Cilium网卡安装
假如你的k8s集群已经安装完成如下:[root@node66 ~]# kubectl get nodeNAMESTATUSROLESAGEVERSIONnode65.comReady<none>39sv1.22.4node66.masterNotReadycontrol-plane,master8m54sv1.22.
·
假如你的k8s集群已经安装完成
如下:
[root@node66 ~]# kubectl get node
NAME STATUS ROLES AGE VERSION
node65.com Ready <none> 39s v1.22.4
node66.master NotReady control-plane,master 8m54s v1.22.4
开始安装网卡,下载cilium
https://github.com/cilium/cilium-cli/releases/download/v0.9.3/cilium-linux-amd64.tar.gz && tar xvf cilium-linux-amd64.tar.gz
本次使用默认安装模式
[root@node66 ~]# cilium install
ℹ️ using Cilium version "v1.10.5"
🔮 Auto-detected cluster name: kubernetes
🔮 Auto-detected IPAM mode: cluster-pool
🔑 Generating CA...
🔑 Generating certificates for Hubble...
🚀 Creating Service accounts...
🚀 Creating Cluster roles...
🚀 Creating ConfigMap for Cilium version 1.10.5...
🚀 Creating Agent DaemonSet...
🚀 Creating Operator Deployment...
⌛ Waiting for Cilium to be installed and ready...
✅ Cilium was successfully installed! Run 'cilium status' to view installation health
开启 hubble
[root@node66 ~]# cilium hubble enable
🔑 Found existing CA in secret cilium-ca
✨ Patching ConfigMap cilium-config to enable Hubble...
♻️ Restarted Cilium pods
⌛ Waiting for Cilium to become ready before deploying other Hubble component(s)...
🔑 Generating certificates for Relay...
✨ Deploying Relay from quay.io/cilium/hubble-relay:v1.10.5...
⌛ Waiting for Hubble to be installed...
✅ Hubble was successfully enabled!
开启 hubble-ui
[root@node66 ~]# cilium hubble enable --ui
🔑 Found existing CA in secret cilium-ca
✨ Patching ConfigMap cilium-config to enable Hubble...
♻️ Restarted Cilium pods
⌛ Waiting for Cilium to become ready before deploying other Hubble component(s)...
✅ Relay is already deployed
✨ Deploying Hubble UI...
⌛ Waiting for Hubble to be installed...
✅ Hubble was successfully enabled!
暴露ui端口
[root@node66 ~]# kubectl edit svc -n kube-system hubble-ui
service/hubble-ui edited
[root@node66 ~]# kubectl get svc -n kube-system
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
hubble-relay ClusterIP 10.96.223.106 <none> 80/TCP 10m
hubble-ui NodePort 10.105.235.85 <none> 80:32213/TCP 4m36s
安装完成非常简单
[root@node66 ~]# kubectl get node
NAME STATUS ROLES AGE VERSION
node65.com Ready <none> 61m v1.22.4
node66.master Ready control-plane,master 69m v1.22.4
创建一个demon试试效果
[root@node66 ~]# kubectl apply -f v1.yaml
deployment.apps/nginx-v1 created
service/nginx-v1 created
[root@node66 ~]# kubectl get svc,pods
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/nginx-v1 NodePort 10.109.3.142 <none> 8000:30390/TCP 43m
NAME READY STATUS RESTARTS AGE
pod/nginx-v1-58766466cb-8c94l 1/1 Running 0 43m
Cilium -1.13之后推荐不使用kube-proxy管理K8s网络。使用使用下方式
初始禁用kube-proxy --disable-kube-proxy
kubeadm init --skip-phases=addon/kube-proxy --image-repository registry.aliyuncs.com/google_containers --pod-network-cidr=10.244.0.0/16 --v=5
安装
helm repo add cilium https://helm.cilium.io/
helm install cilium cilium/cilium --version 1.14.3 \
--namespace kube-system \
--set operator.replicas=1 \
--set k8sServiceHost=172.16.1.88 \
--set k8sServicePort=6443 \
--set hubble.relay.enabled=true \
--set hubble.ui.enabled=true \
--set tunnel=disabled \
--set autoDirectNodeRoutes=true \
--set ipv4NativeRoutingCIDR=10.0.0.0/22 \
--set kubeProxyReplacement=strict
如果想更简洁的安装可以选择这种方式
helm install cilium cilium/cilium \
--namespace kube-system \
--set operator.replicas=1 \
--set kubeProxyReplacement=true \
--set k8sServiceHost=172.16.1.3 \
--set hubble.relay.enabled=true \
--set hubble.ui.enabled=true \
--set k8sServicePort=6443
更多安装玩法可以看官网
https://docs.cilium.io/en/stable/network/kubernetes/kubeproxy-free/#advanced-configuration
创建一个pods查看一下就知道了
K8S/Kubernetes社区为您提供最前沿的新闻资讯和知识内容
更多推荐
0
0- 0
已为社区贡献82条内容
所有评论(0)