zhmg23

我们是如此的不同
05
11

kubernetes之网络插件flannel安装

 关于容器间的网络插件,有很多选择,如下:

calico v3.1.3

canal (given calico/flannel versions)

cilium v1.3.0

contiv v1.1.7

flanneld v0.10.0

weave v2.4.1

kube-router v0.2.1

multus v3.1

本文主要记录kubernetes中,网络插件flannel安装

注:安装前,要提前安装好etcd集群、还要配置好相关的证书

1、yum安装

yum -y install flannel


2、修改service配置文件

vim /usr/lib/systemd/system/flanneld.service 

[Unit]

Description=Flanneld overlay address etcd agent

After=network.target

After=network-online.target

Wants=network-online.target

After=etcd.service

Before=docker.service

 

[Service]

Type=notify

EnvironmentFile=/etc/sysconfig/flanneld

EnvironmentFile=-/etc/sysconfig/docker-network

ExecStart=/usr/bin/flanneld-start \

  -etcd-endpoints=${FLANNEL_ETCD_ENDPOINTS} \

  -etcd-prefix=${FLANNEL_ETCD_PREFIX} \

  $FLANNEL_OPTIONS

ExecStartPost=/usr/libexec/flannel/mk-docker-opts.sh -k DOCKER_NETWORK_OPTIONS -d /run/flannel/docker

Restart=on-failure

 

[Install]

WantedBy=multi-user.target

RequiredBy=docker.service



3、修改/etc/sysconfig/flanneld 配置

vim /etc/sysconfig/flanneld

# Flanneld configuration options  

 

# etcd url location.  Point this to the server where etcd runs

FLANNEL_ETCD_ENDPOINTS="https://192.168.45.182:2379,https://192.168.45.183:2379,https://192.168.45.184:2379"

 

# etcd config key.  This is the configuration key that flannel queries

# For address range assignment

FLANNEL_ETCD_PREFIX="/kubernetes/network"

 

# Any additional options that you want to pass

FLANNEL_OPTIONS="-etcd-cafile=/etc/kubernetes/ssl/ca.pem -etcd-certfile=/etc/kubernetes/ssl/kubernetes.pem -etcd-keyfile=/etc/kubernetes/ssl/kubernetes-key.pem"


注意:FLANNEL_ETCD_ENDPOINTS 填写etcd集群服务器ip及端口,如果etcd没有集群就只填写一个地址即可,由于etcd开启了证书验证,所以FLANNEL_OPTIONS 这里需要配置证书路径。


4、etcd创建网络配置

etcdctl \

  --ca-file=/etc/kubernetes/ssl/ca.pem \

  --cert-file=/etc/kubernetes/ssl/kubernetes.pem \

  --key-file=/etc/kubernetes/ssl/kubernetes-key.pem \

  mk  //kubernetes/network/config  '{"Network":"172.17.0.0/16"}' 


注:此步只需要在etcd集群中的一台执行即可


5、启动flannel

#  systemctl daemon-reload

#  systemctl enable flanneld

#  systemctl start flanneld

#  systemctl status flanneld



6、验证etcd中网络

# etcdctl \

--ca-file=/etc/kubernetes/ssl/ca.pem \

 --cert-file=/etc/kubernetes/ssl/kubernetes.pem \

--key-file=/etc/kubernetes/ssl/kubernetes-key.pem \

ls -r |grep subnets




● kubernetes● flannel

评论

© zhmg23 | Powered by LOFTER