Kubernetes1.9生产环境高可用实践--004-node中安装flannel网络插件

这篇文章接上一篇《Kubernetes1.9生产环境高可用实践–003-node中docker安装及配置》。

这篇主要flannel的安装及配置。

kubernetes1.9安装flannel网络插件

安装flannel

yum install -y flanneld

查看版本

[root@yds-dev-svc02-node01 ~]# flanneld -version
0.7.1

准备证书

这里会使用ETCD的证书。我们在第一篇中已经创建了证书,现在我们只需要把证书复制过来就行。

这里我们在yds-dev-svc01-etcd01上的证书文件。

[root@yds-dev-svc01-etcd01 key]# pwd
/tmp/key
[root@yds-dev-svc01-etcd01 key]# ls
admin.csr       ca-config.json  ca.pem         etcd.pem             kubernetes.pem
admin-csr.json  ca.csr          etcd.csr       kubernetes.csr
admin-key.pem   ca-csr.json     etcd-csr.json  kubernetes-csr.json
admin.pem       ca-key.pem      etcd-key.pem   kubernetes-key.pem

现在我们需要:ca.pem, etcd.pem, etcd-key.pem

先在yds-dev-svc02-node01中创建证书目录。

mkdir -p /etc/kubernetes/ssl

然后将ds-dev-svc01-etcd01中的证书复制到这个目录:

[root@yds-dev-svc01-etcd01 key]# scp etcd.pem etcd-key.pem ca.pem root@192.168.3.56:/etc/kubernetes/ssl/
The authenticity of host '192.168.3.56 (192.168.3.56)' can't be established.
ECDSA key fingerprint is SHA256:7LpF11pS/HejiSUfx1l/dvi74mz3lWGJpHV/iuim9n4.
ECDSA key fingerprint is MD5:50:66:d2:f3:73:07:00:88:73:5e:6c:cb:91:b7:7f:8e.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.3.56' (ECDSA) to the list of known hosts.
root@192.168.3.56's password: 
etcd.pem                                         100% 1436     1.1MB/s   00:00    
etcd-key.pem                                     100% 1679     1.4MB/s   00:00    
ca.pem                                           100% 1359     1.3MB/s   00:00 

查看flanneld启动文件

[root@yds-dev-svc02-node01 ~]# cat /usr/lib/systemd/system/flanneld.service
[Unit]
Description=Flanneld overlay address etcd agent
After=network.target
After=network-online.target
Wants=network-online.target
After=etcd.service
Before=docker.service

[Service]
Type=notify
EnvironmentFile=/etc/sysconfig/flanneld
EnvironmentFile=-/etc/sysconfig/docker-network
ExecStart=/usr/bin/flanneld-start $FLANNEL_OPTIONS
ExecStartPost=/usr/libexec/flannel/mk-docker-opts.sh -k DOCKER_NETWORK_OPTIONS -d /run/flannel/docker
Restart=on-failure

[Install]
WantedBy=multi-user.target
RequiredBy=docker.service

修改配置文件

修改flanneld的配置文件/etc/sysconfig/flanneld。

[root@yds-dev-svc02-node01 ~]# cat /etc/sysconfig/flanneld 
# Flanneld configuration options  

# etcd url location.  Point this to the server where etcd runs
FLANNEL_ETCD_ENDPOINTS="https://192.168.3.50:2379,https://192.168.3.51:2379,https://192.168.3.52:2379"

# etcd config key.  This is the configuration key that flannel queries
# For address range assignment
FLANNEL_ETCD_PREFIX="kube-centos/network"

# Any additional options that you want to pass
FLANNEL_OPTIONS="-etcd-cafile=/etc/kubernetes/ssl/ca.pem -etcd-certfile=/etc/kubernetes/ssl/etcd.pem -etcd-keyfile=/etc/kubernetes/ssl/etcd-key.pem"

 在etcd中创建网络配置

docker分配IP地址段。
我们在yds-dev-svc01-etcd01中执行下面两个命令.

etcdctl --endpoints=https://192.168.3.50:2379,https://192.168.3.51:2379,https://192.168.3.52:2379 \
  --ca-file=/etc/kubernetes/ssl/ca.pem \
  --cert-file=/etc/kubernetes/ssl/etcd.pem \
  --key-file=/etc/kubernetes/ssl/etcd-key.pem \
  mkdir /kube-centos/network
etcdctl --endpoints=https://192.168.3.50:2379,https://192.168.3.51:2379,https://192.168.3.52:2379 \
  --ca-file=/etc/kubernetes/ssl/ca.pem \
  --cert-file=/etc/kubernetes/ssl/etcd.pem \
  --key-file=/etc/kubernetes/ssl/etcd-key.pem \
  mk /kube-centos/network/config '{"Network":"172.30.0.0/16","SubnetLen":24,"Backend":{"Type":"host-gw"}}'

执行交易如下:

[root@yds-dev-svc01-etcd01 key]# etcdctl --endpoints=https://192.168.3.50:2379,https://192.168.3.51:2379,https://192.168.3.52:2379 \
>   --ca-file=/etc/kubernetes/ssl/ca.pem \
>   --cert-file=/etc/kubernetes/ssl/etcd.pem \
>   --key-file=/etc/kubernetes/ssl/etcd-key.pem \
>   mkdir /kube-centos/network
[root@yds-dev-svc01-etcd01 key]# etcdctl --endpoints=https://192.168.3.50:2379,https://192.168.3.51:2379,https://192.168.3.52:2379 \
>   --ca-file=/etc/kubernetes/ssl/ca.pem \
>   --cert-file=/etc/kubernetes/ssl/etcd.pem \
>   --key-file=/etc/kubernetes/ssl/etcd-key.pem \
>   mk /kube-centos/network/config '{"Network":"172.30.0.0/16","SubnetLen":24,"Backend":{"Type":"host-gw"}}'
{"Network":"172.30.0.0/16","SubnetLen":24,"Backend":{"Type":"host-gw"}}

启动flanneld

systemctl daemon-reload
systemctl enable flanneld
systemctl start flanneld
systemctl status flanneld

查看分配网段

[root@yds-dev-svc01-etcd01 key]# etcdctl --endpoints=https://192.168.3.50:2379,https://192.168.3.51:2379,https://192.168.3.52:2379   --ca-file=/etc/kubernetes/ssl/ca.pem   --cert-file=/etc/kubernetes/ssl/etcd.pem   --key-file=/etc/kubernetes/ssl/etcd-key.pem   ls /kube-centos/network/subnets
/kube-centos/network/subnets/172.30.43.0-24
阅读更多
版权声明:本文为博主原创文章,未经博主允许不得转载。 https://blog.csdn.net/wenwst/article/details/79959986
想对作者说点什么? 我来说一句

没有更多推荐了,返回首页

关闭
关闭
关闭