k8s安装网络插件-flannel
2024-04-30 00:00:38
在完成了k8s的集群部署后查看集群状态的话还不是ready的状态,所以需要安装网络插件来完成k8s的集群创建的最后一步。
kube-flannel.yml文件在国外服务器上,搭建k8s集群时可以使用如下kube-flannel.yml。kube-flannel的命名空间是在 kube-system下。
保存一下内容为kube-flannel.yml
执行
kubectl apply -f kube-flannel.yml---
apiVersion: policy/v1beta1
kind: PodSecurityPolicy
metadata:name: psp.flannel.unprivilegedannotations:seccomp.security.alpha.kubernetes.io/allowedProfileNames: docker/defaultseccomp.security.alpha.kubernetes.io/defaultProfileName: docker/defaultapparmor.security.beta.kubernetes.io/allowedProfileNames: runtime/defaultapparmor.security.beta.kubernetes.io/defaultProfileName: runtime/default
spec:privileged: falsevolumes:- configMap- secret- emptyDir- hostPathallowedHostPaths:- pathPrefix: "/etc/cni/net.d"- pathPrefix: "/etc/kube-flannel"- pathPrefix: "/run/flannel"readOnlyRootFilesystem: falserunAsUser:rule: RunAsAnysupplementalGroups:rule: RunAsAnyfsGroup:rule: RunAsAnyallowPrivilegeEscalation: falsedefaultAllowPrivilegeEscalation: falseallowedCapabilities: ['NET_ADMIN', 'NET_RAW']defaultAddCapabilities: []requiredDropCapabilities: []hostPID: falsehostIPC: falsehostNetwork: truehostPorts:- min: 0max: 65535seLinux:rule: 'RunAsAny'
---
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:name: flannel
rules:
- apiGroups: ['extensions']resources: ['podsecuritypolicies']verbs: ['use']resourceNames: ['psp.flannel.unprivileged']
- apiGroups:- ""resources:- podsverbs:- get
- apiGroups:- ""resources:- nodesverbs:- list- watch
- apiGroups:- ""resources:- nodes/statusverbs:- patch
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:name: flannel
roleRef:apiGroup: rbac.authorization.k8s.iokind: ClusterRolename: flannel
subjects:
- kind: ServiceAccountname: flannelnamespace: kube-system
---
apiVersion: v1
kind: ServiceAccount
metadata:name: flannelnamespace: kube-system
---
kind: ConfigMap
apiVersion: v1
metadata:name: kube-flannel-cfgnamespace: kube-systemlabels:tier: nodeapp: flannel
data:cni-conf.json: |{"name": "cbr0","cniVersion": "0.3.1","plugins": [{"type": "flannel","delegate": {"hairpinMode": true,"isDefaultGateway": true}},{"type": "portmap","capabilities": {"portMappings": true}}]}net-conf.json: |{"Network": "10.244.0.0/16","Backend": {"Type": "vxlan"}}
---
apiVersion: apps/v1
kind: DaemonSet
metadata:name: kube-flannel-dsnamespace: kube-systemlabels:tier: nodeapp: flannel
spec:selector:matchLabels:app: flanneltemplate:metadata:labels:tier: nodeapp: flannelspec:affinity:nodeAffinity:requiredDuringSchedulingIgnoredDuringExecution:nodeSelectorTerms:- matchExpressions:- key: kubernetes.io/osoperator: Invalues:- linuxhostNetwork: truepriorityClassName: system-node-criticaltolerations:- operator: Existseffect: NoScheduleserviceAccountName: flannelinitContainers:- name: install-cni-pluginimage: rancher/mirrored-flannelcni-flannel-cni-plugin:v1.1.0command:- cpargs:- -f- /flannel- /opt/cni/bin/flannelvolumeMounts:- name: cni-pluginmountPath: /opt/cni/bin- name: install-cniimage: rancher/mirrored-flannelcni-flannel:v0.18.1command:- cpargs:- -f- /etc/kube-flannel/cni-conf.json- /etc/cni/net.d/10-flannel.conflistvolumeMounts:- name: cnimountPath: /etc/cni/net.d- name: flannel-cfgmountPath: /etc/kube-flannel/containers:- name: kube-flannelimage: rancher/mirrored-flannelcni-flannel:v0.18.1command:- /opt/bin/flanneldargs:- --ip-masq- --kube-subnet-mgrresources:requests:cpu: "100m"memory: "50Mi"limits:cpu: "100m"memory: "50Mi"securityContext:privileged: falsecapabilities:add: ["NET_ADMIN", "NET_RAW"]env:- name: POD_NAMEvalueFrom:fieldRef:fieldPath: metadata.name- name: POD_NAMESPACEvalueFrom:fieldRef:fieldPath: metadata.namespace- name: EVENT_QUEUE_DEPTHvalue: "5000"volumeMounts:- name: runmountPath: /run/flannel- name: flannel-cfgmountPath: /etc/kube-flannel/- name: xtables-lockmountPath: /run/xtables.lockvolumes:- name: runhostPath:path: /run/flannel- name: cni-pluginhostPath:path: /opt/cni/bin- name: cnihostPath:path: /etc/cni/net.d- name: flannel-cfgconfigMap:name: kube-flannel-cfg- name: xtables-lockhostPath:path: /run/xtables.locktype: FileOrCreate
执行查看安装的状态
kubectl get pods --all-namespaces
当是running的状态后再查看集群的状态是否为ready
查看命令
kubectl get nodesk8s安装网络插件-flannel相关推荐
- k8s安装网络插件镜像下载不了问题
下面是本人在帮好友安装k8s过程中在安装网络插件这里碰到的问题 使用kubectl apply -f kube-flannel.yml安装flannel网络插件 安装完之后是要等个一阵子的,但是等了十 ...
- K8s网络插件Flannel,Calico
文章目录 一.K8s网络插件flannel与calico 1. k8s网络解决方案 容器虚拟化网络方案 基于隧道 基于路由 2. CNI(容器网络接口) flannel与calico 选型比较 3. ...
- 安装pod网络插件flannel
官网地址 https://github.com/flannel-io/flannel/blob/master/Documentation/kube-flannel.yml 感觉网络这块有点复杂,抠脑壳 ...
- Kubernetes网络插件flannel和calico
网络插件flannel 跨主机通信的一个解决方案是Flannel,由CoreOS推出,支持3种实现:UDP.VXLAN.host-gw udp模式:使用设备flannel.0进行封包解包,不是内核原生 ...
- 3、kubeadm部署Kubernetes 网络插件flannel、Calico、weave 并设置集群角色
Kubernetes(k8s)是自动化容器操作的开源平台,这些操作包括部署,调度和节点集群间扩展. Kubernetes不仅支持Docker,还支持Rocket,这是另一种容器技术. 使用Kubern ...
- 解析 | K8S之网络插件exec
K8S支持3种类型的网络插件. 今天继续介绍下另一种插件exec K8S网络插件支持exec.CNI.kubenet 3种类型.插件满足K8S网络插件接口即可. type NetworkPlugin ...
- Kubernetes网络插件Flannel
1.Kubernetes网络通信 (1) 容器间通信 同一个Pod内的多个容器间的通信, lo (2)Pod通信 Pod IP <-(直达)-> Pod IP 意思就是pod和pod之间使 ...
- k8s的网络插件kube-flannel.yml
k8s的网络插件kube-flannel.yml 文件下载地址如下: 链接:https://pan.baidu.com/s/1DznYEH4tzfAfgBB3axX-6A 提取码:ZgLt 复制这段内 ...
- cni k8s 插件安装_k8s的CNI网络插件-flannel
k8s设计了网络模型,但是把实现交给了网络插件,而CNI网络插件实现的最主要的功能就是POD跨宿主机资源互相访问 flannel安装: hdss7-21和hdss7-22 两个几点操作:wget ht ...
最新文章
- Jsoup 替换文本中所有的img src属性
- sharepoint文件夹本地同步_干货 | 如何将主机文件自动同步至对象存储
- telegram 创建机器人
- 【C 语言】内存四区原理 ( 内存四区建立流程 )
- winform point数组带数值_带你学够浪:Go语言基础系列 - 8分钟学复合类型
- 最有影响力的自然语言处理NLP论文
- easyUI的图标设置
- linux lib lib64 区别,lib,lib32,lib64,libx32和libexec之间的区别
- FlashMapManager
- 互联网产品设计常用文档类型-BRD、MRD、PRD、FSD
- iOS 技术官方 QA
- Unreal的控制台命令参数合集
- Mac/Linux 安装联邦学习 Fate 框架单机部署所需的依赖(填坑大全)
- 又涨价了!华为 P40系列海外售价曝光:还好国行版友好不少
- centos5.2 lamp安装指南
- 配置eclipse反编译
- H5接入支付流程-微信支付支付宝支付
- android:ellipsize
- CentOS虚拟机更改NAT网关及IP地址信息
- 利用Python快速绘制海报级别地图