K8S基础环境四联:
(一)ETCD集群部署
(二)安装配置 Flannel Docker
(三)手工部署kubernetes-1.17.0
(四)K8S之HelloWorld
安装配置 Flannel(基于Etcd集群,点击查看)
前置说明
所有docker宿主机上都需要进行 flannel 配置,flanneld 为每个docker宿主机上的systemd服务。
flannel 的安装非常简单,直接下载二进制文件即可(当然您也可以自己编译)
打开网址 https://github.com/coreos/flannel/releases 下载最新版对应的架构的版本,一般使用 amd64(我的CentOS 7.6)
比如我的下载地址为: https://github.com/coreos/flannel/releases/download/v0.11.0/flannel-v0.11.0-linux-amd64.tar.gz
安装配置
然后一顿命令操作如下:
wget https://github.com/coreos/flannel/releases/download/v0.11.0/flannel-v0.11.0-linux-amd64.tar.gz
tar -zxvf flannel-v0.11.0-linux-amd64.tar.gz
记下文件的位置,例如(/opt/soft/flannel/flanneld)
添加一个flannel服务的System单元,简单的就可以。
#编辑文件
vi /usr/lib/systemd/system/flanneld.service
# 内容如下
[Unit]
Description=Flanneld overlay address etcd agent
After=network-online.target network.target
Before=docker.service
[Service]
Type=notify
EnvironmentFile=/etc/default/flanneld.conf
ExecStart=/opt/soft/flannel/flanneld -ip-masq -etcd-endpoints=${FLANNEL_ETCD_ENDPOINTS} -etcd-prefix=${FLANNEL_ETCD_PREFIX} $FLANNEL_OPTIONS
ExecStartPost=/opt/soft/flannel/mk-docker-opts.sh -k DOCKER_NETWORK_OPTIONS -d /etc/default/docker
Restart=on-failure
[Install]
WantedBy=multi-user.target
flanneld.service 中引用了1个配置文件,指向了1个配置,的内容如下(一个需要手工配置,一个是自动生成)
/etc/default/flanneld.conf 文件内容(手工配置)
# Flanneld configuration options
# etcd url location. Point this to the server where etcd runs
#FLANNEL_ETCD_ENDPOINTS="http://etcd.goodcol.com:2379"
FLANNEL_ETCD_ENDPOINTS="https://192.168.1.54:2379,https://192.168.1.65:2379,https://192.168.1.105:2379"
# etcd config key. This is the configuration key that flannel queries
# For address range assignment
FLANNEL_ETCD_PREFIX="/flannel/network"
# Any additional options that you want to pass
FLANNEL_OPTIONS="-etcd-cafile=/opt/soft/etcd/ssl/ca.pem -etcd-keyfile=/opt/soft/etcd/ssl/server-key.pem -etcd-certfile=/opt/soft/etcd/ssl/server.pem"
然后编辑文件 vim /usr/lib/systemd/system/docker.service
找到 ExecStart,在前面添加一行 EnvironmentFile=/etc/default/docker
然后在 ExecStart 最后添加变量 $DOCKER_NETWORK_OPTIONS (注意其他的参数应该是docker在之前相关需要中添加的,你不要动,这个地方只需要添加这个即可)
示例如下(其中--graph设置Docker运行时根目录,如果你想单独指定数据位置才配置):
(省略前面代码)
EnvironmentFile=/etc/default/docker
ExecStart=/usr/bin/dockerd --graph=/opt/soft/docker -H fd:// --containerd=/run/containerd/containerd.sock $DOCKER_NETWORK_OPTIONS
(省略后面代码)
执行命令
touch /etc/default/docker
一切就绪后,重启flannel和docker
systemctl daemon-reload
systemctl start flanneld
systemctl enable flanneld
systemctl restart docker
同上操作在其他docker宿主机上进行 flannel 配置。
验证
1、查看 flannel 申请的网段,操作示例如下:
ETCDCTL_API=2 /opt/soft/etcd/etcdctl \
--endpoints="https://192.168.1.54:2379,https://192.168.1.65:2379,https://192.168.1.105:2379" \
--ca-file=ssl/ca.pem \
--key-file=ssl/server-key.pem \
--cert-file=ssl/server.pem \
ls /flannel/network/subnets
2、在每个 flannel 宿主机上,使用 cat /run/flannel/subnet.env 查看网段信息,自动生成的内容如下:
[root@host02 etcd]# cat /run/flannel/subnet.env
FLANNEL_NETWORK=10.244.0.0/16
FLANNEL_SUBNET=10.244.21.1/24
FLANNEL_MTU=1450
FLANNEL_IPMASQ=true
3、在每个 flannel 宿主机上,使用 cat /etc/default/docker 查看自动生成的 docker 的启动参数信息,自动生成的内容如下:
[root@host02 etcd]# cat /etc/default/docker
DOCKER_OPT_BIP="--bip=10.244.21.1/24"
DOCKER_OPT_IPMASQ="--ip-masq=false"
DOCKER_OPT_MTU="--mtu=1450"
DOCKER_NETWORK_OPTIONS=" --bip=10.244.21.1/24 --ip-masq=false --mtu=1450"
4、在 flannel 宿主机上使用命令 ifconfig 查看 flannel0 和 docker0 网卡的IP网址在同一个子网,并且和文件 /etc/default/docker 中的子网也一致,即为OK,如下示例:
docker0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
inet 10.244.21.1 netmask 255.255.255.0 broadcast 10.244.21.255
inet6 fe80::42:38ff:fe0a:39a2 prefixlen 64 scopeid 0x20<link>
ether 02:42:38:0a:39:a2 txqueuelen 0 (Ethernet)
RX packets 24 bytes 5294 (5.1 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 53 bytes 6379 (6.2 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.1.65 netmask 255.255.255.0 broadcast 192.168.1.255
inet6 fe80::fe5d:7f87:1b5:2290 prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:85:c6:57 txqueuelen 1000 (Ethernet)
RX packets 144773824 bytes 50608795240 (47.1 GiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 141257989 bytes 76184941003 (70.9 GiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
flannel.1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1450
inet 10.244.21.0 netmask 255.255.255.255 broadcast 0.0.0.0
inet6 fe80::80ea:28ff:fecb:a9af prefixlen 64 scopeid 0x20<link>
ether 82:ea:28:cb:a9:af txqueuelen 0 (Ethernet)
RX packets 670 bytes 43380 (42.3 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 774 bytes 62322 (60.8 KiB)
TX errors 0 dropped 48 overruns 0 carrier 0 collisions 0
如果网络不对,可能是上面操作不当导致,按如下命令操作重启服务一遍
systemctl daemon-reload
systemctl restart flanneld
systemctl enable flanneld
systemctl restart docker
查看具体 docker 容器的IP地址的命令为 docker inspect --format='{{.NetworkSettings.IPAddress}}' ID或NAMES,或者直接 docker inspect ID或NAMES 看详细信息。
在不同的 flannel 宿主机上,分别随便启动一个docker服务,在一个docker中ping另外一个docker的IP地址,即可进行验证,如果你 docker 有http服务,使用 curl 命令请求测试也一样。
(END)