|NO.Z.00060|——————————|^^ 部署 ^^|——|KuberNetes&二进制部署.V13|3台Server|——|kubernetes组件|calico|

一、部署calico:calico组件说明
### --- calico官网

~~~     https://docs.projectcalico.org/maintenance/kubernetes-upgrade#upgrading-an-installation-that-uses-the-kubernetes-api-datastore
### --- calico安装手册

~~~     https://docs.projectcalico.org/getting-started/kubernetes/self-managed-onprem/onpremises
### --- calico安装方式有两种:

~~~     第一种:通过etcd直连的
~~~     第二种:通过aliserver连接etcd,就是通过apiserver中继了一个过程:
~~~     第二种:方案一:少于50个节点
~~~     第二种:方案二:大于50个节点;多了一个管理的容器
### --- calico安装选择方式

~~~     apiserver方式:官网建议使用apiserver连接的方式安装calico,方式比较简单;无需任何配置,直接运行即可
~~~     etcd的方式:把etcd的证书和节点的IP地址配置进去即可
~~~     使用apiserver连接的方式连接的etcd,若是当etcd全部都挂掉,会导致每个宿主机上的容器不通;在虚拟化环境下:openstack环境。在物理节点是没有任何问题的。
~~~     etcd直连的方式,对apiserver的并发要求会少一点
~~~     # calico所在节点和kubelet并行的去升级,这样就不会出现2次节点下线,pod漂移的情况
二、部署calico:以下步骤只在master01执行
### --- 进入calico安装目录下

[root@k8s-master01 ~]# cd /root/k8s-ha-install/calico/
### --- 修改calico-etcd.yaml配置参数

[root@k8s-master01 calico]# sed -i 's#etcd_endpoints: "http://<ETCD_IP>:<ETCD_PORT>"#etcd_endpoints: "https://192.168.1.11:2379,https://192.168.1.14:2379,https://192.168.1.15:2379"#g' calico-etcd.yaml
RT=`cat /etc/kubernetes/pki/etcd/etcd.pem | base64 | tr -d '\n'`
ETCD_KEY=`cat /etc/kubernetes/pki/etcd/etcd-key.pem | base64 | tr -d '\n'`
sed -i "s@# etcd-key: null@etcd-key: ${ETCD_KEY}@g; s@# etcd-cert: null@etcd-cert: ${ETCD_CERT}@g; s@# etcd-ca: null@etcd-ca: ${ETCD_CA}@g" calico-etcd.yaml
sed -i 's#etcd_ca: ""#etcd_ca: "/calico-secrets/etcd-ca"#g; s#etcd_cert: ""#etcd_cert: "/calico-secrets/etcd-cert"#g; s#etcd_key: "" #etcd_key: "/calico-secrets/etcd-key" #g' calico-etcd.yaml
[root@k8s-master01 calico]# ETCD_CA=`cat /etc/kubernetes/pki/etcd/etcd-ca.pem | base64 | tr -d '\n'`
[root@k8s-master01 calico]# ETCD_CERT=`cat /etc/kubernetes/pki/etcd/etcd.pem | base64 | tr -d '\n'`
[root@k8s-master01 calico]# ETCD_KEY=`cat /etc/kubernetes/pki/etcd/etcd-key.pem | base64 | tr -d '\n'`
[root@k8s-master01 calico]# sed -i "s@# etcd-key: null@etcd-key: ${ETCD_KEY}@g; s@# etcd-cert: null@etcd-cert: ${ETCD_CERT}@g; s@# etcd-ca: null@etcd-ca: ${ETCD_CA}@g" calico-etcd.yaml
[root@k8s-master01 calico]# sed -i 's#etcd_ca: ""#etcd_ca: "/calico-secrets/etcd-ca"#g; s#etcd_cert: ""#etcd_cert: "/calico-secrets/etcd-cert"#g; s#etcd_key: "" #etcd_key: "/calico-secrets/etcd-key" #g' calico-etcd.yaml
### --- 将calico下pod的网段设置成自定义的网段
~~~     # 定义calico网段地址
~~~     注:注意下面的这个步骤是把calico-etcd.yaml文件里面的CALICO_IPV4POOL_CIDR下的网段改成自己的Pod网段,也就是把192.168.x.x/16改成自己的集群网段,并打开注释:
~~~     注:所以更改的时候请确保这个步骤的这个网段没有被统一替换掉,如果被替换掉了,还请改回来:

[root@k8s-master01 calico]# POD_SUBNET="172.16.0.0/12"
### --- 修改pod的网段
[root@k8s-master01 calico]# sed -i 's@# - name: CALICO_IPV4POOL_CIDR@- name: CALICO_IPV4POOL_CIDR@g; s@#   value: "192.168.0.0/16"@  value: '"${POD_SUBNET}"'@g' calico-etcd.yaml

### --- 查看pod网段
[root@k8s-master01 calico]# vim calico-etcd.yaml 
            - name: CALICO_IPV4POOL_CIDR
              value: 172.16.0.0/12                      # 更改后的结果
### --- 创建calico

[root@k8s-master01 calico]# kubectl apply -f calico-etcd.yaml
~~~     注:输出结果
secret/calico-etcd-secrets created
configmap/calico-config created
clusterrole.rbac.authorization.k8s.io/calico-kube-controllers created
clusterrolebinding.rbac.authorization.k8s.io/calico-kube-controllers created
clusterrole.rbac.authorization.k8s.io/calico-node created
clusterrolebinding.rbac.authorization.k8s.io/calico-node created
daemonset.apps/calico-node created
serviceaccount/calico-node created
deployment.apps/calico-kube-controllers created
serviceaccount/calico-kube-controllers created
三、查看服务状态
### --- 查看容器状态
~~~     查看calico状态

[root@k8s-master01 calico]# kubectl  get po -n kube-system
NAME                                       READY   STATUS    RESTARTS   AGE
calico-kube-controllers-5f6d4b864b-lmxz4   1/1     Running   0          2m58s
calico-node-8pcrk                          1/1     Running   0          2m58s
calico-node-99xlf                          1/1     Running   0          2m58s
calico-node-bngjb                          1/1     Running   1          2m58s
### --- 查看node状态,可以正常获取到node数据
~~~     状态变为Ready,正常状态

[root@k8s-master01 calico]# kubectl get node                           
NAME           STATUS   ROLES    AGE   VERSION
k8s-master01   Ready    <none>   82m   v1.20.0
k8s-node01     Ready    <none>   81m   v1.20.0
k8s-node02     Ready    <none>   81m   v1.20.0
### --- 查看日志信息,没有报错信息了

[root@k8s-master01 calico]# tail -f /var/log/messages
 
 
 
 
 
 
 
 
 
Walter Savage Landor:strove with none,for none was worth my strife.Nature I loved and, next to Nature, Art:I warm'd both hands before the fire of life.It sinks, and I am ready to depart
                                                                                                                                                   ——W.S.Landor
 

 

posted on   yanqi_vip  阅读(54)  评论(0编辑  收藏  举报

相关博文:
·  |NO.Z.00036|——————————|^^ 部署 ^^|——|KuberNetes&二进制部署.V14|5台Server|——|kubernetes组件|calico|
·  |NO.Z.00082|——————————|^^ 部署 ^^|——|KuberNetes&kubeadm.V11|5台Server|——|kubernetes组件|calico|
·  部署calico网络插件
·  3.部署kubernetes 网络组件
·  k8s集群部署初体验
阅读排行:
· TypeScript + Deepseek 打造卜卦网站:技术与玄学的结合
· Manus的开源复刻OpenManus初探
· AI 智能体引爆开源社区「GitHub 热点速览」
· 三行代码完成国际化适配,妙~啊~
· .NET Core 中如何实现缓存的预热?
< 2025年3月 >
23 24 25 26 27 28 1
2 3 4 5 6 7 8
9 10 11 12 13 14 15
16 17 18 19 20 21 22
23 24 25 26 27 28 29
30 31 1 2 3 4 5

导航

统计

点击右上角即可分享
微信分享提示
SQL AI 助手