天天看点
返回

k8s---flannel网络

flannel网络

    • 一、flannel容器集群网络部署
    • 二、部署flannel
      • 1、在所有node节点上部署docker
      • 2、master
      • 3、查看写入的信息
      • 4、拷贝到所有node节点(只需要部署在node节点即可)
      • 5、所有node节点上操作解压
      • 6、k8s工作目录
      • 7、开启flannel网络功能
      • 8、配置docker连接flannel
      • 9、重启docker服务
      • 10、查看flannel网络

一、flannel容器集群网络部署

1、Overlay Network:覆盖网络,在基础网络上叠加的一种虚拟网络技术模式,该网络中的主机通过虚拟链路连接起来

2、VXLAN:将源数据包封装到UDP中,并使用基础网络的IP/MAC作外层报文头进行封装,然后再以太网上传输,到达目的地后由隧道端点解封并将数据转发到目标地址

3、Flannel:是Overlay网络的一种,也是将源数据包封装在另一种网络包里进行路由转发和通信,目前已经支持UDP、VXLAN、AWS、VPC和GCE路由等数据转发方式

k8s---flannel网络

二、部署flannel

关联上篇博客部署etcd

接着部署flannel

1、在所有node节点上部署docker

详见部署docker

2、master 

[[email protected] etcd-cert]# /opt/etcd/bin/etcdctl --ca-file=ca.pem --cert-file=server.pem --key-file=server-key.pem --endpoints="https://192.168.177.33:2379,https://192.168.177.8:2379,https://192.168.177.18:2379" set /coreos.com/network/config '{ "Network": "172.17.0.0/16", "Backend": {"Type": "vxlan"}}'

{ "Network": "172.17.0.0/16", "Backend": {"Type": "vxlan"}}

3、查看写入的信息 

[[email protected] etcd-cert]# /opt/etcd/bin/etcdctl --ca-file=ca.pem --cert-file=server.pem --key-file=server-key.pem --endpoints="https://192.168.177.33:2379,https://192.168.177.8:2379,https://192.168.177.18:2379" get /coreos.com/network/config
{ "Network": "172.17.0.0/16", "Backend": {"Type": "vxlan"}}

4、拷贝到所有node节点(只需要部署在node节点即可) 

[[email protected] k8s]# scp flannel-v0.10.0-linux-amd64.tar.gz [email protected]:/root
[[email protected] k8s]# scp flannel-v0.10.0-linux-amd64.tar.gz [email protected]:/root

5、所有node节点上操作解压 

[[email protected] ~]# tar zxvf flannel-v0.10.0-linux-amd64.tar.gz 
flanneld
mk-docker-opts.sh

6、k8s工作目录 

[[email protected] ~]# mkdir /opt/kubernetes/{cfg,bin,ssl} -p
[[email protected] ~]# mv mk-docker-opts.sh flanneld /opt/kubernetes/bin/

[[email protected] ~]# vim flannel.sh
#!/bin/bash

ETCD_ENDPOINTS=${1:-"http://127.0.0.1:2379"}

cat <<EOF >/opt/kubernetes/cfg/flanneld

FLANNEL_OPTIONS="--etcd-endpoints=${ETCD_ENDPOINTS} \
-etcd-cafile=/opt/etcd/ssl/ca.pem \
-etcd-certfile=/opt/etcd/ssl/server.pem \
-etcd-keyfile=/opt/etcd/ssl/server-key.pem"

EOF

cat <<EOF >/usr/lib/systemd/system/flanneld.service
[Unit]
Description=Flanneld overlay address etcd agent
After=network-online.target network.target
Before=docker.service

[Service]
Type=notify
EnvironmentFile=/opt/kubernetes/cfg/flanneld
ExecStart=/opt/kubernetes/bin/flanneld --ip-masq \$FLANNEL_OPTIONS
ExecStartPost=/opt/kubernetes/bin/mk-docker-opts.sh -k DOCKER_NETWORK_OPTIONS -d /run/flannel/subnet.env
Restart=on-failure

[Install]
WantedBy=multi-user.target

EOF

systemctl daemon-reload
systemctl enable flanneld
systemctl restart flanneld

7、开启flannel网络功能 

[[email protected] ~]# bash flannel.sh https://192.168.177.33:2379,https://192.168.177.8:2379,https://192.168.177.18:2379

Created symlink from /etc/systemd/system/multi-user.target.wants/flanneld.service to /usr/lib/systemd/system/flanneld.service.

8、配置docker连接flannel 

[[email protected] ~]# vim /usr/lib/systemd/system/docker.service

[Service]
Type=notify
# the default is not to use systemd for cgroups because the delegate issues still
# exists and systemd currently does not support the cgroup feature set required
# for containers run by docker
EnvironmentFile=/run/flannel/subnet.env
ExecStart=/usr/bin/dockerd $DOCKER_NETWORK_OPTIONS -H fd:// --containerd=/run/containerd/containerd.sock
ExecReload=/bin/kill -s HUP $MAINPID
TimeoutSec=0
RestartSec=2
Restart=always

[[email protected] ~]# cat /run/flannel/subnet.env
DOCKER_OPT_BIP="--bip=172.17.42.1/24"
DOCKER_OPT_IPMASQ="--ip-masq=false"
DOCKER_OPT_MTU="--mtu=1450"
//说明:bip指定启动时的子网
DOCKER_NETWORK_OPTIONS=" --bip=172.17.42.1/24 --ip-masq=false --mtu=1450"

9、重启docker服务 

[[email protected] ~]# systemctl daemon-reload
[[email protected] ~]# systemctl restart docker

10、查看flannel网络 

[[email protected] ~]# ifconfig
flannel.1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1450
        inet 172.17.84.0  netmask 255.255.255.255  broadcast 0.0.0.0
        inet6 fe80::fc7c:e1ff:fe1d:224  prefixlen 64  scopeid 0x20<link>
        ether fe:7c:e1:1d:02:24  txqueuelen 0  (Ethernet)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 26 overruns 0  carrier 0  collisions 0

//测试ping通对方docker0网卡 证明flannel起到路由作用

[[email protected] ~]# docker run -it centos:7 /bin/bash

[[email protected] /]# yum install net-tools -y

[[email protected] /]# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1450
        inet 172.17.84.2  netmask 255.255.255.0  broadcast 172.17.84.255
        ether 02:42:ac:11:54:02  txqueuelen 0  (Ethernet)
        RX packets 18192  bytes 13930229 (13.2 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 6179  bytes 337037 (329.1 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        loop  txqueuelen 1  (Local Loopback)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

//再次测试ping通两个node中的centos:7容器

k8s kubernetes Docker 网络 flannel
上一篇: Flannel网络原理
下一篇: 原型模式--创建型模式

继续阅读