kuberneets 1.17 安装 calico 3.11
安装之前确认 Requirement
https://docs.projectcalico.org/v3.11/getting-started/kubernetes/requirements
主要在kublet启动时增加参数 --network-plugin=cni
检查环境
https://docs.projectcalico.org/reference/calicoctl/node/checksystem
实际安装过程参考
https://docs.projectcalico.org/v3.11/getting-started/kubernetes/installation/calico
随后安装 calicoctl (注意安装时使用的datastore)
通过 calicoctl 查看ippool 以及 node status (如果默认创建了的话,需要删除)
https://docs.projectcalico.org/v3.11/getting-started/kubernetes/hardway/configure-ip-pools
测试网络环境
https://docs.projectcalico.org/v3.11/getting-started/kubernetes/hardway/test-networking
测试networkpolicy
https://docs.projectcalico.org/v3.11/getting-started/kubernetes/hardway/test-network-policy
问题解决
1. 确保系统参数
vim /etc/sysctl.conf
net.bridge.bridge-nf-call-iptables = 1
net.bridge.bridge-nf-call-ip6tables = 1
net.ipv4.ip_forward = 1
vm.swappiness = 0
vm.overcommit_memory = 1
vm.panic_on_oom = 0
fs.inotify.max_user_watches = 89100
sysctl -p /etc/sysctl.conf
错误 '/proc/sys/net/bridge': No such file or directory
执行 modprobe br_netfilter
参考链接
https://mritd.me/2017/07/31/calico-yml-bug/
https://www.jianshu.com/p/5e9e2e5312d9
https://www.kubernetes.org.cn/4960.html
