部署docker
旧的三节点docker已经安装好
只需要安装新节点的docker
但是所有节点都需要修改docker配置文件
安装参考前面的基础篇里的安装方法
所有work节点都需要修改以下参数
需要修改dokcer的参数
[root@nfs-store ~]# systemctl status docker
● docker.service - Docker Application Container Engine
Loaded: loaded (/usr/lib/systemd/system/docker.service; enabled; vendor preset: disabled)
Active: active (running) since 三 2018-08-29 14:47:45 CST; 1s ago
Docs: https://docs.docker.com
Main PID: 5934 (dockerd)
Tasks: 16
Memory: 14.5M
CGroup: /system.slice/docker.service
├─5934 /usr/bin/dockerd
└─5940 docker-containerd -l unix:///var/run/docker/libcontainerd/docker-containerd.sock --metrics-interval=0 --start...
8月 29 14:47:44 nfs-store dockerd[5934]: time="2018-08-29T14:47:44.989167050+08:00" level=info msg="[graphdriver] using ...erlay
8月 29 14:47:44 nfs-store dockerd[5934]: time="2018-08-29T14:47:44.992032549+08:00" level=info msg="Graph migration to c...conds"
8月 29 14:47:44 nfs-store dockerd[5934]: time="2018-08-29T14:47:44.993033475+08:00" level=info msg="Loading containers: start."
8月 29 14:47:45 nfs-store dockerd[5934]: time="2018-08-29T14:47:45.000879000+08:00" level=info msg="Firewalld running: false"
8月 29 14:47:45 nfs-store dockerd[5934]: time="2018-08-29T14:47:45.102773462+08:00" level=info msg="Default bridge (dock...dress"
8月 29 14:47:45 nfs-store dockerd[5934]: time="2018-08-29T14:47:45.145154328+08:00" level=info msg="Loading containers: done."
8月 29 14:47:45 nfs-store dockerd[5934]: time="2018-08-29T14:47:45.157327519+08:00" level=info msg="Daemon has completed...ation"
8月 29 14:47:45 nfs-store dockerd[5934]: time="2018-08-29T14:47:45.157365151+08:00" level=info msg="Docker daemon" commi...3.1-ce
8月 29 14:47:45 nfs-store dockerd[5934]: time="2018-08-29T14:47:45.165294766+08:00" level=info msg="API listen on /var/r....sock"
8月 29 14:47:45 nfs-store systemd[1]: Started Docker Application Container Engine.
Hint: Some lines were ellipsized, use -l to show in full.
[root@nfs-store ~]#修改这个文件:
/usr/lib/systemd/system/docker.service[root@nfs-store ~]# cat /usr/lib/systemd/system/docker.service |grep -v ^#
[Unit]
Description=Docker Application Container Engine
Documentation=https://docs.docker.com
After=network.target firewalld.service
[Service]
Type=notify
EnvironmentFile=/run/flannel/docker
ExecStart=/usr/bin/dockerd --log-level=error $DOCKER_NETWORK_OPTIONS
ExecReload=/bin/kill -s HUP $MAINPID
LimitNOFILE=infinity
LimitNPROC=infinity
LimitCORE=infinity
TimeoutStartSec=0
Delegate=yes
KillMode=process
[Install]
WantedBy=multi-user.target
[root@nfs-store ~]#$DOCKER_NETWORK_OPTIONS;
dockerd 运行时会调用其它 docker 命令,如 docker-proxy,所以需要将 docker 命
令所在的目录加到 PATH 环境变量中;
flanneld 启动时将网络配置写入 /run/flannel/docker 文件中,dockerd 启动前
读取该文件中的环境变量 DOCKER_NETWORK_OPTIONS ,然后设置 docker0 网桥网
段;
如果指定了多个 EnvironmentFile 选项,则必须将 /run/flannel/docker 放
在最后(确保 docker0 使用 flanneld 生成的 bip 参数);
docker 需要以 root 用于运行;
docker 从 1.13 版本开始,可能将 iptables FORWARD chain的默认策略设置为
DROP,从而导致 ping 其它 Node 上的 Pod IP 失败,遇到这种情况时,需要手动
设置策略为 ACCEPT :
iptables -P FORWARD ACCEPT
并且把以下命令写入 /etc/rc.local 文件中,防止节点重启iptables
FORWARD chain的默认策略又还原为DROP
/sbin/iptables -P FORWARD ACCEPT
重启docker,可以看到所有work节点同一个节点的flannel和docker是一个网段了
3: flannel.1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc noqueue state UNKNOWN
link/ether 7a:a5:c6:8d:1e:55 brd ff:ff:ff:ff:ff:ff
inet 172.30.14.0/32 scope global flannel.1
valid_lft forever preferred_lft forever
4: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN
link/ether 02:42:18:17:e4:f7 brd ff:ff:ff:ff:ff:ff
inet 172.30.14.1/24 scope global docker0
valid_lft forever preferred_lft forever转载于:https://blog.51cto.com/goome/2167917
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
