Centos7 k8s v1.5.2二进制部署安装-网络插件Flannel的安装

一、安装部署网络插件

  1、概念

  kubeenetes设计了网络模型,但是却将她得实现交给了网络插件,CNI网络插件最主要得功能就是实现POD资源能够跨宿主机进行通信

  常见得CNI网络插件:
  Flannel、Calico、Canal、Contiv、OpenContrail、NSX-T、Kube-router

  2、安装部署

mkdir flannel-v0.13.0
tar -zxvf flannel-v0.13.0-linux-amd64.tar.gz -C /opt/flannel-v0.13.0
ln -s flannel-v0.13.0 flannel

  3、拷贝证书

cd flannel && mkdir cert/
cd cert/ 
scp operations:/opt/certs/ca.pem ./
scp operations:/opt/certs/client.pem ./
scp operations:/opt/certs/client-key.pem ./

  4、编辑环境变量env文件,FLANNEL_SUBNET根据规划填写

vim /opt/flannel/subnet.env
FLANNEL_NETWORK=172.17.0.0/16
FLANNEL_SUBNET=172.7.21.1/24
FLANNEL_MTU=1500
FLANNEL_IPMASQ=false

  5、编辑启动脚本:红色部分根据node节点信息修改,并且eth0信息根据本机网卡信息修改

vim /opt/flannel/flanneld.sh
#!/bin/sh
./flanneld \
  --public-ip=192.168.112.23 \
  --etcd-endpoints=https://192.168.112.21:2379,https://192.168.112.22:2379,https://192.168.112.23:2379 \
  --etcd-keyfile=./cert/client-key.pem \
  --etcd-certfile=./cert/client.pem \
  --etcd-cafile=./cert/ca.pem \
  --iface=ens192 \
  --subnet-file=./subnet.env \
  --healthz-port=2401

chmod +x /opt/flannel/flanneld.sh
mkdir -p /data/logs/flanneld

  6、设置网络类型

cd /opt/etcd
./etcdctl set /coreos.com/network/config '{"Network":"172.7.0.0/16","Backend": {"Type": "host-gw"}}'   集群在二层网络中选择host-gw更快,三层网必须使用VxLAN模型
./etcdctl get /coreos.com/network/config

  7、编辑supervisor启动脚本:

vim /etc/supervisord.d/flanneld.ini
[program:flanneld-7-63]
command=/opt/flannel/flanneld.sh                                     ; the program (relative uses PATH, can take args)
numprocs=1                                                           ; number of processes copies to start (def 1)
directory=/opt/flannel                                               ; directory to cwd to before exec (def no cwd)
autostart=true                                                       ; start at supervisord start (default: true)
autorestart=true                                                     ; retstart at unexpected quit (default: true)
startsecs=30                                                         ; number of secs prog must stay running (def. 1)
startretries=3                                                       ; max # of serial start failures (default 3)
exitcodes=0,2                                                        ; 'expected' exit codes for process (default 0,2)
stopsignal=QUIT                                                      ; signal used to kill process (default TERM)
stopwaitsecs=10                                                      ; max num secs to wait b4 SIGKILL (default 10)
user=root                                                            ; setuid to this UNIX account to run the program
redirect_stderr=true                                                 ; redirect proc stderr to stdout (default false)
stdout_logfile=/data/logs/flanneld/flanneld.stdout.log               ; stderr log path, NONE for none; default AUTO
stdout_logfile_maxbytes=64MB                                         ; max # logfile bytes b4 rotation (default 50MB)
stdout_logfile_backups=4                                             ; # of stdout logfile backups (default 10)
stdout_capture_maxbytes=1MB                                          ; number of bytes in 'capturemode' (default 0)
stdout_events_enabled=false                                          ; emit events on stdout writes (default false)

 更新supervisor配置:

 supervisorctl update

 supervisorctl staus

  8、验证,从192.168.112.22ping192.168.112.23上的pods

 二、修改flnnel网络类型

  模型图

        

  1、停止flannel网络

supervisorctl stop flanneld-112-22

  2、删除flannel网络给我们创建的路由

[root@kubectl1 etcd]# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         192.168.112.1   0.0.0.0         UG    100    0        0 ens192
172.7.22.0      0.0.0.0         255.255.255.0   U     0      0        0 docker0
172.7.23.0      192.168.112.23  255.255.255.0   UG    0      0        0 ens192
192.168.112.0   0.0.0.0         255.255.255.0   U     100    0        0 ens192
[root@kubectl1 etcd]# route del -net 172.7.23.0/24 gw 192.168.112.23

  3、配置vxlan模型

cd /opt/etcd
./etcdctl set /coreos.com/network/config  '{"Network": "172.7.0.0/16", "Backend": {"Type": "vxlan"}}'
./etcdctl get /coreos.com/network/config

  4、启动flannel网络

supervisorctl restart flanneld-112-22

  可以发现多了一块网卡,这块网卡就是vxlan用于隧道通信的虚拟网卡:

    

 

posted @ 2021-02-24 14:25  人走茶良  阅读(452)  评论(0编辑  收藏  举报
推荐:华为云