[root@k8s-master30-172-23-210-30 ~]# cat /jpdata/work/calico/calico.yaml
# Calico Version v2.6.9
# https://docs.projectcalico.org/v2.6/releases#v2.6.9
# This manifest includes the following component versions:
# calico/node:v2.6.9
# calico/cni:v1.11.5
# calico/kube-controllers:v1.0.4
# This ConfigMap is used to configure a self-hosted Calico installation.
kind: ConfigMap
apiVersion: v1
metadata:
name: calico-config
namespace: kube-system
data:
# Configure this with the location of your etcd cluster.
etcd_endpoints: "https://172.23.210.30:2379"
# Configure the Calico backend to use.
calico_backend: "bird"
# The CNI network configuration to install on each node.
cni_network_config: |-
{
"name": "k8s-pod-network",
"cniVersion": "0.1.0",
"type": "calico",
"etcd_endpoints": "__ETCD_ENDPOINTS__",
"etcd_key_file": "__ETCD_KEY_FILE__",
"etcd_cert_file": "__ETCD_CERT_FILE__",
"etcd_ca_cert_file": "__ETCD_CA_CERT_FILE__",
"log_level": "info",
"mtu": 1500,
"ipam": {
"type": "calico-ipam"
},
"policy": {
"type": "k8s",
"k8s_api_root": "https://__KUBERNETES_SERVICE_HOST__:__KUBERNETES_SERVICE_PORT__",
"k8s_auth_token": "__SERVICEACCOUNT_TOKEN__"
},
"kubernetes": {
"kubeconfig": "__KUBECONFIG_FILEPATH__"
}
}
# If you're using TLS enabled etcd uncomment the following.
# You must also populate the Secret below with these files.
etcd_ca: "/calico-secrets/etcd-ca" #"/etc/kubernetes/ssl/ca.pem"
etcd_cert: "/calico-secrets/etcd-cert" #"/etc/kubernetes/ssl/kubernetes.pem"
etcd_key: "/calico-secrets/etcd-key" #"/etc/kubernetes/ssl/kubernetes-key.pem"
---
# The following contains k8s Secrets for use with a TLS enabled etcd cluster.
# For information on populating Secrets, see http://kubernetes.io/docs/user-guide/secrets/
apiVersion: v1
kind: Secret
type: Opaque
metadata:
name: calico-etcd-secrets
namespace: kube-system
data:
# Populate the following files with etcd TLS configuration if desired, but leave blank if
# not using TLS for etcd.
# This self-hosted install expects three files with the following names. The values
# should be base64 encoded strings of the entire contents of each file.
etcd-ca: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUR0akNDQXA2Z0F3SUJBZ0lVZjAwQ3NZMXFiU3NnWmc0MmFaTjVNYllWSzVJd0RRWUpLb1pJaHZjTkFRRUwKQlFBd1lURUxNQWtHQTFVRUJoTUNRMDR4RGpBTUJnTlZCQWdUQlZkMVNHRnVNUTR3REFZRFZRUUhFd1ZYZFVoaApiakVNTUFvR0ExVUVDaE1EYXpoek1ROHdEUVlEVlFRTEV3WlRlWE4wWlcweEV6QVJCZ05WQkFNVENtdDFZbVZ5CmJtVjBaWE13SGhjTk1UZ3dPVEV4TURZek5EQXdXaGNOTWpNd09URXdNRFl6TkRBd1dqQmhNUXN3Q1FZRFZRUUcKRXdKRFRqRU9NQXdHQTFVRUNCTUZWM1ZJWVc0eERqQU1CZ05WQkFjVEJWZDFTR0Z1TVF3d0NnWURWUVFLRXdOcgpPSE14RHpBTkJnTlZCQXNUQmxONWMzUmxiVEVUTUJFR0ExVUVBeE1LYTNWaVpYSnVaWFJsY3pDQ0FTSXdEUVlKCktvWklodmNOQVFFQkJRQURnZ0VQQURDQ0FRb0NnZ0VCQUt4SnRrY2J1ZEQzaHZSVytZcnVUS3oyNUFOci84SGoKaWJvQnFIS0prM0R6dXVvSjlXZWRuQzBrVjZrQnE2MS9HVy9XdmRJVE5XMGJLeGpicUcxcCs5VTJpUUpyeG0xdgpGVllESmxYUDhteCs4N0d0NklkR091QlQ1Rk1LeEs2YStEYjBIOXYvYnQrQTRzMHhLVkdIeldXOE5WN0RqZEFjCmtMdlhQcjhKbXAyV3htOGFEei9wUTVlZE9Ybkl1NTJhYjhoWUVSRVBqS296YmdTTFBNMFNsc21qQStHSXd4UlEKWFU4c1ROaWdocHcrWU00bFFTNjRQTDlSU2twWGpKTU1iaUFydHJXY2czTmhwQUtjcVd4bTFxNjNYR1Fpa0hoZQpMWDVWV2RsTmtuaUdFUkJlRzVPbDROeE1zajNwd0VOQjRWdDlnZFQ3WEVHVmZZWEJVbnU2OXlFQ0F3RUFBYU5tCk1HUXdEZ1lEVlIwUEFRSC9CQVFEQWdF
calico.yaml 配置
最新推荐文章于 2024-05-22 02:37:28 发布
本文详细介绍了如何配置Calico网络,包括核心组件设置、网络策略应用及与Kubernetes的集成,帮助你理解并实现高效的容器网络隔离。
摘要由CSDN通过智能技术生成