zoukankan html css js c++ java

kubernetes集群网络插件

kubernetes集群网络插件
- 一、kubernetes集群网络插件
  - 1.1.1 kubernetes集群网络插件

一、kubernetes集群网络插件

1.1.1 kubernetes集群网络插件

1 .kubernetes集群网络插件介绍

kubernetes设计了网络模型，但却将它的实现交给了网络插件，CNI网络插件最主要的功能就是实现POD资源能够跨主机进行通讯。常见的CNI网络插件：

Flannel
Calico
Canal
Contiv
OpenContrail
NSX-T
Kube-router

Flanel 网络插件安装

主机	角色	ip
hdss-21	Flanel	10.0.0.21
hdss-22	Flanel	10.0.0.22

下载地址：https://github.com/coreos/flannel/releases
[root@hdss-21.host.com ~]# cd /opt/src/
[root@hdss-21.host.com /opt/src]# ll
total 452336
-rw-r--r-- 1 root root   9850227 Apr 27 14:37 etcd-v3.1.20-linux-amd64.tar.gz
-rw-r--r-- 1 root root   9565743 Apr 27 13:57 flannel-v0.11.0-linux-amd64.tar.gz
-rw-r--r-- 1 root root 443770238 Apr 27 14:44 kubernetes-server-linux-amd64-v1.15.2.tar.gz

[root@hdss-21.host.com /opt/src]# mkdir /opt/flannel-v0.11.0
[root@hdss-21.host.com /opt/src]# tar zxf flannel-v0.11.0-linux-amd64.tar.gz -C /opt/flannel-v0.11.0/
[root@hdss-21.host.com /opt/src]# ll /opt/flannel-v0.11.0/
total 34436
-rwxr-xr-x 1 root root 35249016 Jan 29  2019 flanneld
-rwxr-xr-x 1 root root     2139 Oct 23  2018 mk-docker-opts.sh
-rw-r--r-- 1 root root     4300 Oct 23  2018 README.md
[root@hdss-21.host.com /opt/src]# ln -s /opt/flannel-v0.11.0/ /opt/flannel
[root@hdss-21.host.com /opt/src]# ll -ld /opt/flannel
lrwxrwxrwx 1 root root 21 Jun 20 04:45 /opt/flannel -> /opt/flannel-v0.11.0/

#22操作同上

拷贝 etcd的秘钥和证书

[root@hdss-21.host.com /opt/src]# cd /opt/flannel/
[root@hdss-21.host.com /opt/flannel]# mkdir certs
[root@hdss-21.host.com /opt/flannel]# cd certs/
[root@hdss-21.host.com /opt/flannel/certs]# scp -rp hdss-201:/opt/certs/ca.pem ./
root@hdss-201's password: 
ca.pem                                                     100% 1346   152.7KB/s   00:00    
[root@hdss-21.host.com /opt/flannel/certs]# scp -rp hdss-201:/opt/certs/client.pem ./
root@hdss-201's password: 
client.pem                                                 100% 1363    65.3KB/s   00:00    
[root@hdss-21.host.com /opt/flannel/certs]# scp -rp hdss-201:/opt/certs/client-key.pem ./
root@hdss-201's password: 
client-key.pem                                             100% 1675    58.4KB/s   00:00    
[root@hdss-21.host.com /opt/flannel/certs]# ll
total 12
-rw-r--r-- 1 root root 1346 Jun 10 21:49 ca.pem
-rw------- 1 root root 1675 Jun 13 21:23 client-key.pem
-rw-r--r-- 1 root root 1363 Jun 13 21:23 client.pem

##22 操作同上

配置文件

[root@hdss-21.host.com /opt/flannel/certs]# cd ..
[root@hdss-21.host.com /opt/flannel]# vim subnet.env
[root@hdss-21.host.com /opt/flannel]# cat subnet.env 
FLANNEL_NETWORK=10.0.0.0/16
FLANNEL_SUBNET=10.0.21.1/24
FLANNEL_MTU=1500
FLANNEL_IPMASQ=false

配置启动文件

[root@hdss-21.host.com /opt/flannel]# vim flanneld.sh
[root@hdss-21.host.com /opt/flannel]# cat flanneld.sh
#!/bin/sh
./flanneld 
--public-ip=10.0.0.21 
--etcd-endpoints=https://10.0.0.12:2379,https://10.0.0.21:2379,https://10.0.0.22:2379 
--etcd-keyfile=./certs/client-key.pem 
--etcd-certfile=./certs/client.pem 
--etcd-cafile=./certs/ca.pem 
--iface=eth0 
--subnet-file=./subnet.env 
--healthz-port=2041

[root@hdss-21.host.com /opt/flannel]# chmod +x flanneld.sh

创建log日志
[root@hdss-21.host.com /opt/flannel]# mkdir -p /data/logs/flanneld
[root@hdss-21.host.com /opt/flannel]# ll -ld /data/logs/flanneld
drwxr-xr-x 2 root root 6 Jun 19 21:48 /data/logs/flanneld

操作etcd,增加host-gw(操作一次即可)

[root@hdss-21.host.com /opt/flannel]# cd /opt/etcd/
[root@hdss-21.host.com /opt/etcd]# ./etcdctl member list
6cbdd801d2c800d9: name=etcd-server-21 peerURLs=https://10.0.0.21:2380 clientURLs=http://127.0.0.1:2379,https://10.0.0.21:2379 isLeader=false
74538ef5dc383e39: name=etcd-server-22 peerURLs=https://10.0.0.22:2380 clientURLs=http://127.0.0.1:2379,https://10.0.0.22:2379 isLeader=true
f7a9c20602b8532e: name=etcd-server-12 peerURLs=https://10.0.0.12:2380 clientURLs=http://127.0.0.1:2379,https://10.0.0.12:2379 isLeader=false

[root@hdss-21.host.com /opt/etcd]# ./etcdctl set /coreos.com/network/config '{"Network": "10.0.0.0/16", "Backend": {"Type": "host-gw"}}'
{"Network": "10.0.0.0/16", "Backend": {"Type": "host-gw"}}

检查
[root@hdss-21.host.com /opt/etcd]# ./etcdctl get /coreos.com/network/config
{"Network": "10.0.0.0/16", "Backend": {"Type": "host-gw"}}

6.配置supervisor后台管理flannel

[root@hdss-21.host.com /opt/etcd]# vim /etc/supervisord.d/flannel.ini 
[root@hdss-21.host.com /opt/etcd]# cat /etc/supervisord.d/flannel.ini 
[program:flanneld-21]
command=/opt/flannel/flanneld.sh                                ; the program (relative uses PATH, can take args)	
numprocs=1                                                      ; number of processes copies to start (def 1)
directory=/opt/flannel                                          ; directory to cwd to before exec (def no cwd)
autostart=true                                                  ; start at supervisord start (default: true)
autorestart=true                                                ; retstart at unexpected quit (default: true)
startsecs=30                                                    ; number of secs prog must stay running (def. 1)
startretries=3                                                  ; max # of serial start failures (default 3)
exitcodes=0,2                                                   ; 'expected' exit codes for process (default 0,2)
stopsignal=QUIT                                                 ; signal used to kill process (default TERM)
stopwaitsecs=10                                                 ; max num secs to wait b4 SIGKILL (default 10)
user=root                                                       ; setuid to this UNIX account to run the program
redirect_stderr=true                                            ; redirect proc stderr to stdout (default false)
stdout_logfile=/data/logs/flanneld/flanneld.stdout.log          ; stdout log path, NONE for none; default AUTO
stdout_logfile_maxbytes=64MB                                    ; max # logfile bytes b4 rotation (default 50MB)
stdout_logfile_backups=4                                        ; # of stdout logfile backups (default 10)
stdout_capture_maxbytes=1MB                                     ; number of bytes in 'capturemode' (default 0)
stdout_events_enabled=false                                     ; emit events on stdout writes (default false)


[root@hdss-21.host.com /opt/etcd]# supervisorctl status
etcd-server-21                   RUNNING   pid 1448, uptime 0:41:03
flanneld-21                      RUNNING   pid 85763, uptime 0:19:46
kube-apiserver-21                RUNNING   pid 1449, uptime 0:41:03
kube-controller-manager-21       RUNNING   pid 1450, uptime 0:41:03
kube-kubelet-21                  RUNNING   pid 1451, uptime 0:41:03
kube-proxy-21                    RUNNING   pid 1447, uptime 0:41:03
kube-scheduler-21                RUNNING   pid 1454, uptime 0:41:03
#22操作相同

两个pods容器之间是否可以互ping

[root@hdss-21.host.com ~]# ping -c2 10.0.22.2
PING 10.0.22.2 (10.0.22.2) 56(84) bytes of data.
64 bytes from 10.0.22.2: icmp_seq=1 ttl=63 time=0.335 ms
64 bytes from 10.0.22.2: icmp_seq=2 ttl=63 time=0.385 ms

--- 10.0.22.2 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1000ms
rtt min/avg/max/mdev = 0.335/0.360/0.385/0.025 ms

[root@hdss-22.host.com /opt/flannel]# ping -c 2 10.0.21.2
PING 10.0.21.2 (10.0.21.2) 56(84) bytes of data.
64 bytes from 10.0.21.2: icmp_seq=1 ttl=63 time=0.572 ms
64 bytes from 10.0.21.2: icmp_seq=2 ttl=63 time=0.414 ms

--- 10.0.21.2 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1000ms
rtt min/avg/max/mdev = 0.414/0.493/0.572/0.079 ms

查看全文

相关阅读:
LNMP安装后MYSQL数据库无法远程访问解决
 Ubuntu忘记root密码怎么办？
composer安装出现proc_open没有开启问题的解决方案
 LNMP搭建环境遇到的N多坑
 lnmp HTTP ERROR 500
LNMP集成运行（开发）环境的部署
 最新javamail 使用方案，可以异步发送邮件
 vi常用快捷键
 Dom4j解析XML文件
 Multiple markers at this line @Override的解决方法

原文地址：https://www.cnblogs.com/woaiyunwei/p/13168233.html