Network Security Internet Technology Development Database Servers Mobile Phone Android Software Apple Software Computer Software News IT Information

In addition to Weibo, there is also WeChat

Please pay attention

WeChat public account

Shulou

Kubernetes deployment (8): Flannel network deployment

2025-01-24 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Servers >

Share

Shulou(Shulou.com)06/03 Report--

Related content:

Kubernetes deployment (1): architecture and function description

Kubernetes deployment (2): initialization of system environment

Kubernetes deployment (3): CA certificate making

Kubernetes deployment (4): ETCD cluster deployment

Kubernetes deployment (5): Haproxy, Keppalived deployment

Kubernetes deployment (6): Master node deployment

Kubernetes deployment (7): Node node deployment

Kubernetes deployment (8): Flannel network deployment

Kubernetes deployment (IX): CoreDNS, Dashboard, Ingress deployment

Kubernetes deployment (X): stored glusterfs and heketi deployment

Kubernetes deployment (11): managed Helm and Rancher deployment

Kubernetes deployment (12): helm deployment harbor enterprise image repository

Flannel needs to be deployed in all master and node

1. Generate a certificate for Flannel

[root@node-01 ssl] # vim flanneld-csr.json {"CN": "flanneld", "hosts": [], "key": {"algo": "rsa", "size": 2048}, "names": [{"C": "CN", "ST": "BeiJing", "L": "BeiJing", "O": "K8s" "OU": "System"}]}

two。 Generate a certificate

[root@node-01 ssl] # cfssl gencert-ca=/data/kubernetes/ssl/ca.pem\-ca-key=/data/kubernetes/ssl/ca-key.pem\-config=/data/kubernetes/ssl/ca-config.json\-profile=kubernetes flanneld-csr.json | cfssljson-bare flanneld

3. Distribute certificates

[root@node-01 ssl] # for n in `Ubernetes 201206`; do scp flanneld*.pem 10.31.90.UbernetesGetWord ("for n in"); "

4. Download the Flannel package

[root@node-01 k8s] # wget https://github.com/coreos/flannel/releases/download/v0.10.0/flannel-v0.10.0-linux-amd64.tar.gz[root@node-01 k8s] # tar zxf flannel-v0.10.0-linux-amd64.tar.gz [root@node-01 k8s] # for n in `seq 201206`; do scp flanneld mk-docker-opts.sh 10.31.90.$n:/data/kubernetes/bin/ Done copies the corresponding script to the / data/kubernetes/bin directory. [root@node-01 k8s] # for n in `seq 201206`; do scp remove-docker0.sh 10.31.90.Ubernetes qubernetes hand bindings done

5. Configure Flannel

[root@node-04 ssl] # vim / data/kubernetes/cfg/flannelFLANNEL_ETCD= "- etcd-endpoints= https://10.31.90.201:2379,https://10.31.90.202:2379, Https://10.31.90.203:2379"FLANNEL_ETCD_KEY="-etcd-prefix=/kubernetes/network"FLANNEL_ETCD_CAFILE="--etcd-cafile=/data/kubernetes/ssl/ca.pem"FLANNEL_ETCD_CERTFILE="--etcd-certfile=/data/kubernetes/ssl/flanneld.pem"FLANNEL_ETCD_KEYFILE="--etcd-keyfile=/data/kubernetes/ssl/flanneld-key.pem" replication configuration to other nodes [root@node-01 ~] # for n in `seq 201206` Do scp / data/kubernetes/cfg/flannel 10.31.90.It is done by using a data bank called Kubernetes Universe

6. Set up the Flannel system service

[root@node-01 ~] # vim / usr/lib/systemd/system/ flannel.service[ Unit] Description=Flanneld overlay address etcd agentAfter=network.targetBefore= docker.service[ Service] EnvironmentFile=-/data/kubernetes/cfg/flannelExecStartPre=/data/kubernetes/bin/remove-docker0.shExecStart=/data/kubernetes/bin/flanneld ${FLANNEL_ETCD} ${FLANNEL_ETCD_KEY} ${FLANNEL_ETCD_CAFILE} ${FLANNEL_ETCD_CERTFILE} ${FLANNEL_ETCD_KEYFILE} ExecStartPost=/data/kubernetes/bin/mk-docker-opts.sh -d / run/flannel/dockerType= notify[ install] WantedBy=multi-user.targetRequiredBy=docker.service copy system service script to other nodes [root@node-01 k8s] # for n in `seq 201206` Do scp / usr/lib/systemd/system/flannel.service 10.31.90. Integration of flannel.servicetransposition flannel.servicetransactionFlannel.com flannel.services

Download the CNI plug-in

[root@node-01 ~] # wget https://github.com/containernetworking/plugins/releases/download/v0.7.1/cni-plugins-amd64-v0.7.1.tgz[root@node-01 ~] # mkdir / data/kubernetes/bin/ CNI [root @ node-01 src] # tar zxf cni-plugins-amd64-v0.7.1.tgz-C / data/kubernetes/bin/ CNI [root @ node-01 k8s] # for n in `seq 201206` Do scp / data/kubernetes/bin/cni/* 10.31.90.Binxxxxxxxxxxxx

Create a key for Etcd

[root@node-01] # / data/kubernetes/bin/etcdctl-- ca-file / data/kubernetes/ssl/ca.pem-- cert-file / data/kubernetes/ssl/flanneld.pem-- key-file / data/kubernetes/ssl/flanneld-key.pem\-- no-sync-C https://10.31.90.201:2379,https://10.31.90.202:2379, Https://10.31.90.203:2379\ mk / kubernetes/network/config'{"Network": "10.2.0.0 vxlan 16", "Backend": {"Type": "vxlan", "VNI": 1}}'> / dev/null 2 > & 1

Start flannel

[root@node-01 ~] # systemctl daemon-reload [root@node-01 ~] # systemctl enable flannel [root @ node-01 ~] # chmod + x / data/kubernetes/bin/* [root @ node-01 ~] # systemctl start flannel

View service status

[root@node-01 ~] # systemctl status flannel configure Docker to use Flannel [root @ node-01 ~] # vim / usr/lib/systemd/system/docker.service [Unit] # modify After under Unit and add RequiresAfter=network-online.target firewalld.service flannel.serviceWants=network-online.targetRequires=flannel.service [Service] # add EnvironmentFile=-/run/flannel/dockerType=notifyEnvironmentFile=-/run/flannel/dockerExecStart=/usr/bin/dockerd $DOCKER_OPTS

Copy the configuration to all other node

[root@node-01 k8s] # for n in `Group201206`; do scp / usr/lib/systemd/system/docker.service 10.31.90.USERGREGUR LIREGUBAR systemdSystem.Docker.servicedone

Restart Docker

[root@node-01 ~] # systemctl daemon-reload [root@node-01 ~] # systemctl restart docker

If you look at each node, you will find that the ip addresses of the docker0 Nic and flannel Nic are the network segments configured above.

[root@node-01 k8s] # ifconfig docker0: flags=4099 mtu 1500 inet 10.2.84.1 netmask 255.255.255.0 broadcast 10.2.84.255 ether 02:42:5e:c6:0c:aa txqueuelen 0 (Ethernet) RX packets 0 bytes 0 (0.0B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 0 bytes 0 (0.0B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0flannel .1: flags=4163 mtu 1450 inet 10.2.84.0 netmask 255.255.255.255 broadcast 0.0.0.0 inet6 fe80::8ccc:15ff:fedd:c00d prefixlen 64 scopeid 0x20 ether 8e:cc:15:dd:c0:0d txqueuelen 0 (Ethernet) RX packets 0 bytes 0 (0.0B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 0 bytes 0 (0.0B) TX errors 0 dropped 8 overruns 0 carrier 0 collisions 0

At this point, all the clusters of K8s have been deployed, and we will continue to supplement the management, monitoring, storage and other documents.

Follow-up will update all the installation documents one after another, if you think I wrote well, I hope you pay more attention to like, thank you very much!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

Views: 202

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.

Share To

Servers

Wechat

© 2024 shulou.com SLNews company. All rights reserved.

12
Report