kubernetes之网络插件flannel安装
关于容器间的网络插件,有很多选择,如下:
calico v3.1.3
canal (given calico/flannel versions)
cilium v1.3.0
contiv v1.1.7
flanneld v0.10.0
weave v2.4.1
kube-router v0.2.1
multus v3.1
本文主要记录kubernetes中,网络插件flannel安装
注:安装前,要提前安装好etcd集群、还要配置好相关的证书
1、yum安装
yum -y install flannel
2、修改service配置文件
vim /usr/lib/systemd/system/flanneld.service
[Unit]
Description=Flanneld overlay address etcd agent
After=network.target
After=network-online.target
Wants=network-online.target
After=etcd.service
Before=docker.service
[Service]
Type=notify
EnvironmentFile=/etc/sysconfig/flanneld
EnvironmentFile=-/etc/sysconfig/docker-network
ExecStart=/usr/bin/flanneld-start \
-etcd-endpoints=${FLANNEL_ETCD_ENDPOINTS} \
-etcd-prefix=${FLANNEL_ETCD_PREFIX} \
$FLANNEL_OPTIONS
ExecStartPost=/usr/libexec/flannel/mk-docker-opts.sh -k DOCKER_NETWORK_OPTIONS -d /run/flannel/docker
Restart=on-failure
[Install]
WantedBy=multi-user.target
RequiredBy=docker.service
3、修改/etc/sysconfig/flanneld 配置
vim /etc/sysconfig/flanneld
# Flanneld configuration options
# etcd url location. Point this to the server where etcd runs
FLANNEL_ETCD_ENDPOINTS="https://192.168.45.182:2379,https://192.168.45.183:2379,https://192.168.45.184:2379"
# etcd config key. This is the configuration key that flannel queries
# For address range assignment
FLANNEL_ETCD_PREFIX="/kubernetes/network"
# Any additional options that you want to pass
FLANNEL_OPTIONS="-etcd-cafile=/etc/kubernetes/ssl/ca.pem -etcd-certfile=/etc/kubernetes/ssl/kubernetes.pem -etcd-keyfile=/etc/kubernetes/ssl/kubernetes-key.pem"
注意:FLANNEL_ETCD_ENDPOINTS 填写etcd集群服务器ip及端口,如果etcd没有集群就只填写一个地址即可,由于etcd开启了证书验证,所以FLANNEL_OPTIONS 这里需要配置证书路径。
4、etcd创建网络配置
etcdctl \
--ca-file=/etc/kubernetes/ssl/ca.pem \
--cert-file=/etc/kubernetes/ssl/kubernetes.pem \
--key-file=/etc/kubernetes/ssl/kubernetes-key.pem \
mk //kubernetes/network/config '{"Network":"172.17.0.0/16"}'
注:此步只需要在etcd集群中的一台执行即可
5、启动flannel
# systemctl daemon-reload
# systemctl enable flanneld
# systemctl start flanneld
# systemctl status flanneld
6、验证etcd中网络
# etcdctl \
--ca-file=/etc/kubernetes/ssl/ca.pem \
--cert-file=/etc/kubernetes/ssl/kubernetes.pem \
--key-file=/etc/kubernetes/ssl/kubernetes-key.pem \
ls -r |grep subnets
评论