iProbe/Docs
0
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
Docs/CloudNative/Kubernetes/Base/Flannel相关
iProbe ba848e218d first commit
2022-10-18 16:59:37 +08:00

32 lines
No EOL
1.3 KiB
Text
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

证书需要caca keyflannel key与证书
安装之前需要配置subnet.env文件配置flannel管理集群的网络
举例说明:
FLANNEL_NETWORK=172.18.0.0/16 # flannel地址池
FLANNEL_SUBNET=172.18.16.0/24 # 分配给每个宿主机docker0的网段
FLANNEL_MTU=1500 # 数据分片大小
FLANNEL_IPMASQ=false
flannel host-gw
宿主机要在一个二层网络下使用同一个网关维护路由表etcd
使用的是路由转发,效率比较高
flannel vxlan
宿主机可以在不同网络中使用flannel0封包解包
flannel udp
flannel依赖etcd安装完成以后需要在etcd中添加数据
# etcdctl member list # 查看etd master
# etcdctl --endpoint http://10.1.0.0:2379 set /coreos.com/network/config '{"Network": "172.18.0.0/16", "SubnetLen":24, "Backend":{"Type": "VxLan", "Directrouting": True}}'
"Directrouting": True同一个node中直接转发
优化flannel
安装iptables-service
# 删除默认生成规则
iptables -t nat -D POSTROUTING -s 本地docker弯管 ! -o docker0 -j MASQUERADE
# 若本地docker网段访问的网段不是flannel的地址池且发送的网桥不是docker0的才进行snat转换(即容器之间不做转换)
iptables -t nat -I POSTROUTING -s 本地docker网段 ! -d 172.18.0.0/16 ! -o docker0 -j MASQUERADE
Reference in a new issue View git blame Copy permalink