[root@k8s-master src]# wget https://github.com/coreos/flannel/releases/download/v0.9.1/flannel-v0.9.1-linux-amd64.tar.gz

[root@k8s-master src]# tar xf flannel-v0.9.1-linux-amd64.tar.gz

[root@k8s-master src]# scp flanneld mk-docker-opts.sh k8s-node01:/opt/kubernetes/bin/
flanneld 100% 33MB 134.8MB/s 00:00
mk-docker-opts.sh 100% 2139 3.9MB/s 00:00
[root@k8s-master src]# scp flanneld mk-docker-opts.sh k8s-node02:/opt/kubernetes/bin/
flanneld 100% 33MB 140.6MB/s 00:00
mk-docker-opts.sh 100% 2139 76.1KB/s 00:00

############

配置Flannel之前,先用etcd给Flannel分配网段

[root@k8s-master ssl]# /opt/kubernetes/bin/etcdctl --ca-file=ca.pem --cert-file=server.pem --key-file=server-key.pem --endpoints="https://192.168.56.243:2379,https://192.168.56.244:2379,https://192.168.56.245:2379" set /coreos.com/network/config '{ "Network": "172.17.0.0/16", "Backend": {"Type": "vxlan"}}'

{ "Network": "172.17.0.0/16", "Backend": {"Type": "vxlan"}}

[root@k8s-master ssl]# /opt/kubernetes/bin/etcdctl --ca-file=ca.pem --cert-file=server.pem --key-file=server-key.pem --endpoints="https://192.168.56.243:2379,https://192.168.56.244:2379,https://192.168.56.245:2379" get /coreos.com/network/config

{ "Network": "172.17.0.0/16", "Backend": {"Type": "vxlan"}}
[root@k8s-master ssl]# /opt/kubernetes/bin/etcdctl --ca-file=ca.pem --cert-file=server.pem --key-file=server-key.pem --endpoints="https://192.168.56.243:2379,https://192.168.56.244:2379,https://192.168.56.245:2379" ls /coreos.com/network/subnets

/coreos.com/network/subnets/172.17.7.0-

/coreos.com/network/subnets/172.17.9.0-
[root@k8s-master ssl]# /opt/kubernetes/bin/etcdctl --ca-file=ca.pem --cert-file=server.pem --key-file=server-key.pem --endpoints="https://192.168.56.243:2379,https://192.168.56.244:2379,https://192.168.56.245:2379" get /coreos.com/network/subnets/172.17.7.0-

{"PublicIP":"192.168.56.245","BackendType":"vxlan","BackendData":{"VtepMAC":"d2:ba:51:66:61:9f"}}

[root@k8s-master ssl]# /opt/kubernetes/bin/etcdctl --ca-file=ca.pem --cert-file=server.pem --key-file=server-key.pem --endpoints="https://192.168.56.243:2379,https://192.168.56.244:2379,https://192.168.56.245:2379" get /coreos.com/network/subnets/172.17.9.0-

{"PublicIP":"192.168.56.244","BackendType":"vxlan","BackendData":{"VtepMAC":"d2:cd:86:e7:54:7c"}}

##############flannel配置脚本

#!/bin/bash

ETCD_ENDPOINTS=${:-"http://127.0.0.1:2379"}

cat <<EOF >/opt/kubernetes/cfg/flanneld

FLANNEL_OPTIONS="--etcd-endpoints=${ETCD_ENDPOINTS} \

-etcd-cafile=/opt/kubernetes/ssl/ca.pem \

-etcd-certfile=/opt/kubernetes/ssl/server.pem \

-etcd-keyfile=/opt/kubernetes/ssl/server-key.pem"

EOF

cat <<EOF >/usr/lib/systemd/system/flanneld.service

[Unit]

Description=Flanneld overlay address etcd agent

After=network-online.target network.target

Before=docker.service

[Service]

Type=notify

EnvironmentFile=/opt/kubernetes/cfg/flanneld

ExecStart=/opt/kubernetes/bin/flanneld --ip-masq \$FLANNEL_OPTIONS

ExecStartPost=/opt/kubernetes/bin/mk-docker-opts.sh -k DOCKER_NETWORK_OPTIONS -d /run/flannel/subnet.env

Restart=on-failure

[Install]

WantedBy=multi-user.target

EOF

cat <<EOF >/usr/lib/systemd/system/docker.service

[Unit]

Description=Docker Application Container Engine

Documentation=https://docs.docker.com

After=network-online.target firewalld.service

Wants=network-online.target

[Service]

Type=notify

EnvironmentFile=/run/flannel/subnet.env

ExecStart=/usr/bin/dockerd  \$DOCKER_NETWORK_OPTIONS

ExecReload=/bin/kill -s HUP \$MAINPID

LimitNOFILE=infinity

LimitNPROC=infinity

LimitCORE=infinity

TimeoutStartSec=

Delegate=yes

KillMode=process

Restart=on-failure

StartLimitBurst=

StartLimitInterval=60s

[Install]

WantedBy=multi-user.target

EOF

systemctl daemon-reload

systemctl enable flanneld

systemctl restart flanneld

systemctl restart docker

把配置脚本发送到节点上:

[root@k8s-master src]# scp flannel.sh k8s-node01:/usr/local/src/
flannel.sh 100% 1461 2.8MB/s 00:00
[root@k8s-master src]# scp flannel.sh k8s-node02:/usr/local/src/

[root@k8s-node01 ssl]# cd /usr/local/src/

[root@k8s-node01 src]# ll

total

-rw-r--r--  root root  May  : flannel.sh

[root@k8s-node01 src]# sh flannel.sh

Created symlink from /etc/systemd/system/multi-user.target.wants/flanneld.service to /usr/lib/systemd/system/flanneld.service.

[root@k8s-node01 src]# systemctl start flanneld

[root@k8s-node01 src]# ip add

: lo: <LOOPBACK,UP,LOWER_UP> mtu  qdisc noqueue state UNKNOWN group default qlen

    link/loopback ::::: brd :::::

    inet 127.0.0.1/ scope host lo

       valid_lft forever preferred_lft forever

    inet6 ::/ scope host

       valid_lft forever preferred_lft forever

: ens192: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu  qdisc mq state UP group default qlen

    link/ether ::::8f:f2 brd ff:ff:ff:ff:ff:ff

    inet 192.168.56.244/ brd 192.168.56.255 scope global noprefixroute ens192

       valid_lft forever preferred_lft forever

    inet6 fe80:::56ff:fe98:8ff2/ scope link

       valid_lft forever preferred_lft forever

: flannel.: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu  qdisc noqueue state UNKNOWN group default

    link/ether d2:cd::e7::7c brd ff:ff:ff:ff:ff:ff

    inet 172.17.9.0/ scope global flannel.

       valid_lft forever preferred_lft forever

    inet6 fe80::d0cd:86ff:fee7:547c/ scope link

       valid_lft forever preferred_lft forever

: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu  qdisc noqueue state DOWN group default

    link/ether ::8f:ae:d2: brd ff:ff:ff:ff:ff:ff

    inet 172.17.9.1/ brd 172.17.9.255 scope global docker0

       valid_lft forever preferred_lft forever
[root@k8s-node02 cfg]# cd /usr/local/src/

[root@k8s-node02 src]# sh flannel.sh

Created symlink from /etc/systemd/system/multi-user.target.wants/flanneld.service to /usr/lib/systemd/system/flanneld.service.

[root@k8s-node02 src]# ip add

: lo: <LOOPBACK,UP,LOWER_UP> mtu  qdisc noqueue state UNKNOWN group default qlen

    link/loopback ::::: brd :::::

    inet 127.0.0.1/ scope host lo

       valid_lft forever preferred_lft forever

    inet6 ::/ scope host

       valid_lft forever preferred_lft forever

: ens192: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu  qdisc mq state UP group default qlen

    link/ether ::::a5: brd ff:ff:ff:ff:ff:ff

    inet 192.168.56.245/ brd 192.168.56.255 scope global noprefixroute ens192

       valid_lft forever preferred_lft forever

    inet6 fe80:::56ff:fe98:a502/ scope link

       valid_lft forever preferred_lft forever

: flannel.: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu  qdisc noqueue state UNKNOWN group default

    link/ether d2:ba::::9f brd ff:ff:ff:ff:ff:ff

    inet 172.17.7.0/ scope global flannel.

       valid_lft forever preferred_lft forever

    inet6 fe80::d0ba:51ff:fe66:619f/ scope link

       valid_lft forever preferred_lft forever

: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu  qdisc noqueue state DOWN group default

    link/ether ::b1:6c:a6:c9 brd ff:ff:ff:ff:ff:ff

    inet 172.17.7.1/ brd 172.17.7.255 scope global docker0

       valid_lft forever preferred_lft forever

k8s-flannel容器集群网络部署的更多相关文章

  1. K8s 从懵圈到熟练 – 集群网络详解

    作者 | 声东 阿里云售后技术专家 导读:阿里云 K8S 集群网络目前有两种方案:一种是 flannel 方案:另外一种是基于 calico 和弹性网卡 eni 的 terway 方案.Terway ...

  2. 036.集群网络-K8S网络模型及Linux基础网络

    一 Kubernetes网络模型概述 1.1 Kubernetes网络模型 Kubernetes网络模型设计的一个基础原则是:每个Pod都拥有一个独立的IP地址,并假定所有Pod都在一个可以直接连通的 ...

  3. k8s与CICD--借助scp插件实现非容器项目的部署

    一直没有时间完成drone系列文章.drone-wechat插件实现了一半,由于企业微信token申请比较麻烦,所以也没有进展.今天抽出时间,研究了一下scp插件,主要目的是实现非容器项目的部署.其实 ...

  4. K8S学习笔记之二进制部署Kubernetes v1.13.4 高可用集群

    0x00 概述 本次采用二进制文件方式部署,本文过程写成了更详细更多可选方案的ansible部署方案 https://github.com/zhangguanzhang/Kubernetes-ansi ...

  5. Kubernetes 从懵圈到熟练 – 集群网络详解(转)

    阿里云K8S集群网络目前有两种方案,一种是flannel方案,另外一种是基于calico和弹性网卡eni的terway方案.Terway和flannel类似,不同的地方在于,terway支持Pod弹性 ...

  6. k8s之有状态服务部署基石(基础知识)

    PV&PVC&HeadlessService 4.1.什么是无状态/有状态服务? 无状态服务: 1.没有实时的数据需要存储 (即使有,也是静态数据) 2.服务集群网络中,拿掉一个服务后 ...

  7. 云K8S - AWS容器库ECR(ERS)编排ECS-EKS以及阿里云编排ACS-ACK

    云K8S相关 AWS 部分-ECR(ERS) ECS EKS 20180824 Chenxin AWS的容器编排目前分为 ECS 和 EKS 两种. AWS价格说明 Fargate模式的ECS,换算成 ...

  8. k8s记录-etcd集群部署(三)

    https://blog.csdn.net/fy_long/article/details/86542872 1)程序准备tar xvf etcd-v3.3.11-linux-amd64.tar.gz ...

  9. Ceph集群网络切换

    背景:需要对已部署好的Ceph集群切换网络,包含包含公共网络和集群网络 1 关闭所有mon节点的mon服务并修改服务器IP systemctl stop ceph-mon@storage01.serv ...

随机推荐

  1. CocoaAsyncSocket 文档1:Socket简单介绍

    前言 CocoaAsyncSocket是 IOS下广泛应用的Socket三方库,网上相关样例数不胜数.这里我就不直接上代码,本文由B9班的真高兴发表于CSDN博客.另辟一条思路:翻译SocketAsy ...

  2. 电容有什么作用?为什么cpu电源引脚都并联一个电容?

    管理 随笔- 17  文章- 1  评论- 1  电容有什么作用?为什么cpu电源引脚都并联一个电容?   正文: 参考资料:http://blog.sina.com.cn/s/blog_7880d3 ...

  3. Java实现分布式锁方式

    1.数据库乐观锁 2.redis 3.zookeeper

  4. python学习(十)赋值、表达式、if、while、for

    明天以搞定这几个应该不难 赋值.表达式.if.while.for 函数.作用域.参数.函数高级话题 迭代和解析一.二 还有我的<30天自制操作系统>没看 #!/usr/bin/python ...

  5. 编译webrtc for android库与apk

    git clone https://chromium.googlesource.com/chromium/tools/depot_tools.git export PATH=`pwd`/depot_t ...

  6. 手动删除引用nuget如何还原

    1.不小心从项目的引用中删除了nuget安装的程序集; 2.从其他地方复制的packages.config到当前项目; 这两种情况 在解决方案中是无法通过还原nuget来还原程序集的,可以通过以下的方 ...

  7. iOS对象(字典或数组)转化为JSon字符串

    NSMutableDictionary *dictionary = [[NSMutableDictionary alloc] init]; [dictionary setValue:@"he ...

  8. 【BZOJ1604】[Usaco2008 Open]Cow Neighborhoods 奶牛的邻居 Treap+并查集

    [BZOJ1604][Usaco2008 Open]Cow Neighborhoods 奶牛的邻居 Description 了解奶牛们的人都知道,奶牛喜欢成群结队.观察约翰的N(1≤N≤100000) ...

  9. 我的Java开发学习之旅------>求字符串中出现次数最多的字符串以及出现的次数

    金山公司面试题:一个字符串中可能包含a~z中的多个字符,如有重复,如String data="aavzcadfdsfsdhshgWasdfasdf",求出现次数最多的那个字母及次数 ...

  10. 移动App该怎样保存用户password

    版权声明:本文为横云断岭原创文章,未经博主同意不得转载.微信公众号:横云断岭的专栏 https://blog.csdn.net/hengyunabc/article/details/34623957 ...