Kubernetes(由Kubeadm安装)使用的Flanneld配置在哪里?

时间:2017-12-12 11:06:14

标签: kubernetes flannel kubeadm

问题

Kubernetes工作节点上的Flanneld具有配置文件/ etc / sysconfig / flanneld,它指向工作节点的localhost上的ETCD,该节点应指向主节点etcd URL。

这是否意味着Pod网络未正确配置或Flannel与Kubernetes用户使用不同的配置文件?如果是这样,flanneld使用哪种配置?

如果有关于Kubernetes如何与CNI互动的良好参考/资源,请提出建议。

在工作节点上,配置指向其自身,而不是主IP。

$ cat /etc/sysconfig/flanneld  

# Flanneld configuration options  

# etcd url location.  Point this to the server where etcd runs
FLANNEL_ETCD_ENDPOINTS="http://127.0.0.1:2379"

# etcd config key.  This is the configuration key that flannel queries
# For address range assignment
FLANNEL_ETCD_PREFIX="/atomic.io/network"

# Any additional options that you want to pass
#FLANNEL_OPTIONS=""

工作节点已成功加入。

$ kubectl get nodes
NAME      STATUS    ROLES     AGE       VERSION
master    Ready     master    25m       v1.8.5
node01    Ready     <none>    25m       v1.8.5
node02    Ready     <none>    25m       v1.8.5

工作节点上的flannel.1 IF配置了带主服务器的保存CIDR,尽管配置没有指向配置法兰绒的主服务器。

$ ip addr
...
3: enp0s8: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 08:00:27:0d:f8:34 brd ff:ff:ff:ff:ff:ff
    inet 192.168.99.12/24 brd 192.168.99.255 scope global enp0s8
       valid_lft forever preferred_lft forever
    inet6 fe80::6839:cd66:9352:2280/64 scope link 
       valid_lft forever preferred_lft forever
4: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN qlen 1000
    link/ether 52:54:00:2c:56:b8 brd ff:ff:ff:ff:ff:ff
    inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0
       valid_lft forever preferred_lft forever
5: virbr0-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast master virbr0 state DOWN qlen 1000
    link/ether 52:54:00:2c:56:b8 brd ff:ff:ff:ff:ff:ff
6: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN 
    link/ether 02:42:67:48:ae:ef brd ff:ff:ff:ff:ff:ff
    inet 172.17.0.1/16 scope global docker0
       valid_lft forever preferred_lft forever
7: flannel.1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc noqueue state UNKNOWN 
    link/ether 56:20:a1:4d:f0:d2 brd ff:ff:ff:ff:ff:ff
    inet 10.244.1.0/32 scope global flannel.1
       valid_lft forever preferred_lft forever
    inet6 fe80::5420:a1ff:fe4d:f0d2/64 scope link 
       valid_lft forever preferred_lft forever

在worker上执行的步骤(除了sudo yum install kubelet kubeadm flanneld)是看起来成功的kubeadm join(尽管有一些错误消息)。

changed: [192.168.99.12] => {...
  "[kubeadm] WARNING: kubeadm is in beta, please do not use it for production clusters.",
  "[preflight] Running pre-flight checks",
  "[preflight] Starting the kubelet service",
  "[discovery] Trying to connect to API Server \"192.168.99.10:6443\"",
  "[discovery] Created cluster-info discovery client, requesting info from \"https://192.168.99.10:6443\"",
  "[discovery] Failed to connect to API Server \"192.168.99.10:6443\": there is no JWS signed token in the cluster-info ConfigMap. This token id \"7ae0ed\" is invalid for this cluster, can't connect",
  "[discovery] Trying to connect to API Server \"192.168.99.10:6443\"",
  "[discovery] Created cluster-info discovery client, requesting info from \"https://192.168.99.10:6443\"",
  "[discovery] Failed to connect to API Server \"192.168.99.10:6443\": there is no JWS signed token in the cluster-info ConfigMap. This token id \"7ae0ed\" is invalid for this cluster, can't connect",
  "[discovery] Trying to connect to API Server \"192.168.99.10:6443\"",
  "[discovery] Created cluster-info discovery client, requesting info from \"https://192.168.99.10:6443\"",
  "[discovery] Requesting info from \"https://192.168.99.10:6443\" again to validate TLS against the pinned public key",
  "[discovery] Cluster info signature and contents are valid and TLS certificate validates against pinned roots, will use API Server \"192.168.99.10:6443\"",
  "[discovery] Successfully established connection with API Server \"192.168.99.10:6443\"",
  "[bootstrap] Detected server version: v1.8.5",
  "[bootstrap] The server supports the Certificates API (certificates.k8s.io/v1beta1)",
  "",
  "Node join complete:",
  "* Certificate signing request sent to master and response",
  "  received.",
  "* Kubelet informed of new secure connection details.",
  "",
  "Run 'kubectl get nodes' on the master to see this machine join."

背景

在VirtualBox上通过CentOS 7中的Using kubeadm to Create a Cluster安装Kubernetes 1.8.5。

相关

1 个答案:

答案 0 :(得分:0)

法兰绒配置存储在etcd中。 FLANNEL_ETCD_ENDPOINTS="http://127.0.0.1:2379"参数定义了etcd所在的位置,FLANNEL_ETCD_PREFIX="/atomic.io/network"定义了数据在etcd中的存储位置。

因此,要完全根据您的情况进行法兰绒配置,我们需要从etcd获取这些信息:

etcdctl --endpoint=127.0.0.1:2379 get /atomic.io/network/config
{"Network":"10.2.0.0/16","Backend":{"Type":"vxlan"}}

此外,我们可以找到我们在群集中使用的子网数量:

etcdctl --endpoint=127.0.0.1:2379 ls /atomic.io/network/subnets
/atomic.io/network/subnets/10.2.41.0-24
/atomic.io/network/subnets/10.2.86.0-24

并查看有关其中任何一项的信息:​​

etcdctl --endpoint=127.0.0.1:2379 get /atomic.com/network/subnets/10.2.4.0-24
{"PublicIP":"10.0.0.16","BackendType":"vxlan","BackendData":{"VtepMAC":"45:e7:76:d5:1c:49"}}