFile=/opt/kubernetes/cfg/flanneldExecStart=/opt/kubernetes/bin/flanneld --ip-masq \$FLANNEL_OPTIONSExecStartPost=/opt/kubernetes/bin/mk-docker-opts.sh -k DOCKER_NETWORK_OPTIONS -d /run/flannel/subnet.envRestart=on-failure[Install]WantedBy=multi-user.target

5.启动flannel服务

[root@localhost cfg]#systemctl daemon-reload[root@localhost cfg]#systemctl enable flanneld[root@localhost cfg]#systemctl restart flanneldCreated symlink from /etc/systemd/system/multi-user.target.wants/flanneld.service to /usr/lib/systemd/system/flanneld.service.

6.修改docker服务配置连接flannel

[root@localhost cfg]# vim /usr/lib/systemd/system/docker.service[Unit]Description=Docker Application Container EngineDocumentation=firewalld.service containerd.serviceWants=network-online.targetRequires=docker.socket containerd.service[Service]Type=notify# the default is not to use systemd for cgroups because the delegate issues still# exists and systemd currently does not support the cgroup feature set required# for containers run by dockerEnvironmentFile=/run/flannel/subnet.env #需要新加ExecStart=/usr/bin/dockerd $DOCKER_NETWORK_OPTIONS -H fd:// --containerd=/run/containerd/containerd.sockExecReload=/bin/kill -s HUP $MAINPIDTimeoutSec=0RestartSec=2Restart=always# Note that StartLimit* options were moved from "Service" to "Unit" in systemd 229.# Both the old, and new location are accepted by systemd 229 and up, so using the old location# to make them work for either version of systemd.StartLimitBurst=3# Note that StartLimitInterval was renamed to StartLimitIntervalSec in systemd 230.# Both the old, and new name are accepted by systemd 230 and up, so using the old name to make# this option work for either version of systemd.StartLimitInterval=60s# Having non-zero Limit*s causes performance problems due to accounting overhead# in the kernel. We recommend using cgroups to do container-local accounting.LimitNOFILE=infinityLimitNPROC=infinityLimitCORE=infinity# Comment TasksMax if your systemd version does not support it.# Only systemd 226 and above support this option.TasksMax=infinity# set delegate yes so that systemd does not reset the cgroups of docker containersDelegate=yes# kill only the docker process, not all processes in the cgroupKillMode=processOOMScoreAdjust=-500[Install]WantedBy=multi-user.target

7.查看subnet.env #此文件个人理解将docker0和flannel.1绑定

[root@localhost cfg]# vim /run/flannel/subnet.envDOCKER_OPT_BIP="--bip=172.17.77.1/24"DOCKER_OPT_IPMASQ="--ip-masq=false"DOCKER_OPT_MTU="--mtu=1450"//说明：bip指定启动时的子网DOCKER_NETWORK_OPTIONS=" --bip=172.17.77.1/24 --ip-masq=false --mtu=1450"

8.重载docker服务

[root@localhost cfg]#systemctl daemon-reload[root@localhost cfg]# systemctl restart docker

9.ifconfig查看

[root@localhost cfg]# ifconfigdocker0: flags=4163 mtu 1450 inet 172.17.77.1 netmask 255.255.255.0 broadcast 172.17.77.255 inet6 fe80::42:edff:feab:5be8 prefixlen 64 scopeid 0x20 ether 02:42:ed:ab:5b:e8 txqueuelen 0 (Ethernet) RX packets 34315 bytes 1387651 (1.3 MiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 68136 bytes 81032870 (77.2 MiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0ens33: flags=4163 mtu 1500 inet 192.168.226.130 netmask 255.255.255.0 broadcast 192.168.226.255 inet6 fe80::20c:29ff:fee3:b204 prefixlen 64 scopeid 0x20 ether 00:0c:29:e3:b2:04 txqueuelen 1000 (Ethernet) RX packets 6819735 bytes 1214531748 (1.1 GiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 6598534 bytes 840538081 (801.5 MiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0flannel.1: flags=4163 mtu 1450 inet 172.17.77.0 netmask 255.255.255.255 broadcast 0.0.0.0 inet6 fe80::8c8c:eeff:fe58:c51e prefixlen 64 scopeid 0x20 ether 8e:8c:ee:58:c5:1e txqueuelen 0 (Ethernet) RX packets 12 bytes 1008 (1008.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 12 bytes 1008 (1008.0 B) TX errors 0 dropped 8 overruns 0 carrier 0 collisions 0lo: flags=73 mtu 65536 inet 127.0.0.1 netmask 255.0.0.0 inet6 ::1 prefixlen 128 scopeid 0x10 loop txqueuelen 1000 (Local Loopback) RX packets 42725 bytes 2251542 (2.1 MiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 42725 bytes 2251542 (2.1 MiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

验证

1.查看路由

[root@localhost cfg]# route -nKernel IP routing tableDestination Gateway Genmask Flags Metric Ref Use Iface0.0.0.0 192.168.226.2 0.0.0.0 UG 100 0 0 ens33172.17.76.0 172.17.76.0 255.255.255.0 UG 0 0 0 flannel.1172.17.77.0 0.0.0.0 255.255.255.0 U 0 0 0 docker0192.168.226.0 0.0.0.0 255.255.255.0 U 100 0 0 ens33

有到另一台node节点的路由信息

2.创建pod验证网络通不通 ping另一台node中的ip

[root@localhost cfg]#docker run -itd centos:7 /bin/bash[root@localhost cfg]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES92f2314372a5 centos:7 "/bin/bash" 20 hours ago Up 20 hours vibrant_antonelli[root@localhost cfg]#docker exec -it 92f2314372a5 /bin/bash[root@92f2314372a5 /]# yum install net-tools -y[root@92f2314372a5 /]# ifconfig eth0: flags=4163 mtu 1450 inet 172.17.77.2 netmask 255.255.255.0 broadcast 172.17.77.255 ether 02:42:ac:11:4d:02 txqueuelen 0 (Ethernet) RX packets 24595 bytes 20564550 (19.6 MiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 10699 bytes 582023 (568.3 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0lo: flags=73 mtu 65536 inet 127.0.0.1 netmask 255.0.0.0 loop txqueuelen 1000 (Local Loopback) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 0 bytes 0 (0.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0[root@92f2314372a5 /]# ping 172.17.76.2PING 172.17.76.2 (172.17.76.2) 56(84) bytes of data.64 bytes from 172.17.76.2: icmp_seq=1 ttl=62 time=9.59 ms64 bytes from 172.17.76.2: icmp_seq=2 ttl=62 time=0.637 ms64 bytes from 172.17.76.2: icmp_seq=3 ttl=62 time=3.20 ms

版权声明：本文内容由网络用户投稿，版权归原作者所有，本站不拥有其著作权，亦不承担相应法律责任。如果您发现本站中有涉嫌抄袭或描述失实的内容，请联系我们jiasou666@gmail.com 处理，核实后本网站将在24小时内删除侵权内容。