修复tunl0-二进制安装calico
这篇博文很重要,出现这个问题导致pod之间无法通讯,pod无法连接外网。
- 出现的问题是二进制方式安装了节点之后, tunl0没有显示,通过ifconfig tunl0 up 启动tunl0 没有意义,只有通过 calico 启动ipip模式,自动分配ip 才能解决这个问题 , 如果tunl0,没有分配到ip,也就意味着他不能跟其他pod通讯,在该node上创建的pod内部不能访问外网。
- 所以重点就是要解决tunl0,为什么没有启用和分配到集群的ip问题。是本文的重点
本机安装环境
k8s节点是通过二进制方式安装。
[root@ht22 calico]# cat /etc/redhat-release
CentOS Linux release 7.9.2009 (Core)
[root@ht22 calico]# uname -r
3.10.0-1160.45.1.el7.x86_64
[root@ht22 calico]# docker -v
Docker version 18.03.0-ce, build 0520e24
[root@ht22 calico]# docker -v
Docker version 18.03.0-ce, build 0520e24
[root@ht22 calico]# ifconfig
- cali1e4a9cee8dc: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500ether ee:ee:ee:ee:ee:ee txqueuelen 0 (Ethernet)RX packets 568108 bytes 328205511 (313.0 MiB)RX errors 0 dropped 0 overruns 0 frame 0TX packets 568108 bytes 328205511 (313.0 MiB)TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
- docker0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500inet 172.17.0.1 netmask 255.255.0.0 broadcast 172.17.255.255ether 02:42:83:9e:06:86 txqueuelen 0 (Ethernet)RX packets 0 bytes 0 (0.0 B)RX errors 0 dropped 0 overruns 0 frame 0TX packets 0 bytes 0 (0.0 B)TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
- ens192: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500inet 10.129.51.204 netmask 255.255.255.0 broadcast 10.129.51.255ether 06:34:a0:00:0b:81 txqueuelen 1000 (Ethernet)RX packets 401212 bytes 136527652 (130.2 MiB)RX errors 0 dropped 0 overruns 0 frame 0TX packets 207123 bytes 197287098 (188.1 MiB)TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
- ens224: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500inet 10.129.53.204 netmask 255.255.255.0 broadcast 10.129.53.255ether 06:0f:2e:00:0d:03 txqueuelen 1000 (Ethernet)RX packets 35636 bytes 2139100 (2.0 MiB)RX errors 0 dropped 0 overruns 0 frame 0TX packets 11 bytes 1421 (1.3 KiB)TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
- lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536inet 127.0.0.1 netmask 255.0.0.0loop txqueuelen 1000 (Local Loopback)RX packets 568108 bytes 328205511 (313.0 MiB)RX errors 0 dropped 0 overruns 0 frame 0TX packets 568108 bytes 328205511 (313.0 MiB)TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
- tunl0: flags=193<UP,RUNNING,NOARP> mtu 1440tunnel txqueuelen 1000 (IPIP Tunnel)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
解决方式如下:
- [root@ht22 calico]# docker rm -f calico-node
- [root@ht5 calico]# docker ps | grep calico-node1effd55ba758 quay.io/calico/node:v3.1.0 "start_runit" 5 minutes ago Up 5 minutes calico-noded8aefa455a37 9f355e076ea7 "/install-cni.sh" 2 months ago Up 2 months k8s_install-cni_calico-node-ld4pd_kube-system_249f9a81-1c3d-11ec-9a8a-065c62000e9f_1691f562030f4 k8s.gcr.io/pause-amd64:3.0 "/pause" 2 months ago Up 2 months k8s_POD_calico-node-ld4pd_kube-system_249f9a81-1c3d-11ec-9a8a-065c62000e9f_1
- 进入到calico安装目录
- [root@ht22 calico]# lltotal 392880drwxr-xr-x 2 root root 4096 Nov 26 20:38 calico-rw-r--r-- 1 root root 11829 Sep 26 2019 calico.example.yaml-rw-r--r-- 1 root root 2483 Feb 17 11:33 calico-node.service.sh-rw-r--r-- 1 root root 277872640 Nov 26 20:38 caliconode.v3.1.0.tar-rw-r--r-- 1 root root 1081 Nov 26 20:38 calico.sh-rw-r--r-- 1 root root 19389 Sep 26 2019 calico.yaml-rw-r--r-- 1 root root 69124608 Nov 26 20:38 cni.v3.1.3.tar-rw-r--r-- 1 root root 55256576 Nov 26 20:38 kube-controllers.v3.1.3.tar-rw-r--r-- 1 root root 1247 Nov 26 20:38 rbac.yaml
//删除前
- [root@ht5 calico]# docker ps | grep calico-node1effd55ba758 quay.io/calico/node:v3.1.0 "start_runit" 5 minutes ago Up 5 minutes calico-noded8aefa455a37 9f355e076ea7 "/install-cni.sh" 2 months ago Up 2 months k8s_install-cni_calico-node-ld4pd_kube-system_249f9a81-1c3d-11ec-9a8a-065c62000e9f_1691f562030f4 k8s.gcr.io/pause-amd64:3.0 "/pause" 2 months ago Up 2 months k8s_POD_calico-node-ld4pd_kube-system_249f9a81-1c3d-11ec-9a8a-065c62000e9f_1
//删除后
- [root@ht22 calico]# docker ps | grep calico-node2f6942eaad74 9f355e076ea7 "/install-cni.sh" 9 hours ago Up 9 hours k8s_install-cni_calico-node-r92zw_kube-system_5e332799-8f14-11ec-b44a-060eb4000e9d_127dfc117821e k8s.gcr.io/pause-amd64:3.0 "/pause" 9 hours ago Up 9 hours k8s_POD_calico-node-r92zw_kube-system_5e332799-8f14-11ec-b44a-060eb4000e9d_1
//重新安装,整个过程就是
- [root@ht22 calico]# docker rm -f calico-node//进入到k8snode安装包,进入calico目录[root@ht22 calico]# sh calico-node.service.sh [root@ht22 calico]# systemctl daemon-reload[root@ht22 calico]# systemctl start calico-node[root@ht22 calico]# ifconfig
- cali1e4a9cee8dc: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500ether ee:ee:ee:ee:ee:ee txqueuelen 0 (Ethernet)RX packets 569135 bytes 328540747 (313.3 MiB)RX errors 0 dropped 0 overruns 0 frame 0TX packets 569135 bytes 328540747 (313.3 MiB)TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
- docker0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500inet 172.17.0.1 netmask 255.255.0.0 broadcast 172.17.255.255ether 02:42:83:9e:06:86 txqueuelen 0 (Ethernet)RX packets 0 bytes 0 (0.0 B)RX errors 0 dropped 0 overruns 0 frame 0TX packets 0 bytes 0 (0.0 B)TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
- ens192: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500inet 10.129.51.204 netmask 255.255.255.0 broadcast 10.129.51.255ether 06:34:a0:00:0b:81 txqueuelen 1000 (Ethernet)RX packets 408912 bytes 139184171 (132.7 MiB)RX errors 0 dropped 0 overruns 0 frame 0TX packets 211608 bytes 202926820 (193.5 MiB)TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
- ens224: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500inet 10.129.53.204 netmask 255.255.255.0 broadcast 10.129.53.255ether 06:0f:2e:00:0d:03 txqueuelen 1000 (Ethernet)RX packets 35741 bytes 2145400 (2.0 MiB)RX errors 0 dropped 0 overruns 0 frame 0TX packets 11 bytes 1421 (1.3 KiB)TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
- lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536inet 127.0.0.1 netmask 255.0.0.0loop txqueuelen 1000 (Local Loopback)RX packets 569135 bytes 328540747 (313.3 MiB)RX errors 0 dropped 0 overruns 0 frame 0TX packets 569135 bytes 328540747 (313.3 MiB)TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
- tunl0: flags=193<UP,RUNNING,NOARP> mtu 1440inet 172.17.31.0 netmask 255.255.255.255tunnel txqueuelen 1000 (IPIP Tunnel)RX packets 0 bytes 0 (0.0 B)RX errors 0 dropped 0 overruns 0 frame 0TX packets 0 bytes 0 (0.0 B)TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
附 [root@ht22 calico]# cat calico-node.service.sh
- K8S_MASTER_IP="这里是master ip"HOSTNAME='本机hostname'#HOSTNAME=`cat /etc/hostname`ETCD_ENDPOINTS="https://10.121.5.11:2379,https://10.121.5.12:2379"
- cat > /lib/systemd/system/calico-node.service <<EOF[Unit]Description=calico nodeAfter=docker.serviceRequires=docker.service
- [Service]User=rootEnvironment=ETCD_ENDPOINTS=${ETCD_ENDPOINTS}PermissionsStartOnly=trueExecStart=/usr/bin/docker run --net=host --privileged --name=calico-node \\-e ETCD_ENDPOINTS=\${ETCD_ENDPOINTS} \\-e ETCD_CA_CERT_FILE=/etc/etcd/ssl/etcd-root-ca.pem \\-e ETCD_CERT_FILE=/etc/etcd/ssl/etcd.pem \\-e ETCD_KEY_FILE=/etc/etcd/ssl/etcd-key.pem \\-e NODENAME=${HOSTNAME} \\-e IP= \\-e IP_AUTODETECTION_METHOD=can-reach=${K8S_MASTER_IP} \\-e AS=64512 \\-e CLUSTER_TYPE=k8s,bgp \\-e CALICO_IPV4POOL_CIDR=172.17.0.0/16 \\-e CALICO_IPV4POOL_IPIP=always \\-e CALICO_LIBNETWORK_ENABLED=true \\-e CALICO_NETWORKING_BACKEND=bird \\-e CALICO_DISABLE_FILE_LOGGING=true \\-e FELIX_IPV6SUPPORT=false \\-e FELIX_DEFAULTENDPOINTTOHOSTACTION=ACCEPT \\-e FELIX_LOGSEVERITYSCREEN=info \\-e FELIX_IPINIPMTU=1440 \\-e FELIX_HEALTHENABLED=true \\-e CALICO_K8S_NODE_REF=${HOSTNAME} \\-v /etc/calico/etcd-root-ca.pem:/etc/etcd/ssl/etcd-root-ca.pem \\-v /etc/calico/etcd.pem:/etc/etcd/ssl/etcd.pem \\-v /etc/calico/etcd-key.pem:/etc/etcd/ssl/etcd-key.pem \\-v /lib/modules:/lib/modules \\-v /var/lib/calico:/var/lib/calico \\-v /var/run/calico:/var/run/calico \\quay.io/calico/node:v3.1.0ExecStop=/usr/bin/docker rm -f calico-nodeRestart=alwaysRestartSec=10
- [Install]WantedBy=multi-user.targetEOF
//我们在查看下
- [root@ht22 calico]# route -n
- Kernel IP routing tableDestination Gateway Genmask Flags Metric Ref Use Iface0.0.0.0 10.129.51.1 0.0.0.0 UG 0 0 0 ens19210.121.51.0 0.0.0.0 255.255.255.0 U 0 0 0 ens19210.121.53.0 0.0.0.0 255.255.255.0 U 100 0 0 ens224169.254.0.0 0.0.0.0 255.255.0.0 U 1002 0 0 ens192172.17.0.0 0.0.0.0 255.255.0.0 U 0 0 0 docker0172.17.9.128 10.128.51.14 255.255.255.192 UG 0 0 0 tunl0172.17.23.128 10.129.52.191 255.255.255.192 UG 0 0 0 tunl0172.17.23.192 10.129.55.113 255.255.255.192 UG 0 0 0 tunl0172.17.27.64 10.129.55.112 255.255.255.192 UG 0 0 0 tunl0172.17.31.0 0.0.0.0 255.255.255.192 U 0 0 0 *172.17.50.192 10.129.55.111 255.255.255.192 UG 0 0 0 tunl0172.17.157.0 10.128.51.12 255.255.255.192 UG 0 0 0 tunl0172.17.168.0 10.129.52.193 255.255.255.192 UG 0 0 0 tunl0172.17.216.64 10.129.52.192 255.255.255.192 UG 0 0 0 tunl0172.17.246.64 10.128.51.11 255.255.255.192 UG 0 0 0 tunl0
- //tunl0 出现,否则这里也不会出现tunl0信息。
注意: 最后一步就是所有在其上的pod都要重新创建,否则还是网络不了外网。
修复tunl0-二进制安装calico的更多相关文章
- 8、二进制安装K8s之部署CIN网络
二进制安装K8s之部署CIN网络 部署CIN网络可以使用flannel或者calico,这里介绍使用calico ecd 方式部署. 1.下载calico二进制安装包 创建所需目录 mkdir -p ...
- 1、二进制安装K8s 之 环境准备
二进制安装K8s 之 环境准备 1.系统&软件 序号 设备\系统 版本 1 宿主机 MacBook Pro 11.4 2 系统 Centos 7.8 3 虚拟机 Parallels Deskt ...
- ubuntu14.04下简易二进制安装mysql
下载mysql-commnunity的5.6.24通用二进制版 tar解压 我安装到/opt目录,所以mv到/opt/ 可选,建了个软链 ln -s *** mysql 添加运行mysql服务的用户和 ...
- mysql5.6 通用二进制安装
mysql5.6 通用二进制安装: #卸载原有的mysqlyum remove mysql*ls /etc/my.cnf*mv /etc/my.cnf* /tmp/ #安装依赖包yum install ...
- CentOS 6.2 二进制安装apache2.4.3出现configure: error: APR-util not found. Please read the documentation的解决方
CentOS 6.2 二进制安装apache2.4.3出现configure: error: APR-util not found. Please read the documentation的解决方 ...
- CentOS6+MySQL5.6二进制安装
一般我们安装mysql采用二进制安装的方式就足以满足我们的生产环境了,不过需要我们配置my.cnf文件 从官网下载二进制MySQL,选择Linux-Generic,最后这两个是二进制包 http:// ...
- Mysql的二进制安装和基础入门操作
前言:Mysql数据库,知识非常的多,要想学精学通这块知识,估计也要花费和学linux一样的精力和时间.小编也是只会些毛皮,给大家分享一下~ 一.MySQL安装 (1)安装方式: 1 .程序包yum安 ...
- centos 7.3二进制安装mariadb10.2.8完美步骤
(1)在centos7系统上,yum info mariadb可以找到提供mariadb包的官方网站,在到官方网站下载最新的mariadb包,然后rz到linux系统上去 (2)准备用户 1.user ...
- Linux中MySQL5.6编译安装与MySQL5.7二进制安装步骤
首先,介绍一下MySQL的几种安装方式 1.RPM.Yum 的安装方式:安装方便.安装速度快,无法定制 2.二进制:不需要安装,解压即可使用,不能定制功能 3.编译安装:可定制,安装慢. 编译安装中需 ...
- Centos7 二进制安装 Kubernetes 1.13
目录 1.目录 1.1.什么是 Kubernetes? 1.2.Kubernetes 有哪些优势? 2.环境准备 2.1.网络配置 2.2.更改 HOSTNAME 2.3.配置ssh免密码登录登录 2 ...
随机推荐
- LGP7890题解
前置芝士的光速幂技巧. 本题解不是正解,和正解唯一的差别在于对幂的处理. 我们能够发现有: \[F(n,m,k)=\frac 1 n \binom {n+m-1} m \] 证明见这里. 然后我们开始 ...
- Python 基础知识自检,离深入掌握 Python 还有多远
1. 模块化编程思想 模块化编程是 Python 的基本思想.初学 Python,都应该使用过小海龟.随机.数学模块.使用模块之前,需要导入模块,然后根据自己的问题需要使用这些模块. Python 提 ...
- linux的文件与目录的权限设置
@font-face { font-family: 宋体 } @font-face { font-family: "Cambria Math" } @font-face { fon ...
- 3、Lambda表达式
Lambda表达式 Lambda表达式(lambda expression),是一种匿名函数,即没有函数名的函数. Lambda表达式不仅在C#中使用,在Java.Phtyon.C++ 中都有使用. ...
- NET程序的代码混淆、加壳与脱壳
通常我们通过代码混淆.加密的形式达到软件保护的目的.在Web开发里我们接触过的可能就是JS代码加密了,可以通过对JS代码进行混淆.加密从而实现对核心JS代码的保护.如果没有接触过的可以在这里简单了解一 ...
- loj6271 「长乐集训 2017 Day10」生成树求和 加强版(矩阵树定理,循环卷积)
loj6271 「长乐集训 2017 Day10」生成树求和 加强版(矩阵树定理,循环卷积) loj 题解时间 首先想到先分开三进制下每一位,然后每一位分别求结果为0,1,2的树的个数. 然后考虑矩阵 ...
- Ribbon负载均衡能干什么?
(1)将用户的请求平摊的分配到多个服务上 (2)集中式LB即在服务的消费方和提供方之间使用独立的LB设施(可以是硬件,如F5, 也可以是软件,如nginx), 由该设施负责把访问请求通过某种策略转发至 ...
- Oracle入门基础(二)一一过滤和排序
SQL> --查询10号部门的员工 SQL> select * from emp where deptno=10; EMPNO ENAME JOB MGR HIREDATE SAL COM ...
- String 和 StringBuilder、StringBuffer 的区别?
Java 平台提供了两种类型的字符串:String 和 StringBuffer/StringBuilder,它 们可以储存和操作字符串.其中 String 是只读字符串,也就意味着 String 引 ...
- java中的ThreadLocal-learning
为什么需要ThreadLocal 多个线程对一个变量进行写入的时候,为了保证线程安全,一般使用者在访问共享变量的时候需要进行额外的同步措施才能保证线程安全性. 而线程安全是指 当多个线程访问某个方法时 ...