本文主要是介绍Kubernetes进阶 -- calico网络插件,希望对大家解决编程问题提供一定的参考价值,需要的开发者们随着小编来一起学习吧!
calico网络插件
harbor仓库中新建 calico 项目,因为我们已经指定了镜像下载仓库是harbor,默认会从里面的library仓库下载,但是calico.yml文件指定从calico仓库下载,不想改动文件情况下我们在harbor上新建calico仓库。
拉取镜像:
[root@server1 harbor]# docker pull calico/cni:v3.14.1[root@server1 harbor]# docker pull calico/pod2daemon-flexvol:v3.14.1[root@server1 harbor]# docker pull calico/node:v3.14.1[root@server1 harbor]# docker pull calico/kube-controllers:v3.14.1[root@server1 harbor]# for i in `docker images |grep calico| awk '{print $1":"$2}'`;do docker tag $i reg.caoaoyuan.org/$i;done
//打标签
[root@server1 harbor]# for i in `docker images |grep reg.caoaoyuan.org\/calico| awk '{print $1":"$2}'`;do docker push $i;done
//上传
calico网络插件通flannel插件一样,具有针对同网段和不同网段的模式。
- name: CALICO_IPV4POOL_IPIP
value: “Always”
它里面的 ipip 就相当于 ip 的隧道,由于我们目前的主机都再统一网段,我们就可以关闭它。使用边界网关协议就可以了
移除flannel插件的服务和数据
[root@server2 manifest]# kubectl delete -f kube-flannel.yml
[root@server2 mainfest]# mv /etc/cni/net.d/10-flannel.conflist /mnt/ # 这一步在三个结点都做[root@server2 manifest]# vim calico.yaml- name: CALICO_IPV4POOL_IPIPvalue: "off"[root@server2 manifest]# kubectl apply -f calico.yaml
[root@server2 manifest]# kubectl get pod -n kube-system -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
calico-kube-controllers-76d4774d89-th4kq 1/1 Running 0 3m42s 10.244.1.96 server3 <none> <none>
calico-node-8qvg5 1/1 Running 0 3m42s 172.25.254.3 server3 <none> <none>
calico-node-8tbjj 1/1 Running 0 3m42s 172.25.254.2 server2 <none> <none>
calico-node-dxpbx 1/1 Running 0 3m42s 172.25.254.4 server4 <none> <none>
//它是以daemonset的方式运行的[root@server4 ~]# ip a
4: dummy0: <BROADCAST,NOARP> mtu 1500 qdisc noop state DOWN group default qlen 1000link/ether 52:af:33:ec:ef:32 brd ff:ff:ff:ff:ff:ff
ipvs0valid_lft forever preferred_lft forever
6: cali6463bc8abcb@if3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1440 qdisc noqueue state UP group default link/ether ee:ee:ee:ee:ee:ee brd ff:ff:ff:ff:ff:ff link-netnsid 0inet6 fe80::ecee:eeff:feee:eeee/64 scope link valid_lft forever preferred_lft forever
flannel 的设备消失了 calico的设备出现[root@server3 ~]# ip route
default via 172.25.254.67 dev ens3
10.244.22.0/26 via 172.25.254.4 dev ens3 proto bird
blackhole 10.244.141.192/26 proto bird
10.244.141.194 dev calibd4bc725030 scope link
10.244.141.195 dev cali4bc5eb922f6 scope link //看出访问本机时直接走这个设备,类似与host-gw
我们还可以更改它的 ip 池:
# Enable IPIP- name: CALICO_IPV4POOL_IPIPvalue: "Always" //打开ip隧道# Enable or Disable VXLAN on the default IP pool.- name: CALICO_IPV4POOL_VXLANvalue: "Never"- name: CALICO_IPV4POOL_CIDRvalue: "10.244.0.0/16" //设置地址池[root@server4 ~]# ip a
9: tunl0@NONE: <NOARP,UP,LOWER_UP> mtu 1440 qdisc noqueue state UNKNOWN group default qlen 1000link/ipip 0.0.0.0 brd 0.0.0.0inet 10.244.22.0/32 brd 10.244.22.0 scope global tunl0valid_lft forever preferred_lft forever
[root@server3 ~]# ip a
9: tunl0@NONE: <NOARP,UP,LOWER_UP> mtu 1440 qdisc noqueue state UNKNOWN group default qlen 1000link/ipip 0.0.0.0 brd 0.0.0.0inet 10.244.141.192/32 brd 10.244.141.192 scope global tunl0valid_lft forever preferred_lft forever
在每个结点上就会出现一个隧道设备。
[root@rhel7host ~]# curl 172.25.254.3:30899/hostname.html
deployment-example-846496db9d-cqmqz
[root@rhel7host ~]# curl 172.25.254.3:30899/hostname.html
deployment-example-846496db9d-rn6sx
[root@rhel7host ~]# curl 172.25.254.3:30899/hostname.html
deployment-example-846496db9d-cqmqz
访问也是没有问题的。
这篇关于Kubernetes进阶 -- calico网络插件的文章就介绍到这儿,希望我们推荐的文章对编程师们有所帮助!
![[MySQL表的增删改查-进阶]](https://i-blog.csdnimg.cn/direct/626d73342e0c406894e1017eafd30cf2.png)