这篇博文很重要,出现这个问题导致pod之间无法通讯,pod无法连接外网。

出现的问题是二进制方式安装了节点之后, tunl0没有显示,通过ifconfig tunl0 up 启动tunl0  没有意义,只有通过 calico 启动ipip模式,自动分配ip 才能解决这个问题 , 如果tunl0,没有分配到ip,也就意味着他不能跟其他pod通讯,在该node上创建的pod内部不能访问外网。

所以重点就是要解决tunl0,为什么没有启用和分配到集群的ip问题。是本文的重点


本机安装环境

k8s节点是通过二进制方式安装。

[root@ht22 calico]# cat /etc/redhat-release
CentOS Linux release 7.9.2009 (Core)

[root@ht22 calico]# uname -r
3.10.0-1160.45.1.el7.x86_64

[root@ht22 calico]# docker -v
Docker version 18.03.0-ce, build 0520e24

[root@ht22 calico]# docker -v
Docker version 18.03.0-ce, build 0520e24

[root@ht22 calico]# ifconfig

cali1e4a9cee8dc: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500ether ee:ee:ee:ee:ee:ee txqueuelen 0 (Ethernet)RX packets 568108 bytes 328205511 (313.0 MiB)RX errors 0 dropped 0 overruns 0 frame 0TX packets 568108 bytes 328205511 (313.0 MiB)TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

docker0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500inet 172.17.0.1 netmask 255.255.0.0 broadcast 172.17.255.255ether 02:42:83:9e:06:86 txqueuelen 0 (Ethernet)RX packets 0 bytes 0 (0.0 B)RX errors 0 dropped 0 overruns 0 frame 0TX packets 0 bytes 0 (0.0 B)TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

ens192: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500inet 10.129.51.204 netmask 255.255.255.0 broadcast 10.129.51.255ether 06:34:a0:00:0b:81 txqueuelen 1000 (Ethernet)RX packets 401212 bytes 136527652 (130.2 MiB)RX errors 0 dropped 0 overruns 0 frame 0TX packets 207123 bytes 197287098 (188.1 MiB)TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

ens224: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500inet 10.129.53.204 netmask 255.255.255.0 broadcast 10.129.53.255ether 06:0f:2e:00:0d:03 txqueuelen 1000 (Ethernet)RX packets 35636 bytes 2139100 (2.0 MiB)RX errors 0 dropped 0 overruns 0 frame 0TX packets 11 bytes 1421 (1.3 KiB)TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536inet 127.0.0.1 netmask 255.0.0.0loop txqueuelen 1000 (Local Loopback)RX packets 568108 bytes 328205511 (313.0 MiB)RX errors 0 dropped 0 overruns 0 frame 0TX packets 568108 bytes 328205511 (313.0 MiB)TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

tunl0: flags=193<UP,RUNNING,NOARP> mtu 1440tunnel txqueuelen 1000 (IPIP Tunnel)

RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

解决方式如下:

[root@ht22 calico]# docker rm -f calico-node

[root@ht5 calico]# docker ps | grep calico-node1effd55ba758 quay.io/calico/node:v3.1.0 "start_runit" 5 minutes ago Up 5 minutes calico-noded8aefa455a37 9f355e076ea7 "/install-cni.sh" 2 months ago Up 2 months k8s_install-cni_calico-node-ld4pd_kube-system_249f9a81-1c3d-11ec-9a8a-065c62000e9f_1691f562030f4 k8s.gcr.io/pause-amd64:3.0 "/pause" 2 months ago Up 2 months k8s_POD_calico-node-ld4pd_kube-system_249f9a81-1c3d-11ec-9a8a-065c62000e9f_1

进入到calico安装目录

[root@ht22 calico]# lltotal 392880drwxr-xr-x 2 root root 4096 Nov 26 20:38 calico-rw-r--r-- 1 root root 11829 Sep 26 2019 calico.example.yaml-rw-r--r-- 1 root root 2483 Feb 17 11:33 calico-node.service.sh-rw-r--r-- 1 root root 277872640 Nov 26 20:38 caliconode.v3.1.0.tar-rw-r--r-- 1 root root 1081 Nov 26 20:38 calico.sh-rw-r--r-- 1 root root 19389 Sep 26 2019 calico.yaml-rw-r--r-- 1 root root 69124608 Nov 26 20:38 cni.v3.1.3.tar-rw-r--r-- 1 root root 55256576 Nov 26 20:38 kube-controllers.v3.1.3.tar-rw-r--r-- 1 root root 1247 Nov 26 20:38 rbac.yaml

//删除前

[root@ht5 calico]# docker ps | grep calico-node1effd55ba758 quay.io/calico/node:v3.1.0 "start_runit" 5 minutes ago Up 5 minutes calico-noded8aefa455a37 9f355e076ea7 "/install-cni.sh" 2 months ago Up 2 months k8s_install-cni_calico-node-ld4pd_kube-system_249f9a81-1c3d-11ec-9a8a-065c62000e9f_1691f562030f4 k8s.gcr.io/pause-amd64:3.0 "/pause" 2 months ago Up 2 months k8s_POD_calico-node-ld4pd_kube-system_249f9a81-1c3d-11ec-9a8a-065c62000e9f_1

//删除后

[root@ht22 calico]# docker ps | grep calico-node2f6942eaad74 9f355e076ea7 "/install-cni.sh" 9 hours ago Up 9 hours k8s_install-cni_calico-node-r92zw_kube-system_5e332799-8f14-11ec-b44a-060eb4000e9d_127dfc117821e k8s.gcr.io/pause-amd64:3.0 "/pause" 9 hours ago Up 9 hours k8s_POD_calico-node-r92zw_kube-system_5e332799-8f14-11ec-b44a-060eb4000e9d_1

//重新安装,整个过程就是

[root@ht22 calico]# docker rm -f calico-node//进入到k8snode安装包,进入calico目录[root@ht22 calico]# sh calico-node.service.sh [root@ht22 calico]# systemctl daemon-reload[root@ht22 calico]# systemctl start calico-node[root@ht22 calico]# ifconfig

cali1e4a9cee8dc: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500ether ee:ee:ee:ee:ee:ee txqueuelen 0 (Ethernet)RX packets 569135 bytes 328540747 (313.3 MiB)RX errors 0 dropped 0 overruns 0 frame 0TX packets 569135 bytes 328540747 (313.3 MiB)TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

docker0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500inet 172.17.0.1 netmask 255.255.0.0 broadcast 172.17.255.255ether 02:42:83:9e:06:86 txqueuelen 0 (Ethernet)RX packets 0 bytes 0 (0.0 B)RX errors 0 dropped 0 overruns 0 frame 0TX packets 0 bytes 0 (0.0 B)TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

ens192: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500inet 10.129.51.204 netmask 255.255.255.0 broadcast 10.129.51.255ether 06:34:a0:00:0b:81 txqueuelen 1000 (Ethernet)RX packets 408912 bytes 139184171 (132.7 MiB)RX errors 0 dropped 0 overruns 0 frame 0TX packets 211608 bytes 202926820 (193.5 MiB)TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

ens224: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500inet 10.129.53.204 netmask 255.255.255.0 broadcast 10.129.53.255ether 06:0f:2e:00:0d:03 txqueuelen 1000 (Ethernet)RX packets 35741 bytes 2145400 (2.0 MiB)RX errors 0 dropped 0 overruns 0 frame 0TX packets 11 bytes 1421 (1.3 KiB)TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536inet 127.0.0.1 netmask 255.0.0.0loop txqueuelen 1000 (Local Loopback)RX packets 569135 bytes 328540747 (313.3 MiB)RX errors 0 dropped 0 overruns 0 frame 0TX packets 569135 bytes 328540747 (313.3 MiB)TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

tunl0: flags=193<UP,RUNNING,NOARP> mtu 1440inet 172.17.31.0 netmask 255.255.255.255tunnel txqueuelen 1000 (IPIP Tunnel)RX packets 0 bytes 0 (0.0 B)RX errors 0 dropped 0 overruns 0 frame 0TX packets 0 bytes 0 (0.0 B)TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

附 [root@ht22 calico]# cat calico-node.service.sh

K8S_MASTER_IP="这里是master ip"HOSTNAME='本机hostname'#HOSTNAME=`cat /etc/hostname`ETCD_ENDPOINTS="https://10.121.5.11:2379,https://10.121.5.12:2379"

cat > /lib/systemd/system/calico-node.service <<EOF[Unit]Description=calico nodeAfter=docker.serviceRequires=docker.service

[Service]User=rootEnvironment=ETCD_ENDPOINTS=${ETCD_ENDPOINTS}PermissionsStartOnly=trueExecStart=/usr/bin/docker run --net=host --privileged --name=calico-node \\-e ETCD_ENDPOINTS=\${ETCD_ENDPOINTS} \\-e ETCD_CA_CERT_FILE=/etc/etcd/ssl/etcd-root-ca.pem \\-e ETCD_CERT_FILE=/etc/etcd/ssl/etcd.pem \\-e ETCD_KEY_FILE=/etc/etcd/ssl/etcd-key.pem \\-e NODENAME=${HOSTNAME} \\-e IP= \\-e IP_AUTODETECTION_METHOD=can-reach=${K8S_MASTER_IP} \\-e AS=64512 \\-e CLUSTER_TYPE=k8s,bgp \\-e CALICO_IPV4POOL_CIDR=172.17.0.0/16 \\-e CALICO_IPV4POOL_IPIP=always \\-e CALICO_LIBNETWORK_ENABLED=true \\-e CALICO_NETWORKING_BACKEND=bird \\-e CALICO_DISABLE_FILE_LOGGING=true \\-e FELIX_IPV6SUPPORT=false \\-e FELIX_DEFAULTENDPOINTTOHOSTACTION=ACCEPT \\-e FELIX_LOGSEVERITYSCREEN=info \\-e FELIX_IPINIPMTU=1440 \\-e FELIX_HEALTHENABLED=true \\-e CALICO_K8S_NODE_REF=${HOSTNAME} \\-v /etc/calico/etcd-root-ca.pem:/etc/etcd/ssl/etcd-root-ca.pem \\-v /etc/calico/etcd.pem:/etc/etcd/ssl/etcd.pem \\-v /etc/calico/etcd-key.pem:/etc/etcd/ssl/etcd-key.pem \\-v /lib/modules:/lib/modules \\-v /var/lib/calico:/var/lib/calico \\-v /var/run/calico:/var/run/calico \\quay.io/calico/node:v3.1.0ExecStop=/usr/bin/docker rm -f calico-nodeRestart=alwaysRestartSec=10

[Install]WantedBy=multi-user.targetEOF

//我们在查看下

[root@ht22 calico]# route -n

Kernel IP routing tableDestination Gateway Genmask Flags Metric Ref Use Iface0.0.0.0 10.129.51.1 0.0.0.0 UG 0 0 0 ens19210.121.51.0 0.0.0.0 255.255.255.0 U 0 0 0 ens19210.121.53.0 0.0.0.0 255.255.255.0 U 100 0 0 ens224169.254.0.0 0.0.0.0 255.255.0.0 U 1002 0 0 ens192172.17.0.0 0.0.0.0 255.255.0.0 U 0 0 0 docker0172.17.9.128 10.128.51.14 255.255.255.192 UG 0 0 0 tunl0172.17.23.128 10.129.52.191 255.255.255.192 UG 0 0 0 tunl0172.17.23.192 10.129.55.113 255.255.255.192 UG 0 0 0 tunl0172.17.27.64 10.129.55.112 255.255.255.192 UG 0 0 0 tunl0172.17.31.0 0.0.0.0 255.255.255.192 U 0 0 0 *172.17.50.192 10.129.55.111 255.255.255.192 UG 0 0 0 tunl0172.17.157.0 10.128.51.12 255.255.255.192 UG 0 0 0 tunl0172.17.168.0 10.129.52.193 255.255.255.192 UG 0 0 0 tunl0172.17.216.64 10.129.52.192 255.255.255.192 UG 0 0 0 tunl0172.17.246.64 10.128.51.11 255.255.255.192 UG 0 0 0 tunl0

//tunl0 出现,否则这里也不会出现tunl0信息。

注意: 最后一步就是所有在其上的pod都要重新创建,否则还是网络不了外网。

修复tunl0-二进制安装calico的更多相关文章

  1. 8、二进制安装K8s之部署CIN网络

    二进制安装K8s之部署CIN网络 部署CIN网络可以使用flannel或者calico,这里介绍使用calico ecd 方式部署. 1.下载calico二进制安装包 创建所需目录 mkdir -p ...

  2. 1、二进制安装K8s 之 环境准备

    二进制安装K8s 之 环境准备 1.系统&软件 序号 设备\系统 版本 1 宿主机 MacBook Pro 11.4 2 系统 Centos 7.8 3 虚拟机 Parallels Deskt ...

  3. ubuntu14.04下简易二进制安装mysql

    下载mysql-commnunity的5.6.24通用二进制版 tar解压 我安装到/opt目录,所以mv到/opt/ 可选,建了个软链 ln -s *** mysql 添加运行mysql服务的用户和 ...

  4. mysql5.6 通用二进制安装

    mysql5.6 通用二进制安装: #卸载原有的mysqlyum remove mysql*ls /etc/my.cnf*mv /etc/my.cnf* /tmp/ #安装依赖包yum install ...

  5. CentOS 6.2 二进制安装apache2.4.3出现configure: error: APR-util not found. Please read the documentation的解决方

    CentOS 6.2 二进制安装apache2.4.3出现configure: error: APR-util not found. Please read the documentation的解决方 ...

  6. CentOS6+MySQL5.6二进制安装

    一般我们安装mysql采用二进制安装的方式就足以满足我们的生产环境了,不过需要我们配置my.cnf文件 从官网下载二进制MySQL,选择Linux-Generic,最后这两个是二进制包 http:// ...

  7. Mysql的二进制安装和基础入门操作

    前言:Mysql数据库,知识非常的多,要想学精学通这块知识,估计也要花费和学linux一样的精力和时间.小编也是只会些毛皮,给大家分享一下~ 一.MySQL安装 (1)安装方式: 1 .程序包yum安 ...

  8. centos 7.3二进制安装mariadb10.2.8完美步骤

    (1)在centos7系统上,yum info mariadb可以找到提供mariadb包的官方网站,在到官方网站下载最新的mariadb包,然后rz到linux系统上去 (2)准备用户 1.user ...

  9. Linux中MySQL5.6编译安装与MySQL5.7二进制安装步骤

    首先,介绍一下MySQL的几种安装方式 1.RPM.Yum 的安装方式:安装方便.安装速度快,无法定制 2.二进制:不需要安装,解压即可使用,不能定制功能 3.编译安装:可定制,安装慢. 编译安装中需 ...

  10. Centos7 二进制安装 Kubernetes 1.13

    目录 1.目录 1.1.什么是 Kubernetes? 1.2.Kubernetes 有哪些优势? 2.环境准备 2.1.网络配置 2.2.更改 HOSTNAME 2.3.配置ssh免密码登录登录 2 ...

随机推荐

  1. LGP4463题解

    这玩意儿怎么看上去就很经典啊( 哦互不相同啊,那没事了( 考虑一个 \(\rm DP\).由于限制了互不相同,那么我们考虑从值域开始想. 设 \(dp_{n,k}\) 为在 \([1,n]\) 中选了 ...

  2. eclipse中的项目如何打成war包

    war包即Web归档文件,将Web项目打成war包可以直接拷贝到Web服务器发布目录(例如Tomcat服务器webapps目录 ),当Tomcat启动后该压缩文件自动解压,war包方便了web工程的发 ...

  3. Cobalt Strike之LINK木马

    在同一目录下 新建一个exp.ps1 一个test.txt exp.ps1代码 $file = Get-Content "test.txt" $WshShell = New-Obj ...

  4. Knife4j 注解详谈

    Controller层添加注解 @Api:用于类:表示标识这个类是swagger的资源 属性名称 数据类型   默认值  说明  value      String  ""  字段 ...

  5. 有关电控制图软件EPLAN的安装,下面有破解版本2.7

    前段时间刚刚接触这一块,就安装个软件老是出问题,所以我通过自己的努力学会啦,来给正要学习EPLAN的同学发福利啦 15:07:48 安装包发放在百度网盘来自取呀  建议安装我勾选的这个哦 链接:htt ...

  6. Material Design with the Android Design Support Library

    Material Design with the Android Design Support Library 原文http://www.sitepoint.com/material-design-a ...

  7. Ajax的乱码解决问题?

    Javascript是使用UTF-8国际编码,即每个汉字用4个字节来存储,这就造成了用AJAX来send数据的时候出现会乱码. Ajax乱码产生主要有2个原因 1. XMLHttpRequest返回的 ...

  8. Files的常用方法都有哪些?

    Files. exists():检测文件路径是否存在.Files. createFile():创建文件.Files. createDirectory():创建文件夹.Files. delete():删 ...

  9. JavaScript使用原型链实现继承

    JavaScript实现继承的思想: 一句话总结,让子类的原型等于父类的实例. 详细来说,其实利用了原型的性质即在JavaScript中所有被实例化对象具有相同的原型属性和方法,每一个被实例化对象的原 ...

  10. Springmvc入门基础(三) ---与mybatis框架整合

    1.创建数据库springmvc及表items,且插入一些数据 DROP TABLE IF EXISTS `items`; CREATE TABLE `items` ( `id` int(11) NO ...