部署CNI网络

IT
IT
IT
335
文章
1
评论
2020年9月12日11:23:57 评论 578 3465字阅读11分33秒

部署CNI网络

先准备好CNI二进制文件,两个node节点一起操作。

下载地址:https://github.com/containernetworking/plugins/releases/download/v0.8.6/cni-plugins-linux-amd64-v0.8.6.tgz

解压二进制包并移动到默认工作目录:

[root@k8s-node1 ~]# mkdir -p /opt/cni/bin
[root@k8s-node1 ~]# tar zxvf cni-plugins-linux-amd64-v0.8.6.tgz -C /opt/cni/bin

部署CNI网络

[root@k8s-master1 ~]# wget https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
[root@k8s-master1 ~]# sed -i -r "s#quay.io/coreos/flannel:.*-amd64#lizhenliang/flannel:v0.12.0-amd64#g" kube-flannel.yml

创建

[root@k8s-master1 ~]# kubectl apply -f kube-flannel.yml
podsecuritypolicy.policy/psp.flannel.unprivileged created
clusterrole.rbac.authorization.k8s.io/flannel created
clusterrolebinding.rbac.authorization.k8s.io/flannel created
serviceaccount/flannel created
configmap/kube-flannel-cfg created
daemonset.apps/kube-flannel-ds-amd64 created
daemonset.apps/kube-flannel-ds-arm64 created
daemonset.apps/kube-flannel-ds-arm created
daemonset.apps/kube-flannel-ds-ppc64le created
daemonset.apps/kube-flannel-ds-s390x created

查看pod

[root@k8s-master1 ~]# kubectl get pods -n kube-system
NAME READY STATUS RESTARTS AGE
kube-flannel-ds-amd64-5zp2n 1/1 Running 0 71s
kube-flannel-ds-amd64-qxg2q 1/1 Running 0 71s

查看node状态

[root@k8s-master1 ~]# kubectl get node
NAME STATUS ROLES AGE VERSION
k8s-node1 Ready <none> 14h v1.18.5
k8s-node2 Ready <none> 14h v1.18.5

授权apiserver访问kubelet

[root@k8s-master1 ~]# 
cat > apiserver-to-kubelet-rbac.yaml << EOF
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  annotations:
    rbac.authorization.kubernetes.io/autoupdate: "true"
  labels:
    kubernetes.io/bootstrapping: rbac-defaults
  name: system:kube-apiserver-to-kubelet
rules:
  - apiGroups:
      - ""
    resources:
      - nodes/proxy
      - nodes/stats
      - nodes/log
      - nodes/spec
      - nodes/metrics
      - pods/log
    verbs:
      - "*"
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: system:kube-apiserver
  namespace: ""
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: system:kube-apiserver-to-kubelet
subjects:
  - apiGroup: rbac.authorization.k8s.io
    kind: User
    name: kubernetes
EOF

[root@k8s-master1 ~]# kubectl apply -f apiserver-to-kubelet-rbac.yaml

环境测试验证

在任意一个master节点上执行如下指令创建一个nginx pod并暴露端口测试是否可以从外部正常访问

  • 创建nginx deployment
[root@k8s-master1 ~]# kubectl create deployment web --image=nginx
deployment.apps/web created
  • 暴露端口
[root@k8s-master1 ~]# kubectl expose deployment web --port=80 --type=NodePort
service/web exposed
  • 查看创建状态
[root@k8s-master1 ~]# kubectl get pod,svc
NAME READY STATUS RESTARTS AGE
pod/web-5dcb957ccc-z567t 1/1 Running 0 14s

NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/kubernetes ClusterIP 10.0.0.1 <none> 443/TCP 18h
service/web NodePort 10.0.0.197 <none> 80:31250/TCP 5s
  • 查看对应的端口
[root@k8s-master1 ~]# kubectl get service
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.0.0.1 <none> 443/TCP 18h
web NodePort 10.0.0.197 <none> 80:31250/TCP 16s
  • 扩容副本
[root@k8s-master1 ~]# kubectl scale deployment web --replicas=3
deployment.apps/web scaled


[root@k8s-master1 ~]# kubectl get pod,svc
NAME READY STATUS RESTARTS AGE
pod/web-5dcb957ccc-gfx4c 1/1 Running 0 4m57s
pod/web-5dcb957ccc-jpk22 1/1 Running 0 4m57s
pod/web-5dcb957ccc-z567t 1/1 Running 0 5m38s

NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/kubernetes ClusterIP 10.0.0.1 <none> 443/TCP 18h
service/web NodePort 10.0.0.197 <none> 80:31250/TCP 5m29s
  • 查看pod的详细信息
[root@k8s-master1 ~]# kubectl get pod -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
web-5dcb957ccc-gfx4c 1/1 Running 0 5m45s 10.244.1.3 k8s-node2 <none> <none>
web-5dcb957ccc-jpk22 1/1 Running 0 5m45s 10.244.0.2 k8s-node1 <none> <none>
web-5dcb957ccc-z567t 1/1 Running 0 6m26s 10.244.1.2 k8s-node2 <none> <none>
  • 浏览器访问:http://<Node_IP>:31250若能正常返回nginx欢迎页面,则表示环境一切正常。

部署CNI网络

 

继续阅读
  • 我的QQ
  • QQ扫一扫
  • weinxin
  • 我的头条
  • 头条扫一扫
  • weinxin
IT
  • 本文由 发表于 2020年9月12日11:23:57
  • 除非特殊声明,本站文章均为原创,转载请务必保留本文链接
Pod Kubernetes

Pod

Pod基本概念 Pod存在的意义 Pod实现机制与设计模式 Pod镜像拉取策略
资源编排【YMAL】 Kubernetes

资源编排【YMAL】

YAML 基础 它的基本语法规则如下: 大小写敏感 使用缩进表示层级关系 缩进时不允许使用Tab键,只允许使用空格。 缩进的空格数目不重要,只要相同层级的元素左侧对齐即可 # 表示注释,从这个字符一直...
部署CoreDNS Kubernetes

部署CoreDNS

CoreDNS用于集群内部Service名称解析 下载配置文件 coredns.yaml 创建dns # kubectl apply -f coredns.yaml 查看pod # kubectl g...