部署Flannel网络
二.部署Flannel网络 Falnnel要用etcd存储自身一个子网信息,所以要保证能成功连接Etcd,写入预定义子网段: /opt/etcd/bin/etcdctl --ca-file=ca.pem --cert-file=server.pem --key-file=server-key.pem --endpoints="https://192.168.236.128:2379,https://192.168.236.129:2379,https://192.168.236.130:2379" set /coreos.com/network/config '{ "Network": "172.17.0.0/16", "Backend": {"Type": "vxlan"}}' 以下部署步骤在规划的每个node节点都操作。 下载二进制包: wget https://github.com/coreos/flannel/releases/download/v0.10.0/flannel-v0.10.0-linux-amd64.tar.gz tar zxvf flannel-v0.10.0-linux-amd64.tar.gz mkdir -pv /opt/kubernetes/bin mv flanneld mk-docker-opts.sh /opt/kubernetes/bin 配置Flannel: mkdir -pv /opt/kubernetes/cfg/ cat>/opt/kubernetes/cfg/flanneld<<EOF FLANNEL_OPTIONS="--etcd-endpoints=https://192.168.236.128:2379,https://192.168.236.129:2379,https://192.168.236.130:2379 -etcd-cafile=/opt/etcd/ssl/ca.pem -etcd-certfile=/opt/etcd/ssl/server.pem -etcd-keyfile=/opt/etcd/ssl/server-key.pem" EOF systemd管理Flannel: vim /usr/lib/systemd/system/flanneld.service [Unit] Description=Flanneld overlay address etcd agent After=network-online.target network.target Before=docker.service [Service] Type=notify EnvironmentFile=/opt/kubernetes/cfg/flanneld ExecStart=/opt/kubernetes/bin/flanneld --ip-masq $FLANNEL_OPTIONS ExecStartPost=/opt/kubernetes/bin/mk-docker-opts.sh -k DOCKER_NETWORK_OPTIONS -d /run/flannel/subnet.env Restart=on-failure [Install] WantedBy=multi-user.target 配置Docker启动指定子网段: vim /usr/lib/systemd/system/docker.service [Unit] Description=Docker Application Container Engine Documentation=https://docs.docker.com After=network-online.target firewalld.service Wants=network-online.target [Service] Type=notify EnvironmentFile=/run/flannel/subnet.env ExecStart=/usr/bin/dockerd $DOCKER_NETWORK_OPTIONS ExecReload=/bin/kill -s HUP $MAINPID LimitNOFILE=infinity LimitNPROC=infinity LimitCORE=infinity TimeoutStartSec=0 Delegate=yes KillMode=process Restart=on-failure StartLimitBurst=3 StartLimitInterval=60s [Install] WantedBy=multi-user.target 从其他节点拷贝证书文件到node1和2上:因为node1和2上没有证书,但是flanel需要证书 #由于我们第一次直接采用rsync进行了推送所以一下不用做 #mkdir -pv /opt/etcd/ssl/ #scp /opt/etcd/ssl/* k8s-node2:/opt/etcd/ssl/ 重启flannel和docker: systemctl daemon-reload systemctl start flanneld systemctl enable flanneld systemctl restart docker 检查是否生效: # ps -ef |grep docker root 20941 1 1 Jun28 ? 09:15:34 /usr/bin/dockerd --bip=172.17.34.1/24 --ip-masq=false --mtu=1450 #hostname -I 确保docker0与flannel.1在同一网段。 测试不同节点互通,在当前节点访问另一个Node节点docker0 IP: # ping 172.17.77.1 如果能通说明Flannel部署成功。如果不通检查下日志:journalctl -u flannel
所有评论(0)