059、安装配置flannel(2019-03-28 周四)
build flannel
flannel 没哟现成的执行文件可用,必须自己build,最可靠的方法是在 Docker 容器中build。不过用于做build的docker镜像托管在 gcr.io ,国内可能无法直接访问,为了方便实验,老师已经将他mirror 到了docker hub中,构建步骤如下
# 1、下载并重命名image
docker pull cloudman6/kube-cross:v1.6.2-2
docker tag cloudman6/kube-cross:v1.6.2-2 gcr.io/google_containers/kube-cross:v1.6.2-2
# 2、下载flannel源码
git clone https://github.com/coreos/flannel.git
# 3、开始构建
apt-get install zip
apt-get install make
apt-get install make-guile
cd flannel
make dist/flanneld-amd64
# 4、将flanneld执行文件拷贝到 host1 和 host2 上
scp dist/flanneld-amd64 10.12.31.211:/usr/local/bin/flanneld
scp dist/flanneld-amd64 10.12.31.212:/usr/local/bin/flanneld
# 5、将flannel网络的配置信息保存到etcd中
[root@docker-machine ~]# cat flannel-config.json
{
"Network": "10.2.0.0/16", # 定义该flannel网络的IP池
"SubnetLen": 24, # 指定每个host分配到的subnet大小为24位,即 10.2.x.0/24
"Backend": {
"Type": "vxlan" # backend为vxlan
}
}
# /docker-test/network/config 是etcd数据项的key,flannel-config.json的内容是etcd数据项的 value
[root@docker-machine ~]# etcdctl --endpoints=10.12.31.213:2379 set /docker-test/network/config < flannel-config.json
{
"Network": "10.2.0.0/16",
"SubnetLen": 24,
"Backend": {
"Type": "vxlan"
}
}
[root@docker-machine ~]# etcdctl --endpoints=10.12.31.213:2379 get /docker-test/network/config
{
"Network": "10.2.0.0/16",
"SubnetLen": 24,
"Backend": {
"Type": "vxlan"
}
}
# 6、在host上启动flannel
root@host1:~# flanneld-amd64 -etcd-endpoints=http://10.12.31.213:2379 -iface=ens160 -etcd-prefix=/docker-test/network &
I0329 23:15:03.568863 4615 main.go:529] Using interface with name ens160 and address 10.12.31.211
I0329 23:15:03.568916 4615 main.go:546] Defaulting external address to interface address (10.12.31.211)
I0329 23:15:03.569029 4615 main.go:244] Created subnet manager: Etcd Local Manager with Previous Subnet: 10.2.46.0/24
I0329 23:15:03.569051 4615 main.go:247] Installing signal handlers
I0329 23:15:03.570648 4615 main.go:388] Found network config - Backend type: vxlan
I0329 23:15:03.570718 4615 vxlan.go:120] VXLAN config: VNI=1 Port=0 GBP=false DirectRouting=false
I0329 23:15:03.598548 4615 local_manager.go:147] Found lease (10.2.46.0/24) for current IP (10.12.31.211), reusing
I0329 23:15:03.622441 4615 main.go:311] Changing default FORWARD chain policy to ACCEPT
I0329 23:15:03.622590 4615 main.go:319] Wrote subnet file to /run/flannel/subnet.env
I0329 23:15:03.622621 4615 main.go:323] Running backend.
I0329 23:15:03.622734 4615 vxlan_network.go:60] watching for new subnet leases
I0329 23:15:03.651253 4615 main.go:431] Waiting for 22h59m59.996415542s to renew lease
root@host1:~# ip addr show flannel.1
9: flannel.1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc noqueue state UNKNOWN group default
link/ether 0e:38:3f:4c:d5:02 brd ff:ff:ff:ff:ff:ff
inet 10.2.46.0/32 scope global flannel.1
valid_lft forever preferred_lft forever
inet6 fe80::c38:3fff:fe4c:d502/64 scope link
valid_lft forever preferred_lft forever
root@host1:~# ip route
default via 10.12.28.6 dev ens160 onlink
10.2.1.0/24 via 10.2.1.0 dev flannel.1 onlink
10.12.28.0/22 dev ens160 proto kernel scope link src 10.12.31.211
172.17.0.0/16 dev docker0 proto kernel scope link src 172.17.0.1 linkdown
172.22.0.0/16 via 10.12.28.1 dev ens160
root@host2:~# flanneld-amd64 -etcd-endpoints=http://10.12.31.213:2379 -iface=ens160 -etcd-prefix=/docker-test/network &
I0329 23:14:58.702967 2452 main.go:529] Using interface with name ens160 and address 10.12.31.212
I0329 23:14:58.703079 2452 main.go:546] Defaulting external address to interface address (10.12.31.212)
I0329 23:14:58.703267 2452 main.go:244] Created subnet manager: Etcd Local Manager with Previous Subnet: 10.2.1.0/24
I0329 23:14:58.703295 2452 main.go:247] Installing signal handlers
I0329 23:14:58.705106 2452 main.go:388] Found network config - Backend type: vxlan
I0329 23:14:58.705156 2452 vxlan.go:120] VXLAN config: VNI=1 Port=0 GBP=false DirectRouting=false
I0329 23:14:58.729435 2452 local_manager.go:147] Found lease (10.2.1.0/24) for current IP (10.12.31.212), reusing
I0329 23:14:58.741472 2452 main.go:311] Changing default FORWARD chain policy to ACCEPT
I0329 23:14:58.741672 2452 main.go:319] Wrote subnet file to /run/flannel/subnet.env
I0329 23:14:58.741697 2452 main.go:323] Running backend.
I0329 23:14:58.741761 2452 vxlan_network.go:60] watching for new subnet leases
I0329 23:14:58.757628 2452 main.go:431] Waiting for 22h59m59.965049243s to renew lease
root@host2:~# ip addr show flannel.1
9: flannel.1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc noqueue state UNKNOWN group default
link/ether 56:42:ec:d7:7d:7d brd ff:ff:ff:ff:ff:ff
inet 10.2.1.0/32 scope global flannel.1
valid_lft forever preferred_lft forever
inet6 fe80::5442:ecff:fed7:7d7d/64 scope link
valid_lft forever preferred_lft forever
root@host2:~# ip route
default via 10.12.28.6 dev ens160 onlink
10.2.46.0/24 via 10.2.46.0 dev flannel.1 onlink
10.12.28.0/22 dev ens160 proto kernel scope link src 10.12.31.212
172.17.0.0/16 dev docker0 proto kernel scope link src 172.17.0.1 linkdown
172.22.0.0/16 via 10.12.28.1 dev ens160
etcd库查询方法:
[root@docker-machine ~]# etcdctl --endpoints=10.12.31.213:2379 ls
/docker-test
/foo
[root@docker-machine ~]# etcdctl --endpoints=10.12.31.213:2379 ls /docker-test
/docker-test/network
[root@docker-machine ~]# etcdctl --endpoints=10.12.31.213:2379 ls /docker-test/network
/docker-test/network/config
/docker-test/network/subnets
[root@docker-machine ~]# etcdctl --endpoints=10.12.31.213:2379 ls /docker-test/network/config
/docker-test/network/config
[root@docker-machine ~]# etcdctl --endpoints=10.12.31.213:2379 get /docker-test/network/config
{
"Network": "10.2.0.0/16",
"SubnetLen": 24,
"Backend": {
"Type": "vxlan"
}
}
[root@docker-machine ~]# etcdctl --endpoints=10.12.31.213:2379 get /docker-test/network/subnets
/docker-test/network/subnets: is a directory
[root@docker-machine ~]# etcdctl --endpoints=10.12.31.213:2379 ls /docker-test/network/subnets
/docker-test/network/subnets/10.2.46.0-24
/docker-test/network/subnets/10.2.1.0-24
[root@docker-machine ~]# etcdctl --endpoints=10.12.31.213:2379 get /docker-test/network/subnets/10.2.46.0-24
{"PublicIP":"10.12.31.211","BackendType":"vxlan","BackendData":{"VtepMAC":"66:2b:a5:56:0d:c6"}}
[root@docker-machine ~]# etcdctl --endpoints=10.12.31.213:2379 get /docker-test/network/subnets/10.2.1.0-24
{"PublicIP":"10.12.31.212","BackendType":"vxlan","BackendData":{"VtepMAC":"8a:8c:b5:42:47:40"}}