二进制部署k8s教程13 - 部署calico网络插件

原创

janrs.com

发布于 2023-03-08 21:11:05

1.5K0

文章被收录于专栏：超详细二进制部署k8s系列[19]篇超详细二进制部署k8s系列[19]篇

!TIP 二进制部署 k8s - node 节点部署 calico

转载请注明出处：https://janrs.com/5rce 有任何问题欢迎在底部评论区发言。

部署 calico

!NOTE 在 node 节点部署。

1.配置网络

部署 calico

之前需要配置一下网络。具体查看官网说明。

地址：(https://projectcalico.docs.tigera.io/maintenance/troubleshoot/troubleshooting#configure-networkmanager)

cat > /etc/NetworkManager/conf.d/calico.conf <<EOF
[keyfile]
unmanaged-devices=interface-name:cali*;interface-name:tunl*;interface-name:vxlan.calico;interface-name:vxlan-v6.calico;interface-name:wireguard.cali;interface-name:wg-v6.cali
EOF

重启网络

systemctl restart NetworkManager

2.部署 calico

!NOTE 官方不推荐手动二进制部署。推荐使用 tigera-operator 部署。我的是自建群，就按照官方推荐的方式部署。地址：(https://projectcalico.docs.tigera.io/getting-started/kubernetes/self-managed-onprem/onpremises) yaml 已经复制到我的博客，直接下载就行。

2-1.部署 operator

!NOTE 镜像地址已经修改为阿里的。不然又是卡住不动。如果要部署到 master 节点，给 master 打标签并在以下 yaml 中设置 nodelSelector 属性。

下载 yaml 并执行部署

cd /etc/kubernetes/init_k8s_config/ && \
wget https://janrs.com/calico-tigera-operator.yaml && \
kubectl create -f /etc/kubernetes/init_k8s_config/calico-tigera-operator.yaml

查看

kubectl get pods -A

显示

NAMESPACE          NAME                                       READY   STATUS    RESTARTS       AGE
tigera-operator    tigera-operator-6dcd98c8ff-f2rw4           1/1     Running   0              104m

2-2.部署 custom-resources

!NOTE custom-resources 可以自定义。不过按照官方默认的就可以了。

下载 yaml 并部署

cd /etc/kubernetes/init_k8s_config/ && \
wget https://janrs.com/calico-custom-resources.yaml

修改网段。修改 ippool 的网段为：10.100.0.0/16

官方自带的是 192.168.0.0/16 网段。这里使用的是自定义的。

...
spec:
  # Configures Calico networking.
  calicoNetwork:
    # Note: The ipPools section cannot be modified post-install.
    ipPools:
    - blockSize: 26
      cidr: 10.100.0.0/16
      encapsulation: VXLANCrossSubnet
      natOutgoing: Enabled
      nodeSelector: all()
...

!NOTE 如果有设置部署到 master ，参考以下 yaml 配置

# This section includes base Calico installation configuration.
# For more information, see: https://projectcalico.docs.tigera.io/master/reference/installation/api#operator.tigera.io/v1.Installation
apiVersion: operator.tigera.io/v1
kind: Installation
metadata:
  name: default
spec:
  # NodeMetricsPort specifies which port calico/node serves prometheus metrics on. By default, metrics are not enabled. If specified, this overrides any FelixConfiguration resources which may exist. If omitted, then prometheus metrics may still be configured through FelixConfiguration.
  nodeMetricsPort: 9127
  # TyphaMetricsPort specifies which port calico/typha serves prometheus metrics on. By default, metrics are not enabled.
  typhaMetricsPort: 9128

  # CalicoKubeControllersDeployment configures the calico-kube-controllers Deployment. If used in conjunction with the deprecated ComponentResources, then these overrides take precedence.
  calicoKubeControllersDeployment:
    spec:
      template:
        spec:
          nodeSelector:
            controller-plane: 'true'
          tolerations:
          - effect: NoSchedule
            operator: Exists

  # ControlPlaneNodeSelector is used to select control plane nodes on which to run Calico components. This is globally applied to all resources created by the operator excluding daemonsets.
  controlPlaneNodeSelector:
    controller-plane: 'true'

  # ControlPlaneTolerations specify tolerations which are then globally applied to all resources created by the operator.
  controlPlaneTolerations:
    - effect: NoSchedule
      operator: Exists

  #typhaDeployment:
    #spec:
      #template:
        #spec:
          #nodeSelector:
            #controller-plane: 'true'
          #tolerations:
          #- effect: NoSchedule
            #operator: Exists

  # Configures Calico networking.
  calicoNetwork:
    # Note: The ipPools section cannot be modified post-install.
    ipPools:
    - blockSize: 26
      cidr: 10.100.0.0/16
      encapsulation: VXLANCrossSubnet
      natOutgoing: Enabled
      nodeSelector: all()

---

# This section configures the Calico API server.
# For more information, see: https://projectcalico.docs.tigera.io/master/reference/installation/api#operator.tigera.io/v1.APIServer
apiVersion: operator.tigera.io/v1
kind: APIServer
metadata:
  name: default
spec:
  apiServerDeployment:
    spec:
      template:
        spec:
          nodeSelector:
            controller-plane: 'true'
          tolerations:
          - effect: NoSchedule
            operator: Exists

部署

kubectl create -f /etc/kubernetes/init_k8s_config/calico-custom-resources.yaml

查看

kubectl get pods -A

显示

NAMESPACE          NAME                                       READY   STATUS    RESTARTS       AGE
calico-apiserver   calico-apiserver-69c54b8687-4khms          1/1     Running   1 (102m ago)   104m
calico-apiserver   calico-apiserver-69c54b8687-7mnln          1/1     Running   1 (102m ago)   104m
calico-system      calico-kube-controllers-688968c9b6-kchvq   1/1     Running   0              104m
calico-system      calico-node-m7zxb                          1/1     Running   0              103m
calico-system      calico-typha-7bd99d8c79-vj4lw              1/1     Running   0              104m
calico-system      csi-node-driver-v4g95                      2/2     Running   0              103m
tigera-operator    tigera-operator-6dcd98c8ff-f2rw4           1/1     Running   0              104m

2-3.检测 node 状态

部署成功，所有 pods 运行正常，且 node 节点状态由 NotReady 变成 Ready 状态。

kubectl get nodes

显示

NAME         STATUS   ROLES    AGE    VERSION
k8s-node01   Ready    <none>   108m   v1.23.9

至此。网络插件 calico 部署成功。

转载请注明出处：https://janrs.com/5rce 有任何问题欢迎在底部评论区发言。

原创声明：本文系作者授权腾讯云开发者社区发表，未经许可，不得转载。

如有侵权，请联系 cloudcommunity@tencent.com 删除。

https

网络安全

node.js

原创声明：本文系作者授权腾讯云开发者社区发表，未经许可，不得转载。

如有侵权，请联系 cloudcommunity@tencent.com 删除。

https

网络安全

node.js

登录后参与评论

0 条评论

热度

二进制部署k8s教程13 - 部署calico网络插件

二进制部署k8s教程13 - 部署calico网络插件

部署 calico

1.配置网络

2.部署 calico

2-1.部署 operator

2-2.部署 custom-resources

2-3.检测 node 状态

至此。网络插件 calico 部署成功。

社区

活动

圈层

关于

腾讯云开发者

热门产品

热门推荐

更多推荐