2. 程式人生 > 其它 >|NO.Z.00060|——————————|^^ 部署 ^^|——|KuberNetes&二進位制部署.V13|3臺Server|---------------------------------------|kubernetes元件|calico|

|NO.Z.00060|——————————|^^ 部署 ^^|——|KuberNetes&二進位制部署.V13|3臺Server|---------------------------------------|kubernetes元件|calico|

阿新 發佈:2022-03-29

[CloudNative:KuberNetes&二進位制部署.V13]                                                            [Applications.KuberNetes] [|DevOps|k8s|**3節點**|二進位制1.20|kubernetes元件|calico|]







一、部署calico:calico元件說明
### --- calico官網

~~~     https://docs.projectcalico.org/maintenance/kubernetes-upgrade#upgrading-an-installation-that-uses-the-kubernetes-api-datastore
 
### --- calico安裝手冊

~~~     https://docs.projectcalico.org/getting-started/kubernetes/self-managed-onprem/onpremises
### --- calico安裝方式有兩種:

~~~     第一種:通過etcd直連的
~~~     第二種:通過aliserver連線etcd,就是通過apiserver中繼了一個過程:
~~~     第二種:方案一:少於50個節點
~~~     第二種:方案二:大於50個節點;多了一個管理的容器
### --- calico安裝選擇方式

~~~     apiserver方式:官網建議使用apiserver連線的方式安裝calico,方式比較簡單;無需任何配置,直接執行即可
~~~     etcd的方式:把etcd的證書和節點的IP地址配置進去即可
~~~     使用apiserver連線的方式連線的etcd,若是當etcd全部都掛掉,會導致每個宿主機上的容器不通;在虛擬化環境下:openstack環境。在物理節點是沒有任何問題的。
~~~     etcd直連的方式,對apiserver的併發要求會少一點
~~~     # calico所在節點和kubelet並行的去升級,這樣就不會出現2次節點下線,pod漂移的情況
二、部署calico:以下步驟只在master01執行 
### --- 進入calico安裝目錄下

[root@k8s-master01 ~]# cd /root/k8s-ha-install/calico/

### --- 修改calico-etcd.yaml配置引數

[root@k8s-master01 calico]# sed -i 's#etcd_endpoints: "http://<ETCD_IP>:<ETCD_PORT>"#etcd_endpoints: "https://192.168.1.11:2379,https://192.168.1.14:2379,https://192.168.1.15:2379"#g' calico-etcd.yaml
RT=`cat /etc/kubernetes/pki/etcd/etcd.pem | base64 | tr -d '\n'`
ETCD_KEY=`cat /etc/kubernetes/pki/etcd/etcd-key.pem | base64 | tr -d '\n'`
sed -i "s@# etcd-key: null@etcd-key: ${ETCD_KEY}@g; s@# etcd-cert: null@etcd-cert: ${ETCD_CERT}@g; s@# etcd-ca: null@etcd-ca: ${ETCD_CA}@g" calico-etcd.yaml
sed -i 's#etcd_ca: ""#etcd_ca: "/calico-secrets/etcd-ca"#g; s#etcd_cert: ""#etcd_cert: "/calico-secrets/etcd-cert"#g; s#etcd_key: "" #etcd_key: "/calico-secrets/etcd-key" #g' calico-etcd.yaml
 
[root@k8s-master01 calico]# ETCD_CA=`cat /etc/kubernetes/pki/etcd/etcd-ca.pem | base64 | tr -d '\n'`
[root@k8s-master01 calico]# ETCD_CERT=`cat /etc/kubernetes/pki/etcd/etcd.pem | base64 | tr -d '\n'`
[root@k8s-master01 calico]# ETCD_KEY=`cat /etc/kubernetes/pki/etcd/etcd-key.pem | base64 | tr -d '\n'`
[root@k8s-master01 calico]# sed -i "s@# etcd-key: null@etcd-key: ${ETCD_KEY}@g; s@# etcd-cert: null@etcd-cert: ${ETCD_CERT}@g; s@# etcd-ca: null@etcd-ca: ${ETCD_CA}@g" calico-etcd.yaml
[root@k8s-master01 calico]# sed -i 's#etcd_ca: ""#etcd_ca: "/calico-secrets/etcd-ca"#g; s#etcd_cert: ""#etcd_cert: "/calico-secrets/etcd-cert"#g; s#etcd_key: "" #etcd_key: "/calico-secrets/etcd-key" #g' calico-etcd.yaml
### --- 將calico下pod的網段設定成自定義的網段
~~~     # 定義calico網段地址
~~~     注:注意下面的這個步驟是把calico-etcd.yaml檔案裡面的CALICO_IPV4POOL_CIDR下的網段改成自己的Pod網段,也就是把192.168.x.x/16改成自己的叢集網段,並開啟註釋:
~~~     注:所以更改的時候請確保這個步驟的這個網段沒有被統一替換掉,如果被替換掉了,還請改回來:

[root@k8s-master01 calico]# POD_SUBNET="172.16.0.0/12"
### --- 修改pod的網段
[root@k8s-master01 calico]# sed -i 's@# - name: CALICO_IPV4POOL_CIDR@- name: CALICO_IPV4POOL_CIDR@g; s@#   value: "192.168.0.0/16"@  value: '"${POD_SUBNET}"'@g' calico-etcd.yaml

### --- 檢視pod網段
[root@k8s-master01 calico]# vim calico-etcd.yaml 
            - name: CALICO_IPV4POOL_CIDR
              value: 172.16.0.0/12                      # 更改後的結果
### --- 建立calico

[root@k8s-master01 calico]# kubectl apply -f calico-etcd.yaml
~~~     注:輸出結果
secret/calico-etcd-secrets created
configmap/calico-config created
clusterrole.rbac.authorization.k8s.io/calico-kube-controllers created
clusterrolebinding.rbac.authorization.k8s.io/calico-kube-controllers created
clusterrole.rbac.authorization.k8s.io/calico-node created
clusterrolebinding.rbac.authorization.k8s.io/calico-node created
daemonset.apps/calico-node created
serviceaccount/calico-node created
deployment.apps/calico-kube-controllers created
serviceaccount/calico-kube-controllers created
三、檢視服務狀態 
### --- 檢視容器狀態
~~~     檢視calico狀態

[root@k8s-master01 calico]# kubectl  get po -n kube-system
NAME                                       READY   STATUS    RESTARTS   AGE
calico-kube-controllers-5f6d4b864b-lmxz4   1/1     Running   0          2m58s
calico-node-8pcrk                          1/1     Running   0          2m58s
calico-node-99xlf                          1/1     Running   0          2m58s
calico-node-bngjb                          1/1     Running   1          2m58s
### --- 檢視node狀態,可以正常獲取到node資料
~~~     狀態變為Ready,正常狀態

[root@k8s-master01 calico]# kubectl get node                           
NAME           STATUS   ROLES    AGE   VERSION
k8s-master01   Ready    <none>   82m   v1.20.0
k8s-node01     Ready    <none>   81m   v1.20.0
k8s-node02     Ready    <none>   81m   v1.20.0
### --- 檢視日誌資訊,沒有報錯資訊了

[root@k8s-master01 calico]# tail -f /var/log/messages







===============================END===============================

Walter Savage Landor:strove with none,for none was worth my strife.Nature I loved and, next to Nature, Art:I warm'd both hands before the fire of life.It sinks, and I am ready to depart                                                                                                                                                    ——W.S.Landor



來自為知筆記(Wiz)

相關推薦

no