Flannel容器集群网络部署
1. etcd存储子网信息
Falnnel要用etcd存储自身一个子网信息,所以要保证能成功连接etcd,写入预定义子网段,在master01上操作:
cd /opt/etcd/ssl
#设置值
/opt/etcd/bin/etcdctl \
--ca-file=ca.pem --cert-file=server.pem --key-file=server-key.pem \
--endpoints="https://192.168.1.72:2379,https://192.168.1.95:2379,https://192.168.1.88:2379" \
set /coreos.com/network/config '{ "Network": "172.17.0.0/16", "Backend": {"Type": "vxlan"}}'
#查看值
/opt/etcd/bin/etcdctl \
--ca-file=ca.pem --cert-file=server.pem --key-file=server-key.pem \
--endpoints="https://192.168.1.72:2379,https://192.168.1.95:2379,https://192.168.1.88:2379" \
get /coreos.com/network/config
2. 安装Flannel
Flannel安装在两个node节点上.
2.1 下载Flannel
#创建kubernetes对应的文件夹
mkdir -p /opt/kubernetes/{bin,cfg,ssl}
#进入目录
cd /opt/kubernetes/bin
#下载Flannel
wget https://github.com/coreos/flannel/releases/download/v0.10.0/flannel-v0.10.0-linux-amd64.tar.gz
#解压Flannel
tar -zxvf flannel-v0.10.0-linux-amd64.tar.gz
#删除无用的文件
rm flannel-v0.10.0-linux-amd64.tar.gz
rm README.md
2.2 node01安装Flannel
安装脚本flannel.sh, 内容如下:
#!/bin/bash
ETCD_ENDPOINTS=${1:-"http://127.0.0.1:2379"}
cat <<EOF >/opt/kubernetes/cfg/flanneld
FLANNEL_OPTIONS="--etcd-endpoints=${ETCD_ENDPOINTS} \
-etcd-cafile=/opt/etcd/ssl/ca.pem \
-etcd-certfile=/opt/etcd/ssl/server.pem \
-etcd-keyfile=/opt/etcd/ssl/server-key.pem"
EOF
cat <<EOF >/usr/lib/systemd/system/flanneld.service
[Unit]
Description=Flanneld overlay address etcd agent
After=network-online.target network.target
Before=docker.service
[Service]
Type=notify
EnvironmentFile=/opt/kubernetes/cfg/flanneld
ExecStart=/opt/kubernetes/bin/flanneld --ip-masq \$FLANNEL_OPTIONS
ExecStartPost=/opt/kubernetes/bin/mk-docker-opts.sh -k DOCKER_NETWORK_OPTIONS -d /run/flannel/subnet.env
Restart=on-failure
[Install]
WantedBy=multi-user.target
EOF
cat <<EOF >/usr/lib/systemd/system/docker.service
[Unit]
Description=Docker Application Container Engine
Documentation=https://docs.docker.com
After=network-online.target firewalld.service
Wants=network-online.target
[Service]
Type=notify
EnvironmentFile=/run/flannel/subnet.env
ExecStart=/usr/bin/dockerd \$DOCKER_NETWORK_OPTIONS
ExecReload=/bin/kill -s HUP \$MAINPID
LimitNOFILE=infinity
LimitNPROC=infinity
LimitCORE=infinity
TimeoutStartSec=0
Delegate=yes
KillMode=process
Restart=on-failure
StartLimitBurst=3
StartLimitInterval=60s
[Install]
WantedBy=multi-user.target
EOF
systemctl daemon-reload
systemctl enable flanneld
systemctl restart flanneld
systemctl restart docker
flannel.sh 赋可执行权限
chmod +x flannel.sh
执行flannel.sh,带有参数,参数为etcd地址
./flannel.sh https://192.168.1.72:2379,https://192.168.1.95:2379,https://192.168.1.88:2379
2.3 node02安装Flannel
直接拷贝noden01上的文件至node02
scp -r /opt/kubernetes/ root@192.168.1.88:/opt/
scp /usr/lib/systemd/system/{docker,flanneld}.service root@192.168.1.88:/usr/lib/systemd/system/
启动Flannel
systemctl daemon-reload
systemctl enable flanneld
systemctl start flanneld
systemctl restart docker
2.4 验证Flannel
验证思路: 所有容器都可以与所有其他容器通信, 所有节点都可以与所有容器通信
先在node01上创建容器,看node02节点能否ping通node01节点中创建的容器
docker run -it busybox
ip a
可以ping通.
然后在node02节点上创建一个容器, 看node02中的容器能否ping通node01中的容器
docker run -it busybox
ip a
也是可以ping通. 说明Flannel集成docker安装成功.