Flannel安装和配置

安装Flannel

直接使用yum进行安装

$ yum list flanneld
$ yum install -y flanneld

配置Flannel

使用yum安装后,会生成/usr/lib/systemd/system/flanneld.service配置文件

[Unit]
Description=Flanneld overlay address etcd agent
After=network.target
After=network-online.target
Wants=network-online.target
After=etcd.service
Before=docker.service

[Service]
Type=notify
EnvironmentFile=/etc/sysconfig/flanneld
EnvironmentFile=-/etc/sysconfig/docker-network
ExecStart=/usr/bin/flanneld-start $FLANNEL_OPTIONS
ExecStartPost=/usr/libexec/flannel/mk-docker-opts.sh -k DOCKER_NETWORK_OPTIONS -d /run/flannel/docker
Restart=on-failure

[Install]
WantedBy=multi-user.target
RequiredBy=docker.service

可以看到flannel环境变量配置文件在/etc/sysconfig/flanneld

# Flanneld configuration options  

# etcd url location.  Point this to the server where etcd runs
FLANNEL_ETCD_ENDPOINTS="https://172.20.0.113:2379,https://172.20.0.114:2379,https://172.20.0.115:2379"

# etcd config key.  This is the configuration key that flannel queries
# For address range assignment
FLANNEL_ETCD_PREFIX="/kube-centos/network"

# Any additional options that you want to pass
FLANNEL_OPTIONS="-etcd-cafile=/etc/etcd/ssl/ca.pem -etcd-certfile=/etc/etcd/ssl/etcd.pem -etcd-keyfile=/etc/etcd/ssl/etcd-key.pem"
  • etcd的地址FLANNEL_ETCD_ENDPOINT
  • etcd查询的目录,包含docker的IP地址段配置。FLANNEL_ETCD_PREFIX, 需要在etcd集群中有对应的路径
  • FLANNEL_OPTIONS配置了TLS证书

在etcd中创建网络配置

执行下面的命令为docker分配IP地址段,用于启动容器时分配ip

$ etcdctl mkdir /kube-centos/network
$ etcdctl mk /kube-centos/network/config "{ \"Network\": \"10.254.0.0/16\", \"SubnetLen\": 24, \"Backend\": { \"Type\": \"vxlan\" } }"

ip地址需要为10开头的,kubernetes集群安装kube-dns时,配置为别的曾经出错

启动flannel

$ systemctl daemon-reload
$ systemctl enable flanneld
$ systemctl start  flanneld
$ systemctl status flanneld

flannel 子网段

Flannel启动后,应当有/run/flannel/subnet.env文件, source使之生效

$ cat /run/flannel/subnet.env
FLANNEL_NETWORK=10.254.0.0/16
FLANNEL_SUBNET=10.254.46.1/24
FLANNEL_MTU=1450
FLANNEL_IPMASQ=false
$ source /run/flannel/subnet.env

查询Etcd中的内容

$ etcdctl ls /kube-centos/network/subnets
/kube-centos/network/subnets/10.254.14.0-24
/kube-centos/network/subnets/10.254.38.0-24
/kube-centos/network/subnets/10.254.46.0-24
$ etcdctl get /kube-centos/network/config
{ "Network": "10.254.0.0/16", "SubnetLen": 24, "Backend": { "Type": "vxlan" } }
$ etcdctl get /kube-centos/network/subnets/10.254.14.0-24
{"PublicIP":"10.254.0.114","BackendType":"vxlan","BackendData":{"VtepMAC":"56:27:7d:1c:08:22"}}
$ etcdctl get /kube-centos/network/subnets/10.254.38.0-24
{"PublicIP":"10.254.0.115","BackendType":"vxlan","BackendData":{"VtepMAC":"12:82:83:59:cf:b8"}}
$ etcdctl get /kube-centos/network/subnets/10.254.46.0-24
{"PublicIP":"10.254.0.113","BackendType":"vxlan","BackendData":{"VtepMAC":"e6:b2:fd:f6:66:96"}}

查询ip

使用ip addr,此时docker和flannel应当在同一网段中

6: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN 
    link/ether 02:42:da:bf:83:a2 brd ff:ff:ff:ff:ff:ff
    inet 10.254.38.1/24 brd 172.30.38.255 scope global docker0
       valid_lft forever preferred_lft forever
7: flannel.1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc noqueue state UNKNOWN 
    link/ether 9a:29:46:61:03:44 brd ff:ff:ff:ff:ff:ff
    inet 10.254.38.0/32 scope global flannel.1
       valid_lft forever preferred_lft forever

results matching ""

    No results matching ""