Shulou(Shulou.com)06/01 Report--

This article mainly introduces how to use the calicoctl command, the article is very detailed, has a certain reference value, interested friends must read it!

Usage create

Create a network resource. For example, if we want to create a "profile" network resource, first define the properties of the profile in the file format of json or yaml, and then use the-f parameter to specify it. For example, the properties file is called profile1.json and its contents are:

{"kind": "profile", "apiVersion": "v1", "metadata": {"name": "calico-test", "tags": ["calico-test"]}, "spec": {"ingress": [{"action": "allow" "source": {"tag": "calico-test"}, "destination": {}], "egress": [{"action": "allow", "source": {}, "destination": {}]}}

Use the calicoctl command to create a profile:

# calicoctl create-f profile1.jsonSuccessfully created 1 'profile' resource (s)

Alternatively, you can use the-c option to specify the configuration file.

Ps: it is important to note that after the calico network is created, network interworking can be achieved between containers using the same calico network. But if you want an external node to interconnect with this calico network, you need to make some changes to add a configuration to profile's spec.ingress.

{"action": "allow", "source": {"nets": ["115.105.115.0 Compact 24"]}, "destination": {}}

Then, replace profile with the "calicoctl replace" command that will be discussed below. In this way, the docker host with the ip segment located in "115.105.115.0 docker host 24" can access the container under the calico network.

Get

Get information about a network resource.

Here we also take the profile created above as an example.

# calicoctl get profile calico-test-o json [{"kind": "profile", "apiVersion": "v1", "metadata": {"name": "calico-test", "tags": ["calico-test"]}, "spec": {"ingress": [{"action": "allow" "source": {"tag": "calico-test"}, "destination": {}], "egress": [{"action": "allow", "source": {}, "destination": {}]}]

The output here is in json format, and you can also use yaml, GoFormat, and so on.

Replace

Replace a network resource. After modifying the contents of the above profile1.json file, execute the following command directly to replace the relevant properties of the network resource.

# calicoctl replace-f profile1.jsonSuccessfully replaced 1 'profile' resource (s) apply

Combines create and replace commands. Create when there are no resources, and replace them when they are available.

Delete

Delete a network resource.

When creating an alternative network resource, it is created through a file, and the configuration file indicates the type and attribute of the network resource. However, it is much easier to delete network resources. You only need to delete the corresponding resources through the type and name of network resources.

# calicoctl delete profile calico-testSuccessfully deleted 1 'profile' resource (s) config

Manage configuration options at the system level and node level.

This command contains three more subcommands: set, unset and get. Set, cancel, and get.

Specific settings include: logLevel (configuration values are none,debug,info,warning,error,critical), nodeToNodeMesh (on,off), asNumber (0-4294967295), ipip (on,off).

Ipam

IP address management.

This command contains three more subcommands: release and show. Where:

Release: release the IP that has been assigned by calico

Show: displays the details of the assigned IP.

Node

Calico node management.

This command contains four more subcommands: run, status, diags and checksystem. Where:

The run command can be used to run an instance of calico on this server

The status command checks the status of the entire calico network

Diags is used for diagnostic information of mobile phone calico node

The checksystem command is used to check whether the modified server can run an instance of calico.

We often use the run command to create an instance of calico, such as:

# calicoctl node run-node-image=calico/node:v2.6.2-ip=192.168.115.73Running command to load modules: modprobe-a xt_set ip6_tablesEnabling IPv4 forwardingEnabling IPv6 forwardingIncreasing conntrack limitRemoving old calico-node container (if running). Running the following command to start calico-node:docker run-- net=host-- privileged-- name=calico-node-d-- restart=always-e NODENAME=dcos-agent1-e CALICO_NETWORKING_BACKEND=bird-e CALICO_LIBNETWORK_ENABLED=true-e IP=192.168.115.73-e ETCD_ENDPOINTS=http:// 192.168.115.111 lib/modules:/lib/modules 2379-v / var/log/calico:/var/log/calico-v / var/run/calico:/var/run/calico-v / lib/modules:/lib/modules-v / run:/run-v / run/docker/plugins:/run/docker/plugins-v / var/run/docker.sock:/var/run/docker.sock calico/node:v2.6.2Image may take a short time to download if it is not available locally.Container started Checking progress logs.Skipping datastore connection testUsing IPv4 address from environment: IP=109.105.115.73IPv4 address 109.105.115.73 discovered on interface em1No AS number configured on node resource, using global valueUsing node name: dcos-agent1Starting libnetwork serviceCalico node started successfully

Here, the calico image version used is calico/node:v2.6.2, and you can see the specific commands when it starts the calico container through the log.

In addition, "calicoctl node run" has quite a number of options available, which can be viewed through "calicoctl node run-- help". However, these options are not enough to cover all the options of calico itself (such as etcd's url, etc.), we can configure the / etc/calico/calicoctl.cfg file to implement. Of course, you can configure it to another file and specify it with the-f option. Examples of configuration files are as follows:

ApiVersion: v1kind: calicoApiConfigmetadata:spec: datastoreType: "etcdv2" etcdEndpoints: "http://${etcd-ip1}:2379,http://${etcd-ip2}:2379"version

Show the version.

Option-h-- help

Show help.

-l-- log-level=

Sets the log level. The log level includes: panic,fatal,error,warn,info,debug. The default is the fatal level.

The above is all the contents of this article "how to use calicoctl commands". Thank you for reading! Hope to share the content to help you, more related knowledge, welcome to follow the industry information channel!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.