ubuntu16 kubernetes1.6安装（三、etcd、flannel）

原创

无湖 2017-12-08 10:50:47 ©著作权

文章标签 docker flannel 文章分类 运维

©著作权归作者所有：来自51CTO博客作者无湖的原创作品，请联系作者获取转载授权，否则将追究法律责任

在配置k8s，过程中用到flannel，发现其docker大部分文档，启动没使用systemd的形式，故此完善了下，实际生产不需要证书，可以去除。软件版本： root@ubuntu132:~/scripts# etcd -version etcd Version: 3.1.7 Git SHA: 43b7507 Go Version: go1.7.5 Go OS/Arch: linux/amd64 root@ubuntu132:~/scripts# flanneld -version v0.6.2

1、下载etcd etcdctl flannel 二进制包，并放置到/usr/local/bin 2、设置etcd，systemd管理启动，这里使用了k8s的证书，可去除 root@ubuntu133:~# cat /etc/systemd/system/etcd.service [Unit] Description=Etcd Server After=network.target After=network-online.target Wants=network-online.target Documentation=https://github.com/coreos [Service] Type=notify WorkingDirectory=/var/lib/etcd/ EnvironmentFile=-/etc/etcd/etcd.conf ExecStart=/usr/local/bin/etcd
--name ${ETCD_NAME}
--cert-file=/etc/kubernetes/ssl/kubernetes.pem
--key-file=/etc/kubernetes/ssl/kubernetes-key.pem
--peer-cert-file=/etc/kubernetes/ssl/kubernetes.pem
--peer-key-file=/etc/kubernetes/ssl/kubernetes-key.pem
--trusted-ca-file=/etc/kubernetes/ssl/ca.pem
--peer-trusted-ca-file=/etc/kubernetes/ssl/ca.pem
--initial-advertise-peer-urls ${ETCD_INITIAL_ADVERTISE_PEER_URLS}
--listen-peer-urls ${ETCD_LISTEN_PEER_URLS}
--listen-client-urls ${ETCD_LISTEN_CLIENT_URLS},http://127.0.0.1:2379
--advertise-client-urls ${ETCD_ADVERTISE_CLIENT_URLS}
--initial-cluster-token ${ETCD_INITIAL_CLUSTER_TOKEN}
--initial-cluster infra1=https://192.168.15.132:2380,infra2=https://192.168.15.133:2380,infra3=https://192.168.15.134:2380
--initial-cluster-state new
--data-dir=${ETCD_DATA_DIR} Restart=on-failure RestartSec=5 LimitNOFILE=65536 [Install] WantedBy=multi-user.target

每个etcd集群节点按具体情况配置 root@ubuntu133:~# cat /etc/etcd/etcd.conf

ETCD_NAME=infra2 ETCD_DATA_DIR="/var/lib/etcd" ETCD_LISTEN_PEER_URLS="https://192.168.15.133:2380" ETCD_LISTEN_CLIENT_URLS="https://192.168.15.133:2379" #[cluster] ETCD_INITIAL_ADVERTISE_PEER_URLS="https://192.168.15.133:2380" ETCD_INITIAL_CLUSTER_TOKEN="etcd-cluster" ETCD_ADVERTISE_CLIENT_URLS="https://192.168.15.133:2379

systemctl daemon-reload systemctl enable etcd systemctl start etcd

设置etcd内容，同时设置flannel网络 root@ubuntu132:~/scripts# cat etcdctl.sh #!/bin/bash

etcdctl --endpoints=https://192.168.15.132:2379,https://192.168.15.133:2379,https://192.168.15.134:2379
--ca-file=/etc/kubernetes/ssl/ca.pem
--cert-file=/etc/kubernetes/ssl/kubernetes.pem
--key-file=/etc/kubernetes/ssl/kubernetes-key.pem
set /coreos.com/network/config '{"Network":"10.253.0.0/16"}'

3、flannel配置，可用systemd管理，也不使用，systemd配置 root@ubuntu133:~# cat flannelctl.sh #!/bin/bash flanneld -etcd-endpoints="https://192.168.15.132:2379,https://192.168.15.133:2379,https://192.168.15.134:2379"
-etcd-prefix=/coreos.com/network
-etcd-cafile=/etc/kubernetes/ssl/ca.pem
-etcd-certfile=/etc/kubernetes/ssl/kubernetes.pem
-etcd-keyfile=/etc/kubernetes/ssl/kubernetes-key.pem & sleep 5 source /run/flannel/subnet.env

./flannelctl.sh

4、docker网络配置，这里需要把flannel网络中的环境变量添加到docker启动环境变量中去，docker后启动于flannel。 root@ubuntu133:~# cat /etc/systemd/system/multi-user.target.wants/docker.service [Unit] Description=Docker Application Container Engine Documentation=https://docs.docker.com After=network.target docker.socket firewalld.service Requires=docker.socket

[Service] Type=notify

#ExecStart=/usr/bin/dockerd -H fd:// #ExecReload=/bin/kill -s HUP $MAINPID LimitNOFILE=1048576

LimitNPROC=infinity LimitCORE=infinity

TasksMax=infinity TimeoutStartSec=0

Delegate=yes

KillMode=process

EnvironmentFile=-/etc/default/docker EnvironmentFile=-/run/flannel/subnet.env ExecStart=/usr/bin/docker daemon --bip=${FLANNEL_SUBNET} --mtu=${FLANNEL_MTU} -H fd:// $DOCKER_OPTS

[Install] WantedBy=multi-user.target

systemctl daemon-reload systemctl enable docker systemctl restart docker