k8s-2(Flanne网络)

1、写入分配的子网段到etcd，供flanneld使用

[root@linux-node1 ssl]# pwd
/opt/etcd/ssl
[root@linux-node1 ssl]# /opt/etcd/bin/etcdctl --ca-file=ca.pem --cert-file=server.pem --key-file=server-key.pem https://192.168.56.11:2379,https://192.168.56.12:2379,https://192.168.56.13:2379 set /coreos.com/network/config '{ "Network": "172.17.0.0/16", "Backend": {"Type": "vxlan"}}'
No help topic for 'https://192.168.56.11:2379,https://192.168.56.12:2379,https://192.168.56.13:2379'
[root@linux-node1 ssl]# /opt/etcd/bin/etcdctl --ca-file=ca.pem --cert-file=server.pem --key-file=server-key.pem --endpoints="https://192.168.56.11:2379,https://192.168.56.12:2379,https://192.168.56.13:2379" set /coreos.com/network/config '{ "Network": "172.17.0.0/16", "Backend": {"Type": "vxlan"}}'
{ "Network": "172.17.0.0/16", "Backend": {"Type": "vxlan"}}
[root@linux-node1 ssl]# /opt/etcd/bin/etcdctl --ca-file=ca.pem --cert-file=server.pem --key-file=server-key.pem --endpoints="https://192.168.56.11:2379,https://192.168.56.12:2379,https://192.168.56.13:2379" get /coreos.com/network/config 
{ "Network": "172.17.0.0/16", "Backend": {"Type": "vxlan"}}

下载二进制包

https://github.com/coreos/flannel/releases

2、flanneld只在node节点部署（在node01执行）

[root@linux-node2 ~]# cat flannel.sh 
#!/bin/bash

ETCD_ENDPOINTS=${1:-"http://127.0.0.1:2379"}

cat <<EOF >/opt/kubernetes/cfg/flanneld

FLANNEL_OPTIONS="--etcd-endpoints=${ETCD_ENDPOINTS} 
-etcd-cafile=/opt/etcd/ssl/ca.pem 
-etcd-certfile=/opt/etcd/ssl/server.pem 
-etcd-keyfile=/opt/etcd/ssl/server-key.pem"

EOF

cat <<EOF >/usr/lib/systemd/system/flanneld.service
[Unit]
Description=Flanneld overlay address etcd agent
After=network-online.target network.target
Before=docker.service

[Service]
Type=notify
EnvironmentFile=/opt/kubernetes/cfg/flanneld
ExecStart=/opt/kubernetes/bin/flanneld --ip-masq $FLANNEL_OPTIONS
ExecStartPost=/opt/kubernetes/bin/mk-docker-opts.sh -k DOCKER_NETWORK_OPTIONS -d /run/flannel/subnet.env
Restart=on-failure

[Install]
WantedBy=multi-user.target

EOF

cat <<EOF >/usr/lib/systemd/system/docker.service

[Unit]
Description=Docker Application Container Engine
Documentation=https://docs.docker.com
After=network-online.target firewalld.service
Wants=network-online.target

[Service]
Type=notify
EnvironmentFile=/run/flannel/subnet.env
ExecStart=/usr/bin/dockerd $DOCKER_NETWORK_OPTIONS
ExecReload=/bin/kill -s HUP $MAINPID
LimitNOFILE=infinity
LimitNPROC=infinity
LimitCORE=infinity
TimeoutStartSec=0
Delegate=yes
KillMode=process
Restart=on-failure
StartLimitBurst=3
StartLimitInterval=60s

[Install]
WantedBy=multi-user.target

EOF

systemctl daemon-reload
systemctl enable flanneld
systemctl restart flanneld
systemctl restart docker

[root@linux-node1 k8s]# scp flannel-v0.10.0-linux-amd64.tar.gz root@192.168.56.12:~
flannel-v0.10.0-linux-amd64.tar.gz                                                                                    100% 9479KB  24.8MB/s   00:00    
[root@linux-node1 k8s]# scp flannel-v0.10.0-linux-amd64.tar.gz root@192.168.56.13:~
flannel-v0.10.0-linux-amd64.tar.gz                                                                                    100% 9479KB  26.4MB/s   00:00    
[root@linux-node1 k8s]# pwd
/root/k8s

[root@linux-node2 ~]# pwd
/root
[root@linux-node2 ~]# tar xf flannel-v0.10.0-linux-amd64.tar.gz
[root@linux-node2 ~]# mkdir /opt/kubernetes/{cfg,bin,ssl} -p
[root@linux-node2 ~]# mv flanneld mk-docker-opts.sh /opt/kubernetes/bin/
[root@linux-node2 ~]# sh flannel.sh https://192.168.56.11:2379,https://192.168.56.12:2379,https://192.168.56.13:2379

[root@linux-node2 ~]# scp /usr/lib/systemd/system/docker.service /usr/lib/systemd/system/flanneld.service  root@192.168.56.13:/usr/lib/systemd/system/
root@192.168.56.13's password: 
docker.service                                                                                                        100%  526     1.1MB/s   00:00    
flanneld.service                                                                                                      100%  417   242.6KB/s   00:00 
[root@linux-node2 ~]# scp -r /opt/kubernetes root@192.168.56.13:/opt
The authenticity of host '192.168.56.13 (192.168.56.13)' can't be established.
ECDSA key fingerprint is SHA256:73+rDZHGUsLq1fkLT5whmldCOUCNTw0BAoaIepQzBDA.
ECDSA key fingerprint is MD5:f0:89:80:a8:6a:43:60:45:4d:a5:bd:e2:84:87:8d:e0.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.56.13' (ECDSA) to the list of known hosts.
root@192.168.56.13's password: 
flanneld                                                                                                              100%  235   128.0KB/s   00:00    
flanneld                                                                                                              100%   35MB  34.6MB/s   00:01    
mk-docker-opts.sh 

3、在node02执行

systemctl enable flanneld
systemctl start flanneld
systemctl enable docker
systemctl restart docker

4、检查

 在node01、node02启动一个busybo互ping 如果同则没有问题

docker run -it busybox sh