当前位置:   article > 正文

k8s安装网络插件-flannel_kube-flannel.yml在那个目录下

kube-flannel.yml在那个目录下

 在完成了k8s的集群部署后查看集群状态的话还不是ready的状态,所以需要安装网络插件来完成k8s的集群创建的最后一步。

kube-flannel.yml文件在国外服务器上,搭建k8s集群时可以使用如下kube-flannel.yml。kube-flannel的命名空间是在 kube-system下。

保存一下内容为kube-flannel.yml

执行

kubectl apply -f kube-flannel.yml
  1. ---
  2. apiVersion: policy/v1beta1
  3. kind: PodSecurityPolicy
  4. metadata:
  5. name: psp.flannel.unprivileged
  6. annotations:
  7. seccomp.security.alpha.kubernetes.io/allowedProfileNames: docker/default
  8. seccomp.security.alpha.kubernetes.io/defaultProfileName: docker/default
  9. apparmor.security.beta.kubernetes.io/allowedProfileNames: runtime/default
  10. apparmor.security.beta.kubernetes.io/defaultProfileName: runtime/default
  11. spec:
  12. privileged: false
  13. volumes:
  14. - configMap
  15. - secret
  16. - emptyDir
  17. - hostPath
  18. allowedHostPaths:
  19. - pathPrefix: "/etc/cni/net.d"
  20. - pathPrefix: "/etc/kube-flannel"
  21. - pathPrefix: "/run/flannel"
  22. readOnlyRootFilesystem: false
  23. runAsUser:
  24. rule: RunAsAny
  25. supplementalGroups:
  26. rule: RunAsAny
  27. fsGroup:
  28. rule: RunAsAny
  29. allowPrivilegeEscalation: false
  30. defaultAllowPrivilegeEscalation: false
  31. allowedCapabilities: ['NET_ADMIN', 'NET_RAW']
  32. defaultAddCapabilities: []
  33. requiredDropCapabilities: []
  34. hostPID: false
  35. hostIPC: false
  36. hostNetwork: true
  37. hostPorts:
  38. - min: 0
  39. max: 65535
  40. seLinux:
  41. rule: 'RunAsAny'
  42. ---
  43. kind: ClusterRole
  44. apiVersion: rbac.authorization.k8s.io/v1
  45. metadata:
  46. name: flannel
  47. rules:
  48. - apiGroups: ['extensions']
  49. resources: ['podsecuritypolicies']
  50. verbs: ['use']
  51. resourceNames: ['psp.flannel.unprivileged']
  52. - apiGroups:
  53. - ""
  54. resources:
  55. - pods
  56. verbs:
  57. - get
  58. - apiGroups:
  59. - ""
  60. resources:
  61. - nodes
  62. verbs:
  63. - list
  64. - watch
  65. - apiGroups:
  66. - ""
  67. resources:
  68. - nodes/status
  69. verbs:
  70. - patch
  71. ---
  72. kind: ClusterRoleBinding
  73. apiVersion: rbac.authorization.k8s.io/v1
  74. metadata:
  75. name: flannel
  76. roleRef:
  77. apiGroup: rbac.authorization.k8s.io
  78. kind: ClusterRole
  79. name: flannel
  80. subjects:
  81. - kind: ServiceAccount
  82. name: flannel
  83. namespace: kube-system
  84. ---
  85. apiVersion: v1
  86. kind: ServiceAccount
  87. metadata:
  88. name: flannel
  89. namespace: kube-system
  90. ---
  91. kind: ConfigMap
  92. apiVersion: v1
  93. metadata:
  94. name: kube-flannel-cfg
  95. namespace: kube-system
  96. labels:
  97. tier: node
  98. app: flannel
  99. data:
  100. cni-conf.json: |
  101. {
  102. "name": "cbr0",
  103. "cniVersion": "0.3.1",
  104. "plugins": [
  105. {
  106. "type": "flannel",
  107. "delegate": {
  108. "hairpinMode": true,
  109. "isDefaultGateway": true
  110. }
  111. },
  112. {
  113. "type": "portmap",
  114. "capabilities": {
  115. "portMappings": true
  116. }
  117. }
  118. ]
  119. }
  120. net-conf.json: |
  121. {
  122. "Network": "10.244.0.0/16",
  123. "Backend": {
  124. "Type": "vxlan"
  125. }
  126. }
  127. ---
  128. apiVersion: apps/v1
  129. kind: DaemonSet
  130. metadata:
  131. name: kube-flannel-ds
  132. namespace: kube-system
  133. labels:
  134. tier: node
  135. app: flannel
  136. spec:
  137. selector:
  138. matchLabels:
  139. app: flannel
  140. template:
  141. metadata:
  142. labels:
  143. tier: node
  144. app: flannel
  145. spec:
  146. affinity:
  147. nodeAffinity:
  148. requiredDuringSchedulingIgnoredDuringExecution:
  149. nodeSelectorTerms:
  150. - matchExpressions:
  151. - key: kubernetes.io/os
  152. operator: In
  153. values:
  154. - linux
  155. hostNetwork: true
  156. priorityClassName: system-node-critical
  157. tolerations:
  158. - operator: Exists
  159. effect: NoSchedule
  160. serviceAccountName: flannel
  161. initContainers:
  162. - name: install-cni-plugin
  163. image: rancher/mirrored-flannelcni-flannel-cni-plugin:v1.1.0
  164. command:
  165. - cp
  166. args:
  167. - -f
  168. - /flannel
  169. - /opt/cni/bin/flannel
  170. volumeMounts:
  171. - name: cni-plugin
  172. mountPath: /opt/cni/bin
  173. - name: install-cni
  174. image: rancher/mirrored-flannelcni-flannel:v0.18.1
  175. command:
  176. - cp
  177. args:
  178. - -f
  179. - /etc/kube-flannel/cni-conf.json
  180. - /etc/cni/net.d/10-flannel.conflist
  181. volumeMounts:
  182. - name: cni
  183. mountPath: /etc/cni/net.d
  184. - name: flannel-cfg
  185. mountPath: /etc/kube-flannel/
  186. containers:
  187. - name: kube-flannel
  188. image: rancher/mirrored-flannelcni-flannel:v0.18.1
  189. command:
  190. - /opt/bin/flanneld
  191. args:
  192. - --ip-masq
  193. - --kube-subnet-mgr
  194. resources:
  195. requests:
  196. cpu: "100m"
  197. memory: "50Mi"
  198. limits:
  199. cpu: "100m"
  200. memory: "50Mi"
  201. securityContext:
  202. privileged: false
  203. capabilities:
  204. add: ["NET_ADMIN", "NET_RAW"]
  205. env:
  206. - name: POD_NAME
  207. valueFrom:
  208. fieldRef:
  209. fieldPath: metadata.name
  210. - name: POD_NAMESPACE
  211. valueFrom:
  212. fieldRef:
  213. fieldPath: metadata.namespace
  214. - name: EVENT_QUEUE_DEPTH
  215. value: "5000"
  216. volumeMounts:
  217. - name: run
  218. mountPath: /run/flannel
  219. - name: flannel-cfg
  220. mountPath: /etc/kube-flannel/
  221. - name: xtables-lock
  222. mountPath: /run/xtables.lock
  223. volumes:
  224. - name: run
  225. hostPath:
  226. path: /run/flannel
  227. - name: cni-plugin
  228. hostPath:
  229. path: /opt/cni/bin
  230. - name: cni
  231. hostPath:
  232. path: /etc/cni/net.d
  233. - name: flannel-cfg
  234. configMap:
  235. name: kube-flannel-cfg
  236. - name: xtables-lock
  237. hostPath:
  238. path: /run/xtables.lock
  239. type: FileOrCreate

执行查看安装的状态

 kubectl get pods --all-namespaces

 当是running的状态后再查看集群的状态是否为ready

查看命令

kubectl get nodes

声明:本文内容由网友自发贡献,不代表【wpsshop博客】立场,版权归原作者所有,本站不承担相应法律责任。如您发现有侵权的内容,请联系我们。转载请注明出处:https://www.wpsshop.cn/w/木道寻08/article/detail/952938
推荐阅读
相关标签
  

闽ICP备14008679号