问题
kubernetes工人节点上的flanneld具有配置文件/etc/sysconfig/flanneld,它指向工人节点local主机上的etcd,它应该指向主节点ETCD url。
这是否意味着POD网络尚未适当地配置或使用Kubernetes用户不同的配置文件进行法兰绒?如果是这样,Flanneld使用哪种配置?
同样,如果有良好的参考/资源与Kubernetes如何与CNI相互作用,请建议。
在工作节点上,配置指向其自我,而不是主ip。
$ cat /etc/sysconfig/flanneld
# Flanneld configuration options
# etcd url location. Point this to the server where etcd runs
FLANNEL_ETCD_ENDPOINTS="http://127.0.0.1:2379"
# etcd config key. This is the configuration key that flannel queries
# For address range assignment
FLANNEL_ETCD_PREFIX="/atomic.io/network"
# Any additional options that you want to pass
#FLANNEL_OPTIONS=""
工人节点成功加入。
$ kubectl get nodes
NAME STATUS ROLES AGE VERSION
master Ready master 25m v1.8.5
node01 Ready <none> 25m v1.8.5
node02 Ready <none> 25m v1.8.5
flannel.1如果在工人节点上使用带有主的保存cidr配置,尽管配置并未指向配置法兰绒的主。
$ ip addr
...
3: enp0s8: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 08:00:27:0d:f8:34 brd ff:ff:ff:ff:ff:ff
inet 192.168.99.12/24 brd 192.168.99.255 scope global enp0s8
valid_lft forever preferred_lft forever
inet6 fe80::6839:cd66:9352:2280/64 scope link
valid_lft forever preferred_lft forever
4: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN qlen 1000
link/ether 52:54:00:2c:56:b8 brd ff:ff:ff:ff:ff:ff
inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0
valid_lft forever preferred_lft forever
5: virbr0-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast master virbr0 state DOWN qlen 1000
link/ether 52:54:00:2c:56:b8 brd ff:ff:ff:ff:ff:ff
6: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN
link/ether 02:42:67:48:ae:ef brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 scope global docker0
valid_lft forever preferred_lft forever
7: flannel.1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc noqueue state UNKNOWN
link/ether 56:20:a1:4d:f0:d2 brd ff:ff:ff:ff:ff:ff
inet 10.244.1.0/32 scope global flannel.1
valid_lft forever preferred_lft forever
inet6 fe80::5420:a1ff:fe4d:f0d2/64 scope link
valid_lft forever preferred_lft forever
在工人上执行的步骤(除了sudo yum install kubelet kubeadm flanneld)是库贝德姆(Kubeadm),看起来成功(尽管有一些错误消息)。
changed: [192.168.99.12] => {...
"[kubeadm] WARNING: kubeadm is in beta, please do not use it for production clusters.",
"[preflight] Running pre-flight checks",
"[preflight] Starting the kubelet service",
"[discovery] Trying to connect to API Server "192.168.99.10:6443"",
"[discovery] Created cluster-info discovery client, requesting info from "https://192.168.99.10:6443"",
"[discovery] Failed to connect to API Server "192.168.99.10:6443": there is no JWS signed token in the cluster-info ConfigMap. This token id "7ae0ed" is invalid for this cluster, can't connect",
"[discovery] Trying to connect to API Server "192.168.99.10:6443"",
"[discovery] Created cluster-info discovery client, requesting info from "https://192.168.99.10:6443"",
"[discovery] Failed to connect to API Server "192.168.99.10:6443": there is no JWS signed token in the cluster-info ConfigMap. This token id "7ae0ed" is invalid for this cluster, can't connect",
"[discovery] Trying to connect to API Server "192.168.99.10:6443"",
"[discovery] Created cluster-info discovery client, requesting info from "https://192.168.99.10:6443"",
"[discovery] Requesting info from "https://192.168.99.10:6443" again to validate TLS against the pinned public key",
"[discovery] Cluster info signature and contents are valid and TLS certificate validates against pinned roots, will use API Server "192.168.99.10:6443"",
"[discovery] Successfully established connection with API Server "192.168.99.10:6443"",
"[bootstrap] Detected server version: v1.8.5",
"[bootstrap] The server supports the Certificates API (certificates.k8s.io/v1beta1)",
"",
"Node join complete:",
"* Certificate signing request sent to master and response",
" received.",
"* Kubelet informed of new secure connection details.",
"",
"Run 'kubectl get nodes' on the master to see this machine join."
背景
通过使用Kubeadm在VirtualBox上的CentOS 7中创建群集,安装了Kubernetes 1.8.5。
相关
- kubeadm init -token = xyz或kubeadm init -token xyz?
法兰绒配置存储在ETCD中。 FLANNEL_ETCD_ENDPOINTS="http://127.0.0.1:2379"参数定义了etcd的位置, FLANNEL_ETCD_PREFIX="/atomic.io/network"定义了在etcd中存储数据的位置
因此,要完全为您的情况获取法兰绒配置,我们需要从ETCD获取这些信息:
etcdctl --endpoint=127.0.0.1:2379 get /atomic.io/network/config
{"Network":"10.2.0.0/16","Backend":{"Type":"vxlan"}}
另外,我们可以找到我们在群集中使用的子网:
etcdctl --endpoint=127.0.0.1:2379 ls /atomic.io/network/subnets
/atomic.io/network/subnets/10.2.41.0-24
/atomic.io/network/subnets/10.2.86.0-24
并检查有关其中任何一个的信息:
etcdctl --endpoint=127.0.0.1:2379 get /atomic.com/network/subnets/10.2.4.0-24
{"PublicIP":"10.0.0.16","BackendType":"vxlan","BackendData":{"VtepMAC":"45:e7:76:d5:1c:49"}}