calico ipip 变更 BGP 配置
calico网络 包含 overlay 和 underlay网络
overlay IPIP和VXLAN模式, IPIP可以使用BGP协议, VXLAN不能使用BGP协议, 可以跨网段,建立隧道
underlay BGP模式, 必须同一个C网
1、修改ippool,需要把ipipMode从Always修改成为Never(执行下面命令修改ipipMode)
[root@k8s-master1 target]# calicoctl get ippool default-ipv4-ippool -o yaml
[root@k8s-master-01 ~]# calicoctl get ippool default-ipv4-ippool -o yaml > ippool.yaml
apiVersion: projectcalico.org/v3
kind: IPPool
metadata:
creationTimestamp: "2022-06-15T01:37:22Z"
name: default-ipv4-ippool
resourceVersion: "906"
uid: c56b271d-6837-4087-90e5-879b9c033b55
spec:
allowedUses:
- Workload
- Tunnel
blockSize: 26
cidr: 192.168.0.0/16
ipipMode: Always
natOutgoing: true
nodeSelector: all()
vxlanMode: Never
#修改ippool.yaml 文件ipipmode: Always为 Never
[root@k8s-master-01 ~]# calicoctl apply -f ippool.yaml
1、修改ippool,需要把ipipMode从Always修改成为Never(执行下面命令修改ipipMode)
[root@k8s-master-01 ~]# calicoctl get ippool -o wide
NAME CIDR NAT IPIPMODE VXLANMODE ISABLED DISABLEBGPEXPORT SELECTOR
default-ipv4-ippool 192.168.0.0/16 true Never Never false false all()
2. 关闭 ipip模式, 定义asnumber 自治网络号
cat << EOF | calicoctl create -f - apiVersion: projectcalico.org/v3 kind: BGPConfiguration metadata: name: default spec: logSeverityScreen: Info nodeToNodeMeshEnabled: false asNumber: 64512 EOF
3. 指定反射器地址
cat << EOF | calicoctl create -f - apiVersion: projectcalico.org/v3 kind: BGPPeer metadata: name: bgppeer-global-55 spec: peerIP: 192.168.15.1 asNumber: 64512 EOF
交换机配置
Calico 关闭 natOutgoing 配置
在 Dubbo 应用生产容器化过程中,生产环境 Zookeeper 对单个 IP 连接限制数比节点上 Pod 数小,导致节点上容器里的 Dubbo 应用经常会出现连接 Zookeeper 被拒绝的问题。再因为容器网络和物理网络已经打通,通过 calico 配置 natOutgoing 参数为 false,
[root@master1 ~]# kubectl edit ippool default-ipv4-ippool -o yaml
apiVersion: crd.projectcalico.org/v1 kind: IPPool metadata: name: default-ipv4-ippool spec: blockSize: 26 cidr: 192.168.56.0/24 ipipMode: Never natOutgoing: false nodeSelector: all() vxlanMode: Never
参考:
https://blog.csdn.net/M2l0ZgSsVc7r69eFdTj/article/details/106561069
https://www.cnblogs.com/dengcongcong/p/7066894.html
