本文共 4769 字，大约阅读时间需要 15 分钟。

一、flannel容器集群网络部署

1、Overlay Network：覆盖网络，在基础网络上叠加的一种虚拟网络技术模式，该网络中的主机通过虚拟链路连接起来

2、VXLAN：将源数据包封装到UDP中，并使用基础网络的IP/MAC作外层报文头进行封装，然后再以太网上传输，到达目的地后由隧道端点解封并将数据转发到目标地址 3、Flannel：是Overlay网络的一种，也是将源数据包封装在另一种网络包里进行路由转发和通信，目前已经支持UDP、VXLAN、AWS、VPC和GCE路由等数据转发方式

二、部署flannel

关联上篇博客

接着部署flannel

1、在所有node节点上部署docker

详见

2、master

[root@localhost etcd-cert]# /opt/etcd/bin/etcdctl --ca-file=ca.pem --cert-file=server.pem --key-file=server-key.pem --endpoints="https://192.168.177.33:2379,https://192.168.177.8:2379,https://192.168.177.18:2379" set /coreos.com/network/config '{ "Network": "172.17.0.0/16", "Backend": {"Type": "vxlan"}}'{ "Network": "172.17.0.0/16", "Backend": {"Type": "vxlan"}}

3、查看写入的信息

[root@localhost etcd-cert]# /opt/etcd/bin/etcdctl --ca-file=ca.pem --cert-file=server.pem --key-file=server-key.pem --endpoints="https://192.168.177.33:2379,https://192.168.177.8:2379,https://192.168.177.18:2379" get /coreos.com/network/config{ "Network": "172.17.0.0/16", "Backend": {"Type": "vxlan"}}

4、拷贝到所有node节点（只需要部署在node节点即可）

[root@localhost k8s]# scp flannel-v0.10.0-linux-amd64.tar.gz root@192.168.177.8:/root[root@localhost k8s]# scp flannel-v0.10.0-linux-amd64.tar.gz root@192.168.177.18:/root

5、所有node节点上操作解压

[root@localhost ~]# tar zxvf flannel-v0.10.0-linux-amd64.tar.gz flanneldmk-docker-opts.sh

6、k8s工作目录

[root@localhost ~]# mkdir /opt/kubernetes/{cfg,bin,ssl} -p[root@localhost ~]# mv mk-docker-opts.sh flanneld /opt/kubernetes/bin/[root@localhost ~]# vim flannel.sh#!/bin/bashETCD_ENDPOINTS=${1:-"http://127.0.0.1:2379"}cat <
   
    /opt/kubernetes/cfg/flanneldFLANNEL_OPTIONS="--etcd-endpoints=${ETCD_ENDPOINTS} \-etcd-cafile=/opt/etcd/ssl/ca.pem \-etcd-certfile=/opt/etcd/ssl/server.pem \-etcd-keyfile=/opt/etcd/ssl/server-key.pem"EOFcat <
    
     /usr/lib/systemd/system/flanneld.service[Unit]Description=Flanneld overlay address etcd agentAfter=network-online.target network.targetBefore=docker.service[Service]Type=notifyEnvironmentFile=/opt/kubernetes/cfg/flanneldExecStart=/opt/kubernetes/bin/flanneld --ip-masq \$FLANNEL_OPTIONSExecStartPost=/opt/kubernetes/bin/mk-docker-opts.sh -k DOCKER_NETWORK_OPTIONS -d /run/flannel/subnet.envRestart=on-failure[Install]WantedBy=multi-user.targetEOFsystemctl daemon-reloadsystemctl enable flanneldsystemctl restart flanneld
    
   

7、开启flannel网络功能

[root@localhost ~]# bash flannel.sh https://192.168.177.33:2379,https://192.168.177.8:2379,https://192.168.177.18:2379Created symlink from /etc/systemd/system/multi-user.target.wants/flanneld.service to /usr/lib/systemd/system/flanneld.service.

8、配置docker连接flannel

[root@localhost ~]# vim /usr/lib/systemd/system/docker.service[Service]Type=notify# the default is not to use systemd for cgroups because the delegate issues still# exists and systemd currently does not support the cgroup feature set required# for containers run by dockerEnvironmentFile=/run/flannel/subnet.envExecStart=/usr/bin/dockerd $DOCKER_NETWORK_OPTIONS -H fd:// --containerd=/run/containerd/containerd.sockExecReload=/bin/kill -s HUP $MAINPIDTimeoutSec=0RestartSec=2Restart=always[root@localhost ~]# cat /run/flannel/subnet.envDOCKER_OPT_BIP="--bip=172.17.42.1/24"DOCKER_OPT_IPMASQ="--ip-masq=false"DOCKER_OPT_MTU="--mtu=1450"//说明：bip指定启动时的子网DOCKER_NETWORK_OPTIONS=" --bip=172.17.42.1/24 --ip-masq=false --mtu=1450"

9、重启docker服务

[root@localhost ~]# systemctl daemon-reload[root@localhost ~]# systemctl restart docker

10、查看flannel网络

[root@localhost ~]# ifconfigflannel.1: flags=4163
   
      mtu 1450        inet 172.17.84.0  netmask 255.255.255.255  broadcast 0.0.0.0        inet6 fe80::fc7c:e1ff:fe1d:224  prefixlen 64  scopeid 0x20
            ether fe:7c:e1:1d:02:24  txqueuelen 0  (Ethernet)        RX packets 0  bytes 0 (0.0 B)        RX errors 0  dropped 0  overruns 0  frame 0        TX packets 0  bytes 0 (0.0 B)        TX errors 0  dropped 26 overruns 0  carrier 0  collisions 0
   

//测试ping通对方docker0网卡 证明flannel起到路由作用

[root@localhost ~]# docker run -it centos:7 /bin/bash[root@5f9a65565b53 /]# yum install net-tools -y[root@5f9a65565b53 /]# ifconfigeth0: flags=4163
   
      mtu 1450        inet 172.17.84.2  netmask 255.255.255.0  broadcast 172.17.84.255        ether 02:42:ac:11:54:02  txqueuelen 0  (Ethernet)        RX packets 18192  bytes 13930229 (13.2 MiB)        RX errors 0  dropped 0  overruns 0  frame 0        TX packets 6179  bytes 337037 (329.1 KiB)        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0lo: flags=73
    
       mtu 65536        inet 127.0.0.1  netmask 255.0.0.0        loop  txqueuelen 1  (Local Loopback)        RX packets 0  bytes 0 (0.0 B)        RX errors 0  dropped 0  overruns 0  frame 0        TX packets 0  bytes 0 (0.0 B)        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
    
   

//再次测试ping通两个node中的centos:7容器

转载地址：http://ecwli.baihongyu.com/