Kubernetes集群部署之六Flannel網絡部署

1.為Flannel生成證書:

<code>[root@k8s-master ~]# cd /usr/local/src/ssl/
[root@k8s-master ssl]# cat > flanneld-csr.json  
2.生成證書
<code>[root@k8s-master ssl]# cfssl gencert -ca=/opt/kubernetes/ssl/ca.pem \
   -ca-key=/opt/kubernetes/ssl/ca-key.pem \
   -config=/opt/kubernetes/ssl/ca-config.json \
   -profile=kubernetes flanneld-csr.json | cfssljson -bare flanneld
   /<code>
3.分發證書文件
<code>[root@k8s-master ssl]# cp flanneld*.pem /opt/kubernetes/ssl/
[root@k8s-master ssl]# scp flanneld*.pem 10.88.0.2:/opt/kubernetes/ssl/
[root@k8s-master ssl]# scp flanneld*.pem 10.88.0.3:/opt/kubernetes/ssl//<code>
4.下載Flannel軟件包
<code>[root@k8s-master ssl]# cd /usr/local/src
[root@k8s-master src]# wget  https://github.com/coreos/flannel/releases/download/v0.12.0/flannel-v0.12.0-linux-amd64.tar.gz
[root@k8s-master src]# tar zxf flannel-v0.12.0-linux-amd64.tar.gz
[root@k8s-master src]# cp flanneld mk-docker-opts.sh /opt/kubernetes/bin//<code>
分發文件到node節點
<code>[root@k8s-master src]# scp flanneld mk-docker-opts.sh 10.88.0.2:/opt/kubernetes/bin/
[root@k8s-master src]# scp flanneld mk-docker-opts.sh 10.88.0.3:/opt/kubernetes/bin//<code>
分發對應腳本到/opt/kubernetes/bin目錄下
<code>[root@k8s-master src]# cd /usr/local/src/kubernetes/cluster/centos/node/bin/
[root@k8s-master bin]# cp remove-docker0.sh /opt/kubernetes/bin/
[root@k8s-master bin]# scp remove-docker0.sh 10.88.0.2:/opt/kubernetes/bin/
remove-docker0.sh                                                                                  100%  850     0.8KB/s   00:00    
[root@k8s-master bin]# scp remove-docker0.sh 10.88.0.3:/opt/kubernetes/bin/
remove-docker0.sh                                                                                  100%  850     0.8KB/s   00:00    
[root@k8s-master bin]# /<code>
5.配置Flannel
<code>[root@k8s-master ~]# cat > /opt/kubernetes/cfg/flannel  
分發配置到其它節點上
<code>[root@k8s-master ~]# scp /opt/kubernetes/cfg/flannel 10.88.0.2:/opt/kubernetes/cfg/
[root@k8s-master ~]# scp /opt/kubernetes/cfg/flannel 10.88.0.3:/opt/kubernetes/cfg//<code>
6.設置Flannel系統服務
<code>[root@k8s-master ~]#vim /usr/lib/systemd/system/flannel.service
[Unit]
Description=Flanneld overlay address etcd agent
After=network.target
Before=docker.service

[Service]
EnvironmentFile=-/opt/kubernetes/cfg/flannel
ExecStartPre=/opt/kubernetes/bin/remove-docker0.sh
ExecStart=/opt/kubernetes/bin/flanneld ${FLANNEL_ETCD} ${FLANNEL_ETCD_KEY} ${FLANNEL_ETCD_CAFILE} ${FLANNEL_ETCD_CERTFILE} ${FLANNEL_ETCD_KEYFILE}
ExecStartPost=/opt/kubernetes/bin/mk-docker-opts.sh -d /run/flannel/docker

Type=notify

[Install]
WantedBy=multi-user.target
RequiredBy=docker.service/<code>
複製系統服務腳本到其它節點上
<code>[root@k8s-master ~]# scp /usr/lib/systemd/system/flannel.service 10.88.0.2:/usr/lib/systemd/system/
[root@k8s-master ~]# scp /usr/lib/systemd/system/flannel.service 10.88.0.3:/usr/lib/systemd/system//<code>
7.Flannel CNI集成軟件下載CNI插件 
git地址：https://github.com/containernetworking/plugins/releases
 
<code>[root@k8s-master ~]# cd /usr/local/src/

[root@k8s-master src]# wget  https://github.com/containernetworking/plugins/releases/download/v0.8.5/cni-plugins-linux-amd64-v0.8.5.tgz/<code>
在所有節點創建該目錄,存放CNI插件文件.
<code>[root@k8s-master src]# mkdir /opt/kubernetes/bin/cni
[root@k8s-master src]#tar zxf cni-plugins-linux-amd64-v0.8.5.tgz -C /opt/kubernetes/bin/cni
[root@k8s-node1 ~]# mkdir -p  /opt/kubernetes/bin/cni/
[root@k8s-node2 ~]# mkdir -p  /opt/kubernetes/bin/cni/
[root@k8s-master src]# scp -r /opt/kubernetes/bin/cni/* 10.88.0.2:/opt/kubernetes/bin/cni/
[root@k8s-master src]# scp -r /opt/kubernetes/bin/cni/* 10.88.0.3:/opt/kubernetes/bin/cni//<code>
8.在master節點創建Etcd的key
<code>/opt/kubernetes/bin/etcdctl --ca-file /opt/kubernetes/ssl/ca.pem --cert-file /opt/kubernetes/ssl/flanneld.pem --key-file /opt/kubernetes/ssl/flanneld-key.pem \
      --no-sync -C https://10.88.0.1:2379,https://10.88.0.2:2379,https://10.88.0.3:2379 \
mk /kubernetes/network/config '{ "Network": "10.2.0.0/16", "Backend": { "Type": "vxlan", "VNI": 1 }}'/<code>
9.啟動flannel,在三個節點上都操作
<code># systemctl daemon-reload
# systemctl enable flannel
# chmod +x /opt/kubernetes/bin/*
# systemctl start flannel
查看服務狀態
# systemctl status flannel/<code>
10.配置Docker使用Flannel
1.在Unit段中的After後面添加flannel.service參數，在Wants下面添加Requires=flannel.service.2.[Service]段中Type後面添加EnvironmentFile=-/run/flannel/docker段，在ExecStart後面添加$DOCKER_OPTS參數.
配置如下：
<code>[root@k8s-master ~]# cat  /usr/lib/systemd/system/docker.service |grep -Ev '^#|^$'
[Unit]
Description=Docker Application Container Engine
Documentation=https://docs.docker.com
BindsTo=containerd.service
After=network-online.target firewalld.service containerd.service flannel.service
Wants=network-online.target
Requires=flannel.service
[Service]
Type=notify
EnvironmentFile=-/run/flannel/docker
ExecStart=/usr/bin/dockerd $DOCKER_OPTS 
ExecReload=/bin/kill -s HUP $MAINPID
TimeoutSec=0
RestartSec=2
Restart=always
StartLimitBurst=3
StartLimitInterval=60s
LimitNOFILE=infinity
LimitNPROC=infinity
LimitCORE=infinity
TasksMax=infinity
Delegate=yes
KillMode=process
[Install]
WantedBy=multi-user.target
/<code>
將配置分發到另外兩個節點中
<code>[root@k8s-master ~]# rsync -av  /usr/lib/systemd/system/docker.service  10.88.0.2:/usr/lib/systemd/system/docker.service 
[root@k8s-master ~]# rsync -av  /usr/lib/systemd/system/docker.service  10.88.0.3:/usr/lib/systemd/system/docker.service/<code>
重啟Docker服務，在三個節點上都操作
<code># systemctl daemon-reload
# systemctl restart docker/<code>
如果docker0和flannel在一個網段，則表示正常.
<code>[root@k8s-master ~]# ifconfig 
docker0: flags=4099  mtu 1500
        inet 10.2.47.1  netmask 255.255.255.0  broadcast 10.2.47.255
        ether 02:42:22:bc:4f:c1  txqueuelen 0  (Ethernet)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

eth0: flags=4163  mtu 1500
        inet 10.88.0.1  netmask 255.255.255.0  broadcast 10.88.0.255
        ether 00:16:3e:12:34:bc  txqueuelen 1000  (Ethernet)
        RX packets 312971  bytes 108762399 (103.7 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 278350  bytes 252195481 (240.5 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

flannel.1: flags=4163  mtu 1450
        inet 10.2.47.0  netmask 255.255.255.255  broadcast 0.0.0.0
        ether 1a:73:4c:0f:ba:f1  txqueuelen 0  (Ethernet)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        loop  txqueuelen 1000  (Local Loopback)
        RX packets 212154  bytes 43982595 (41.9 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 212154  bytes 43982595 (41.9 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
/<code>

至此flannel網絡配置完成,k8s的集群也部署完成