在master節點通過kubectl建立calico policy controller

calico-controller.yml

apiVersion: rbac.authorization.k8s.io/v1beta1 kind: ClusterRoleBinding metadata:name: calico-kube-controllers roleRef:apiGroup: rbac.authorization.k8s.iokind: ClusterRolename: calico-kube-controllers subjects: - kind: ServiceAccountname: calico-kube-controllersnamespace: kube-system --- kind: ClusterRole apiVersion: rbac.authorization.k8s.io/v1beta1 metadata:name: calico-kube-controllersnamespace: kube-system rules:- apiGroups:- ""- extensionsresources:- pods- namespaces- networkpoliciesverbs:- watch- list --- apiVersion: v1 kind: ServiceAccount metadata:name: calico-kube-controllersnamespace: kube-system --- apiVersion: extensions/v1beta1 kind: Deployment metadata:name: calico-policy-controllernamespace: kube-systemlabels:k8s-app: calico-policy spec:strategy:type: Recreatetemplate:metadata:name: calico-policy-controllernamespace: kube-systemlabels:k8s-app: calico-policyspec:hostNetwork: trueserviceAccountName: calico-kube-controllerscontainers:- name: calico-policy-controllerimage: quay.io/calico/kube-controllers:v1.0.0env:- name: ETCD_ENDPOINTSvalue: "http://10.0.0.210:2379"volumeMounts:- mountPath: /etc/etcd/sslname: etcd-ca-certsreadOnly: truevolumes:- hostPath:path: /etc/etcd/ssltype: DirectoryOrCreatename: etcd-ca-certs
下載calicoctl

wget?https://github.com/projectcalico/calicoctl/releases/download/v1.6.2/calicoctl -o /usr/local/bin/calicoctl

chmod +x /usr/local/bin/calicoctl

接下來的操作需要在所有節點進行。

wget?https://github.com/projectcalico/cni-plugin/releases/download/v1.11.1/calico -o /opt/cni/bin

wget?https://github.com/projectcalico/cni-plugin/releases/download/v1.11.1/calico-ipam -o /opt/cni/bin

chmod +x /opt/cni/bin/calico /opt/cni/bin/calico-ipam

mkdir -p /etc/cni/net.d

在/lib/systemd/system/下面建立文件calico-node.service

[Unit] Description=calico node After=docker.service Requires=docker.service[Service] User=root PermissionsStartOnly=true ExecStart=/usr/bin/docker run --net=host --privileged --name=calico-node \-e ETCD_ENDPOINTS=http://10.0.0.210:2379 \-e NODENAME=${HOSTNAME} \-e IP= \-e NO_DEFAULT_POOLS= \-e AS= \-e CALICO_LIBNETWORK_ENABLED=true \-e IP6= \-e CALICO_NETWORKING_BACKEND=bird \-e FELIX_DEFAULTENDPOINTTOHOSTACTION=ACCEPT \-e FELIX_HEALTHENABLED=true \-e CALICO_IPV4POOL_CIDR=10.244.0.0/16 \-e CALICO_IPV4POOL_IPIP=always \-e IP_AUTODETECTION_METHOD=interface=eth0 \-e IP6_AUTODETECTION_METHOD=interface=eth0 \-v /etc/etcd/ssl:/etc/etcd/ssl \-v /var/run/calico:/var/run/calico \-v /lib/modules:/lib/modules \-v /run/docker/plugins:/run/docker/plugins \-v /var/run/docker.sock:/var/run/docker.sock \-v /var/log/calico:/var/log/calico \quay.io/calico/node:v2.6.3 ExecStop=/usr/bin/docker rm -f calico-node Restart=on-failure RestartSec=10[Install] WantedBy=multi-user.target
在/etc/cni/net.d下面建立文件10-calico.conf

{"name": "calico-k8s-network","cniVersion": "0.1.0","type": "calico","etcd_endpoints": "http://10.0.0.210:2379","log_level": "info","ipam": {"type": "calico-ipam"},"policy": {"type": "k8s"},"kubernetes": {"kubeconfig": "/etc/kubernetes/kubelet.conf"} }

在所有節點啟動calico

systemctl enable calico-node

systemctl start calico-node

在master節點查看calico nodes

在用戶主目錄創建文件calico-rc

source? ~/calico-rc

總結

以上是生活随笔為你收集整理的kubernetes1.8.4 安装指南 -- 9. calico的全部內容，希望文章能夠幫你解決所遇到的問題。

如果覺得生活随笔網站內容還不錯，歡迎將生活随笔推薦給好友。