这篇博文很重要,出现这个问题导致pod之间无法通讯,pod无法连接外网。

出现的问题是二进制方式安装了节点之后, tunl0没有显示,通过ifconfig tunl0 up 启动tunl0  没有意义,只有通过 calico 启动ipip模式,自动分配ip 才能解决这个问题 , 如果tunl0,没有分配到ip,也就意味着他不能跟其他pod通讯,在该node上创建的pod内部不能访问外网。
所以重点就是要解决tunl0,为什么没有启用和分配到集群的ip问题。是本文的重点


本机安装环境

k8s节点是通过二进制方式安装。

[root@ht22 calico]# cat /etc/redhat-release
CentOS Linux release 7.9.2009 (Core)

[root@ht22 calico]# uname -r
3.10.0-1160.45.1.el7.x86_64

[root@ht22 calico]# docker -v
Docker version 18.03.0-ce, build 0520e24

[root@ht22 calico]# docker -v
Docker version 18.03.0-ce, build 0520e24

[root@ht22 calico]# ifconfig

cali1e4a9cee8dc: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500ether ee:ee:ee:ee:ee:ee txqueuelen 0 (Ethernet)RX packets 568108 bytes 328205511 (313.0 MiB)RX errors 0 dropped 0 overruns 0 frame 0TX packets 568108 bytes 328205511 (313.0 MiB)TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
docker0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500inet 172.17.0.1 netmask 255.255.0.0 broadcast 172.17.255.255ether 02:42:83:9e:06:86 txqueuelen 0 (Ethernet)RX packets 0 bytes 0 (0.0 B)RX errors 0 dropped 0 overruns 0 frame 0TX packets 0 bytes 0 (0.0 B)TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
ens192: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500inet 10.129.51.204 netmask 255.255.255.0 broadcast 10.129.51.255ether 06:34:a0:00:0b:81 txqueuelen 1000 (Ethernet)RX packets 401212 bytes 136527652 (130.2 MiB)RX errors 0 dropped 0 overruns 0 frame 0TX packets 207123 bytes 197287098 (188.1 MiB)TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
ens224: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500inet 10.129.53.204 netmask 255.255.255.0 broadcast 10.129.53.255ether 06:0f:2e:00:0d:03 txqueuelen 1000 (Ethernet)RX packets 35636 bytes 2139100 (2.0 MiB)RX errors 0 dropped 0 overruns 0 frame 0TX packets 11 bytes 1421 (1.3 KiB)TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536inet 127.0.0.1 netmask 255.0.0.0loop txqueuelen 1000 (Local Loopback)RX packets 568108 bytes 328205511 (313.0 MiB)RX errors 0 dropped 0 overruns 0 frame 0TX packets 568108 bytes 328205511 (313.0 MiB)TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
tunl0: flags=193<UP,RUNNING,NOARP> mtu 1440tunnel txqueuelen 1000 (IPIP Tunnel)

RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

解决方式如下:

[root@ht22 calico]# docker rm -f calico-node
[root@ht5 calico]# docker ps | grep calico-node1effd55ba758 quay.io/calico/node:v3.1.0 "start_runit" 5 minutes ago Up 5 minutes calico-noded8aefa455a37 9f355e076ea7 "/install-cni.sh" 2 months ago Up 2 months k8s_install-cni_calico-node-ld4pd_kube-system_249f9a81-1c3d-11ec-9a8a-065c62000e9f_1691f562030f4 k8s.gcr.io/pause-amd64:3.0 "/pause" 2 months ago Up 2 months k8s_POD_calico-node-ld4pd_kube-system_249f9a81-1c3d-11ec-9a8a-065c62000e9f_1
进入到calico安装目录
[root@ht22 calico]# lltotal 392880drwxr-xr-x 2 root root 4096 Nov 26 20:38 calico-rw-r--r-- 1 root root 11829 Sep 26 2019 calico.example.yaml-rw-r--r-- 1 root root 2483 Feb 17 11:33 calico-node.service.sh-rw-r--r-- 1 root root 277872640 Nov 26 20:38 caliconode.v3.1.0.tar-rw-r--r-- 1 root root 1081 Nov 26 20:38 calico.sh-rw-r--r-- 1 root root 19389 Sep 26 2019 calico.yaml-rw-r--r-- 1 root root 69124608 Nov 26 20:38 cni.v3.1.3.tar-rw-r--r-- 1 root root 55256576 Nov 26 20:38 kube-controllers.v3.1.3.tar-rw-r--r-- 1 root root 1247 Nov 26 20:38 rbac.yaml

//删除前

[root@ht5 calico]# docker ps | grep calico-node1effd55ba758 quay.io/calico/node:v3.1.0 "start_runit" 5 minutes ago Up 5 minutes calico-noded8aefa455a37 9f355e076ea7 "/install-cni.sh" 2 months ago Up 2 months k8s_install-cni_calico-node-ld4pd_kube-system_249f9a81-1c3d-11ec-9a8a-065c62000e9f_1691f562030f4 k8s.gcr.io/pause-amd64:3.0 "/pause" 2 months ago Up 2 months k8s_POD_calico-node-ld4pd_kube-system_249f9a81-1c3d-11ec-9a8a-065c62000e9f_1

//删除后

[root@ht22 calico]# docker ps | grep calico-node2f6942eaad74 9f355e076ea7 "/install-cni.sh" 9 hours ago Up 9 hours k8s_install-cni_calico-node-r92zw_kube-system_5e332799-8f14-11ec-b44a-060eb4000e9d_127dfc117821e k8s.gcr.io/pause-amd64:3.0 "/pause" 9 hours ago Up 9 hours k8s_POD_calico-node-r92zw_kube-system_5e332799-8f14-11ec-b44a-060eb4000e9d_1

//重新安装,整个过程就是

[root@ht22 calico]# docker rm -f calico-node//进入到k8snode安装包,进入calico目录[root@ht22 calico]# sh calico-node.service.sh [root@ht22 calico]# systemctl daemon-reload[root@ht22 calico]# systemctl start calico-node[root@ht22 calico]# ifconfig
cali1e4a9cee8dc: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500ether ee:ee:ee:ee:ee:ee txqueuelen 0 (Ethernet)RX packets 569135 bytes 328540747 (313.3 MiB)RX errors 0 dropped 0 overruns 0 frame 0TX packets 569135 bytes 328540747 (313.3 MiB)TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 docker0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500inet 172.17.0.1 netmask 255.255.0.0 broadcast 172.17.255.255ether 02:42:83:9e:06:86 txqueuelen 0 (Ethernet)RX packets 0 bytes 0 (0.0 B)RX errors 0 dropped 0 overruns 0 frame 0TX packets 0 bytes 0 (0.0 B)TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
ens192: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500inet 10.129.51.204 netmask 255.255.255.0 broadcast 10.129.51.255ether 06:34:a0:00:0b:81 txqueuelen 1000 (Ethernet)RX packets 408912 bytes 139184171 (132.7 MiB)RX errors 0 dropped 0 overruns 0 frame 0TX packets 211608 bytes 202926820 (193.5 MiB)TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
ens224: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500inet 10.129.53.204 netmask 255.255.255.0 broadcast 10.129.53.255ether 06:0f:2e:00:0d:03 txqueuelen 1000 (Ethernet)RX packets 35741 bytes 2145400 (2.0 MiB)RX errors 0 dropped 0 overruns 0 frame 0TX packets 11 bytes 1421 (1.3 KiB)TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536inet 127.0.0.1 netmask 255.0.0.0loop txqueuelen 1000 (Local Loopback)RX packets 569135 bytes 328540747 (313.3 MiB)RX errors 0 dropped 0 overruns 0 frame 0TX packets 569135 bytes 328540747 (313.3 MiB)TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
tunl0: flags=193<UP,RUNNING,NOARP> mtu 1440inet 172.17.31.0 netmask 255.255.255.255tunnel txqueuelen 1000 (IPIP Tunnel)RX packets 0 bytes 0 (0.0 B)RX errors 0 dropped 0 overruns 0 frame 0TX packets 0 bytes 0 (0.0 B)TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

附 [root@ht22 calico]# cat calico-node.service.sh

K8S_MASTER_IP="这里是master ip"HOSTNAME='本机hostname'#HOSTNAME=`cat /etc/hostname`ETCD_ENDPOINTS="https://10.121.5.11:2379,https://10.121.5.12:2379"
cat > /lib/systemd/system/calico-node.service <<EOF[Unit]Description=calico nodeAfter=docker.serviceRequires=docker.service
[Service]User=rootEnvironment=ETCD_ENDPOINTS=${ETCD_ENDPOINTS}PermissionsStartOnly=trueExecStart=/usr/bin/docker run --net=host --privileged --name=calico-node \\-e ETCD_ENDPOINTS=\${ETCD_ENDPOINTS} \\-e ETCD_CA_CERT_FILE=/etc/etcd/ssl/etcd-root-ca.pem \\-e ETCD_CERT_FILE=/etc/etcd/ssl/etcd.pem \\-e ETCD_KEY_FILE=/etc/etcd/ssl/etcd-key.pem \\-e NODENAME=${HOSTNAME} \\-e IP= \\-e IP_AUTODETECTION_METHOD=can-reach=${K8S_MASTER_IP} \\-e AS=64512 \\-e CLUSTER_TYPE=k8s,bgp \\-e CALICO_IPV4POOL_CIDR=172.17.0.0/16 \\-e CALICO_IPV4POOL_IPIP=always \\-e CALICO_LIBNETWORK_ENABLED=true \\-e CALICO_NETWORKING_BACKEND=bird \\-e CALICO_DISABLE_FILE_LOGGING=true \\-e FELIX_IPV6SUPPORT=false \\-e FELIX_DEFAULTENDPOINTTOHOSTACTION=ACCEPT \\-e FELIX_LOGSEVERITYSCREEN=info \\-e FELIX_IPINIPMTU=1440 \\-e FELIX_HEALTHENABLED=true \\-e CALICO_K8S_NODE_REF=${HOSTNAME} \\-v /etc/calico/etcd-root-ca.pem:/etc/etcd/ssl/etcd-root-ca.pem \\-v /etc/calico/etcd.pem:/etc/etcd/ssl/etcd.pem \\-v /etc/calico/etcd-key.pem:/etc/etcd/ssl/etcd-key.pem \\-v /lib/modules:/lib/modules \\-v /var/lib/calico:/var/lib/calico \\-v /var/run/calico:/var/run/calico \\quay.io/calico/node:v3.1.0ExecStop=/usr/bin/docker rm -f calico-nodeRestart=alwaysRestartSec=10
[Install]WantedBy=multi-user.targetEOF

//我们在查看下

[root@ht22 calico]# route -n
Kernel IP routing tableDestination Gateway Genmask Flags Metric Ref Use Iface0.0.0.0 10.129.51.1 0.0.0.0 UG 0 0 0 ens19210.121.51.0 0.0.0.0 255.255.255.0 U 0 0 0 ens19210.121.53.0 0.0.0.0 255.255.255.0 U 100 0 0 ens224169.254.0.0 0.0.0.0 255.255.0.0 U 1002 0 0 ens192172.17.0.0 0.0.0.0 255.255.0.0 U 0 0 0 docker0172.17.9.128 10.128.51.14 255.255.255.192 UG 0 0 0 tunl0172.17.23.128 10.129.52.191 255.255.255.192 UG 0 0 0 tunl0172.17.23.192 10.129.55.113 255.255.255.192 UG 0 0 0 tunl0172.17.27.64 10.129.55.112 255.255.255.192 UG 0 0 0 tunl0172.17.31.0 0.0.0.0 255.255.255.192 U 0 0 0 *172.17.50.192 10.129.55.111 255.255.255.192 UG 0 0 0 tunl0172.17.157.0 10.128.51.12 255.255.255.192 UG 0 0 0 tunl0172.17.168.0 10.129.52.193 255.255.255.192 UG 0 0 0 tunl0172.17.216.64 10.129.52.192 255.255.255.192 UG 0 0 0 tunl0172.17.246.64 10.128.51.11 255.255.255.192 UG 0 0 0 tunl0
//tunl0 出现,否则这里也不会出现tunl0信息。

注意: 最后一步就是所有在其上的pod都要重新创建,否则还是网络不了外网。

修复tunl0-二进制安装calico的更多相关文章

  1. 8、二进制安装K8s之部署CIN网络

    二进制安装K8s之部署CIN网络 部署CIN网络可以使用flannel或者calico,这里介绍使用calico ecd 方式部署. 1.下载calico二进制安装包 创建所需目录 mkdir -p ...

  2. 1、二进制安装K8s 之 环境准备

    二进制安装K8s 之 环境准备 1.系统&软件 序号 设备\系统 版本 1 宿主机 MacBook Pro 11.4 2 系统 Centos 7.8 3 虚拟机 Parallels Deskt ...

  3. ubuntu14.04下简易二进制安装mysql

    下载mysql-commnunity的5.6.24通用二进制版 tar解压 我安装到/opt目录,所以mv到/opt/ 可选,建了个软链 ln -s *** mysql 添加运行mysql服务的用户和 ...

  4. mysql5.6 通用二进制安装

    mysql5.6 通用二进制安装: #卸载原有的mysqlyum remove mysql*ls /etc/my.cnf*mv /etc/my.cnf* /tmp/ #安装依赖包yum install ...

  5. CentOS 6.2 二进制安装apache2.4.3出现configure: error: APR-util not found. Please read the documentation的解决方

    CentOS 6.2 二进制安装apache2.4.3出现configure: error: APR-util not found. Please read the documentation的解决方 ...

  6. CentOS6+MySQL5.6二进制安装

    一般我们安装mysql采用二进制安装的方式就足以满足我们的生产环境了,不过需要我们配置my.cnf文件 从官网下载二进制MySQL,选择Linux-Generic,最后这两个是二进制包 http:// ...

  7. Mysql的二进制安装和基础入门操作

    前言:Mysql数据库,知识非常的多,要想学精学通这块知识,估计也要花费和学linux一样的精力和时间.小编也是只会些毛皮,给大家分享一下~ 一.MySQL安装 (1)安装方式: 1 .程序包yum安 ...

  8. centos 7.3二进制安装mariadb10.2.8完美步骤

    (1)在centos7系统上,yum info mariadb可以找到提供mariadb包的官方网站,在到官方网站下载最新的mariadb包,然后rz到linux系统上去 (2)准备用户 1.user ...

  9. Linux中MySQL5.6编译安装与MySQL5.7二进制安装步骤

    首先,介绍一下MySQL的几种安装方式 1.RPM.Yum 的安装方式:安装方便.安装速度快,无法定制 2.二进制:不需要安装,解压即可使用,不能定制功能 3.编译安装:可定制,安装慢. 编译安装中需 ...

  10. Centos7 二进制安装 Kubernetes 1.13

    目录 1.目录 1.1.什么是 Kubernetes? 1.2.Kubernetes 有哪些优势? 2.环境准备 2.1.网络配置 2.2.更改 HOSTNAME 2.3.配置ssh免密码登录登录 2 ...

随机推荐

  1. 在基于ABP框架的前端项目Vue&Element项目中采用日期格式处理,对比Moment.js和day.js的处理

    Day.js 是一个轻量的处理时间和日期的 JavaScript 库,和 Moment.js 的 API 设计保持完全一样. 如果您曾经用过 Moment.js, 那么您已经知道如何使用 Day.js ...

  2. JavaWeb——Tomcat使用

    官方下载地址:https://tomcat.apache.org/download-90.cgi 选择安装包: 64-bit Windows zip (pgp, sha512) 注:tar.gz后缀的 ...

  3. 使用pyautogui自动在某网站投票的脚本

    网页自动投票: # !/usr/bin/env python # -*- coding:utf-8 -*- # Author:Hiuhung Wan import re import pypercli ...

  4. 6月25日 Django 分页 cookie、session

    cookie Cookie的由来 大家都知道HTTP协议是无状态的. 无状态的意思是每次请求都是独立的,它的执行情况和结果与前面的请求和之后的请求都无直接关系,它不会受前面的请求响应情况直接影响,也不 ...

  5. 嵌套OOPS导致系统卡死 每个CPU都上报softlockup的问题

    问题现象:在ARM服务器上,构造oops异常,本应该产生panic,进入dump流程,并且系统重启,但是系统并未重启,而是出现了卡死,在串口会隔一段时间就循环打印调用栈信息.如下所示 linux-fA ...

  6. path()的name属性,有什么用?

    官网(参考:命名 URL 模式) 命名 URL 模式: 为了完成反向解析 URL ,你需要像上面那样使用 命名 URL 模式 .用于命名 URL 的字符串可以包含任意字符,并不仅限于 Python 里 ...

  7. 大咖说|网易数帆论道 PolarDB 数据库开源 & 存储生态

    开源技术如何商业化?将遇到什么问题?有哪些可行的解决办法?本期大咖说,阿里云数据库开源战役负责人曲山将携手网易副总裁汪源与你分享关于开源商业化的思考. 嘉宾简介 网易副总裁.杭州研究院执行院长.网易数 ...

  8. Spring Cache缓存框架

    一.序言 Spring Cache是Spring体系下标准化缓存框架.Spring Cache有如下优势: 缓存品种多 支持缓存品种多,常见缓存Redis.EhCache.Caffeine均支持.它们 ...

  9. 什么是tar 命令?

    用来压缩和解压文件.tar 本身不具有压缩功能,只具有打包功能,有关压缩及解压是调用其它的功能来完成.弄清两个概念:打包和压缩.打包是指将一大堆文件或目录变成一个总的文件:压缩则是将一个大的文件通过一 ...

  10. CAS 的问题 ?

    1.CAS 容易造成 ABA 问题 一个线程 a 将数值改成了 b,接着又改成了 a,此时 CAS 认为是没有变化,其实 是已经变化过了,而这个问题的解决方案可以使用版本号标识,每操作一次 versi ...