这篇文章整理以下Master节点的flannel的安装与设定方法，本文以脚本的方式进行固化，内容仍然放在github的easypack上。

整体操作

https://blog.csdn.net/liumiaocn/article/details/88413428

flannel的设定文件

[root@host131 shell]# cat /etc/flannel/flannel.conf
FLANNELD_OPTS="-etcd-cafile=/etc/ssl/ca/ca.pem \-etcd-certfile=/etc/ssl/flannel/flanneld.pem \-etcd-keyfile=/etc/ssl/flannel/flanneld-key.pem \-etcd-endpoints=https://192.168.163.131:2379 \-etcd-prefix=/coreos.com/network \-iface=enp0s3 \-ip-masq"
[root@host131 shell]#

Systemd服务配置文件

[root@host131 shell]# cat /usr/lib/systemd/system/flanneld.service
[Unit]
Description=Flanneld Service
Documentation=https://github.com/coreos/flannel
After=network.target
After=network-online.target
Wants=network-online.target
After=etcd.service
Before=docker.service[Service]
EnvironmentFile=-/etc/flannel/flannel.conf
ExecStart=/usr/local/bin/flanneld $FLANNELD_OPTS
ExecStartPost=/usr/local/bin/mk-docker-opts.sh -k DOCKER_NETWORK_OPTIONS -d /run/flannel/docker
Restart=on-failure[Install]
WantedBy=multi-user.target
RequiredBy=docker.service
[root@host131 shell]#

脚本示例

[root@host131 shell]# cat step6-install-flannel.sh
#!/bin/sh. ./install.cfg# set cfssl tools in search path
chmod 755 ${ENV_HOME_CFSSL}/*
if [ $? -ne 0 ]; thenecho "prepare downloaded cfssl tools in ${ENV_HOME_CFSSL} in advance"exit
fiexport PATH=${ENV_HOME_CFSSL}:$PATHmkdir -p ${ENV_SSL_FLANNEL_DIR}
cd  ${ENV_SSL_FLANNEL_DIR}
if [ $? -ne 0 ]; thenecho "failed to create dir :${ENV_SSL_FLANNEL_DIR}"exit
ficat > ${ENV_SSL_FLANNEL_CSR} <<EOF
{"CN": "${ENV_SSL_FLANNEL_CSR_CN}","hosts": [],"key": {"algo": "${ENV_SSL_KEY_ALGO}","size": ${ENV_SSL_KEY_SIZE}},"names": [{"C": "${ENV_SSL_NAMES_C}","ST": "${ENV_SSL_NAMES_L}","L": "${ENV_SSL_NAMES_ST}","O": "${ENV_SSL_NAMES_O}","OU": "${ENV_SSL_NAMES_OU}"}]
}
EOFcfssl gencert -ca=${ENV_SSL_CA_DIR}/${ENV_SSL_FILE_CA_PEM} \-ca-key=${ENV_SSL_CA_DIR}/${ENV_SSL_FILE_CA_KEY} \-config=${ENV_SSL_CA_DIR}/${ENV_SSL_FILE_CA_CONFIG} \-profile=${ENV_SSL_PROFILE_K8S} ${ENV_SSL_FLANNEL_CSR} | cfssljson -bare ${ENV_SSL_FLANNEL_CERT_PRIFIX}ls ${ENV_SSL_FLANNEL_DIR}/*pemETCD_ENDPOINTS=`echo ${ENV_ETCD_HOSTS} |awk -v port=${ENV_ETCD_CLIENT_PORT} -F" " '{for(cnt=1; cnt<NF; cnt++){printf("https://%s:%s,",$cnt,port);}printf("https://%s:%s",$cnt,port);
}'`# flannel v0.10 : not support etcd v3
ETCDCTL_API=2 etcdctl \--endpoints=${ETCD_ENDPOINTS} \--ca-file=${ENV_SSL_CA_DIR}/${ENV_SSL_FILE_CA_PEM} \--cert-file=${ENV_SSL_FLANNEL_DIR}/${ENV_SSL_FLANNEL_CERT_PRIFIX}.pem \--key-file=${ENV_SSL_FLANNEL_DIR}/${ENV_SSL_FLANNEL_CERT_PRIFIX}-key.pem \set ${ENV_FLANNEL_ETCD_NETWORK_PREFIX}/config '{"Network":"'${ENV_KUBE_OPT_CLUSTER_IP_RANGE}'", "SubnetLen": 21, "Backend": {"Type": "vxlan"}}'echo -e "\n##  flanneld service"
systemctl stop flanneld 2>/dev/nullmkdir -p ${ENV_FLANNEL_DIR_BIN} ${ENV_FLANNEL_DIR_ETC} ${ENV_FLANNEL_DIR_RUN}
chmod 755 ${ENV_HOME_FLANNEL}/{flanneld,mk-docker-opts.sh}
cp -p ${ENV_HOME_FLANNEL}/{flanneld,mk-docker-opts.sh} ${ENV_FLANNEL_DIR_BIN}
if [ $? -ne 0 ]; thenecho "please check flanneld binary file and mk-docker-opts.sh existed in ${ENV_HOME_FLANNEL}/ or not"exit
fi# create flannel configuration file
cat >${ENV_FLANNEL_DIR_ETC}/${ENV_FLANNEL_ETC} <<EOF
FLANNELD_OPTS="-etcd-cafile=${ENV_SSL_CA_DIR}/${ENV_SSL_FILE_CA_PEM} \\-etcd-certfile=${ENV_SSL_FLANNEL_DIR}/${ENV_SSL_FLANNEL_CERT_PRIFIX}.pem \\-etcd-keyfile=${ENV_SSL_FLANNEL_DIR}/${ENV_SSL_FLANNEL_CERT_PRIFIX}-key.pem \\-etcd-endpoints=${ETCD_ENDPOINTS} \\-etcd-prefix=${ENV_FLANNEL_ETCD_NETWORK_PREFIX} \\-iface=${ENV_FLANNEL_OPT_IFACE} \\-ip-masq"
EOF# Create flannel service.
cat >${ENV_FLANNEL_SERVICE} <<EOF
[Unit]
Description=Flanneld Service
Documentation=https://github.com/coreos/flannel
After=network.target
After=network-online.target
Wants=network-online.target
After=etcd.service
Before=docker.service[Service]
EnvironmentFile=-${ENV_FLANNEL_DIR_ETC}/${ENV_FLANNEL_ETC}
ExecStart=${ENV_FLANNEL_DIR_BIN}/flanneld \$FLANNELD_OPTS
ExecStartPost=${ENV_FLANNEL_DIR_BIN}/mk-docker-opts.sh -k DOCKER_NETWORK_OPTIONS -d ${ENV_FLANNEL_DIR_RUN}/docker
Restart=on-failure[Install]
WantedBy=multi-user.target
RequiredBy=docker.service
EOFecho -e "\n##  daemon reload service "
systemctl daemon-reload
echo -e "\n##  start flannel service "
systemctl start flanneld
echo -e "\n##  enable flannel service "
systemctl enable flanneld
echo -e "\n##  check  flannel status"
systemctl status flanneld
[root@host131 shell]#

执行示例

[root@host131 shell]# sh step6-install-flannel.sh
2019/03/24 13:37:03 [INFO] generate received request
2019/03/24 13:37:03 [INFO] received CSR
2019/03/24 13:37:03 [INFO] generating key: rsa-2048
2019/03/24 13:37:04 [INFO] encoded CSR
2019/03/24 13:37:04 [INFO] signed certificate with serial number 652274714063907134614492461596477882158874665465
2019/03/24 13:37:04 [WARNING] This certificate lacks a "hosts" field. This makes it unsuitable for
websites. For more information see the Baseline Requirements for the Issuance and Management
of Publicly-Trusted Certificates, v.1.1.6, from the CA/Browser Forum (https://cabforum.org);
specifically, section 10.2.3 ("Information Requirements").
/etc/ssl/flannel/flanneld-key.pem  /etc/ssl/flannel/flanneld.pem
{"Network":"172.200.0.0/16", "SubnetLen": 21, "Backend": {"Type": "vxlan"}}##  flanneld service##  daemon reload service ##  start flannel service ##  enable flannel service ##  check  flannel status
● flanneld.service - Flanneld ServiceLoaded: loaded (/usr/lib/systemd/system/flanneld.service; enabled; vendor preset: disabled)Active: active (running) since Sun 2019-03-24 13:37:04 CST; 266ms agoDocs: https://github.com/coreos/flannelMain PID: 14887 (flanneld)CGroup: /system.slice/flanneld.service└─14887 /usr/local/bin/flanneld -etcd-cafile=/etc/ssl/ca/ca.pem -etcd-certfile=/etc/ssl/flannel/flanneld.pem -etcd-keyfile=/etc/ssl/flannel/fla...Mar 24 13:37:04 host131 systemd[1]: Starting Flanneld Service...
Mar 24 13:37:04 host131 systemd[1]: Started Flanneld Service.
Mar 24 13:37:04 host131 flanneld[14887]: I0324 13:37:04.868581   14887 main.go:488] Using interface with name enp0s3 and address 192.168.163.131
Mar 24 13:37:04 host131 flanneld[14887]: I0324 13:37:04.868911   14887 main.go:505] Defaulting external address to interface address (192.168.163.131)
Mar 24 13:37:04 host131 flanneld[14887]: warning: ignoring ServerName for user-provided CA for backwards compatibility is deprecated
Mar 24 13:37:04 host131 flanneld[14887]: I0324 13:37:04.886022   14887 main.go:235] Created subnet manager: Etcd Local Manager with Previous Subnet: None
Mar 24 13:37:04 host131 flanneld[14887]: I0324 13:37:04.886039   14887 main.go:238] Installing signal handlers
[root@host131 shell]#

flannel设定之后各node节点都会统一管理ip，不同容器之间的互联互通成为可能，当然calico等也是同样作用。

Kubernetes安装系列之网络组件-Flannel安装设定相关推荐

总结 Underlay 和 Overlay 网络,在k8s集群实现underlay网络,网络组件flannel vxlan/ calico IPIP模式的网络通信流程,基于二进制实现高可用的K8S集群
1.总结Underlay和Overlay网络的的区别及优缺点 Overlay网络:  Overlay 叫叠加网络也叫覆盖网络,指的是在物理网络的基础之上叠加实现新的虚拟网络,即可使网络的中的容器可 ...
【转】Magento2 安装系列一虚拟机、CentOS7 安装
前言最近打算在Windows10安装最新的magento2.3,由于mg2.3对Windows支持不太友好,所以就打算在Windows10安装虚拟机,虚拟机安装CentOS7版本的Linux,Lin ...
惠普安装linux网卡,网络无人职守安装linux PXE
网络无人职守安装linux Writen BY HPLJ-2007.12.4 1配置启动安装服务器 1)install and configure dhcp service /etc/dhcpd.co ...
火狐浏览器安装java插件下载_插件下载安装系列Eclipse/IDEA/谷歌/火狐安装插件
装对的插件,如虎添翼硬肝的人生,慎重肾重 eclipse安装插件商店安装: help - about eclipse - installation detail - 搜索安装即可 jar包安装: ...
安装 vue-konva 后提示组件未安装
在一个vue项目中使用vue-konva,按照vue-konva官方文档步骤 1. 通过 npm 安装npm install vue-konva konva --save2. 导入和使用VueKonv ...
oracle19c 安装权限_Oracle 数据库安装系列一：19C 软件安装和补丁升级
点击上方蓝字关注我们-我们的文章会在微信公众号"Oracle恢复实录"和博客网站"rescureora.com" 同步更新 ,欢迎关注收藏,也欢迎大家转载,但是 ...
ROS系统之安装系列（一）：安装步骤
1.配置Ubuntu的软件和更新配置Ubuntu的软件和更新,允许安装不经认证的软件.打开"软件和更新"对话框,具体可以在 Ubuntu 搜索按钮中搜索. 打开后按照下图要求进行 ...
centos安装android应用程序,centos7软件安装系列【二十一】安装android打包环境
8种机械键盘轴体对比本人程序员,要买一个写代码的键盘,请问红轴和茶轴怎么选? 下载地址:https://developer.android.google.cn/studio 下载指定文件: 命令如下 ...
验证计算机名出现一般性网络错误,SQL SERVER 2000 安装提示一般性网络错误
SQL SERVER 2000 安装提示"一般性网络错误" 今天安装SQL SERVER 2000 个人版,安装最后弹出错误对话框: "安装程序配置服务器失败.参考服务器 ...

Kubernetes安装系列之网络组件-Flannel安装设定

整体操作

flannel的设定文件

Systemd服务配置文件

脚本示例

执行示例

Kubernetes安装系列之网络组件-Flannel安装设定相关推荐

最新文章

热门文章