配置法兰绒以在 kubernetes 中使用非默认接口
configuring flannel to use a non default interface in kubernetes
有没有办法定义 Flannel 应该监听哪个接口?根据 his documentation 在 /etc/sysconfig/flanneld 中添加 FLANNEL_OPTIONS="--iface=enp0s8" 应该可以,但事实并非如此。
我的主节点配置是 运行 xenial(ubuntu 16.04) vagrant:
$ sudo kubeadm init --pod-network-cidr 10.244.0.0/16 --apiserver-advertise-address 10.0.0.10
$ kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
clusterrole "flannel" created
clusterrolebinding "flannel" created
serviceaccount "flannel" created
configmap "kube-flannel-cfg" created
daemonset "kube-flannel-ds" created
ubuntu@master:~$ kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/k8s-manifests/kube-flannel-rbac.yml
clusterrole "flannel" configured
clusterrolebinding "flannel" configured
主机 IP 地址:
$ ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 02:63:8e:2c:ef:cd brd ff:ff:ff:ff:ff:ff
inet 10.0.2.15/24 brd 10.0.2.255 scope global enp0s3
valid_lft forever preferred_lft forever
inet6 fe80::63:8eff:fe2c:efcd/64 scope link
valid_lft forever preferred_lft forever
3: enp0s8: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 08:00:27:fb:ad:bb brd ff:ff:ff:ff:ff:ff
inet 10.0.0.10/24 brd 10.0.0.255 scope global enp0s8
valid_lft forever preferred_lft forever
4: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default
link/ether 02:42:da:aa:6e:13 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 scope global docker0
valid_lft forever preferred_lft forever
5: flannel.1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc noqueue state UNKNOWN group default
link/ether 5e:07:a1:7f:97:53 brd ff:ff:ff:ff:ff:ff
inet 10.244.0.0/32 scope global flannel.1
valid_lft forever preferred_lft forever
inet6 fe80::5c07:a1ff:fe7f:9753/64 scope link
valid_lft forever preferred_lft forever
6: cni0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default qlen 1000
link/ether 0a:58:0a:f4:00:01 brd ff:ff:ff:ff:ff:ff
inet 10.244.0.1/24 scope global cni0
valid_lft forever preferred_lft forever
inet6 fe80::7037:fcff:fe41:b1fb/64 scope link
valid_lft forever preferred_lft forever
Pods 姓名:
$ kubectl get pods --all-namespaces
NAMESPACE NAME READY STATUS RESTARTS AGE
kube-system etcd-master 1/1 Running 0 2m
kube-system kube-apiserver-master 1/1 Running 0 2m
kube-system kube-controller-manager-master 1/1 Running 0 2m
kube-system kube-dns-545bc4bfd4-gjjth 0/3 ContainerCreating 0 3m
kube-system kube-flannel-ds-gdz8f 1/1 Running 0 1m
kube-system kube-flannel-ds-h4fd2 1/1 Running 0 33s
kube-system kube-flannel-ds-rnlsz 1/1 Running 1 33s
kube-system kube-proxy-d4wv9 1/1 Running 0 33s
kube-system kube-proxy-fdkqn 1/1 Running 0 3m
kube-system kube-proxy-kj7tn 1/1 Running 0 33s
kube-system kube-scheduler-master 1/1 Running 0 2m
法兰绒原木:
$ kubectl logs -n kube-system kube-flannel-ds-gdz8f -c kube-flannel
I1216 12:00:35.817207 1 main.go:474] Determining IP address of default interface
I1216 12:00:35.822082 1 main.go:487] Using interface with name enp0s3 and address 10.0.2.15
I1216 12:00:35.822335 1 main.go:504] Defaulting external address to interface address (10.0.2.15)
I1216 12:00:35.909906 1 kube.go:130] Waiting 10m0s for node controller to sync
I1216 12:00:35.909950 1 kube.go:283] Starting kube subnet manager
I1216 12:00:36.987719 1 kube.go:137] Node controller sync successful
I1216 12:00:37.087300 1 main.go:234] Created subnet manager: Kubernetes Subnet Manager - master
I1216 12:00:37.087433 1 main.go:237] Installing signal handlers
I1216 12:00:37.088836 1 main.go:352] Found network config - Backend type: vxlan
I1216 12:00:37.089018 1 vxlan.go:119] VXLAN config: VNI=1 Port=0 GBP=false DirectRouting=false
I1216 12:00:37.295988 1 main.go:299] Wrote subnet file to /run/flannel/subnet.env
I1216 12:00:37.296025 1 main.go:303] Running backend.
I1216 12:00:37.296048 1 main.go:321] Waiting for all goroutines to exit
I1216 12:00:37.296084 1 vxlan_network.go:56] watching for new subnet leases
如何在 kubernetes 中配置 flannel 以在 enp0s8 而不是 enp0s3 中监听?
最重要的是,您链接的文档页面上没有任何内容 /etc/sysconfig;这是一个非常旧的目录,不适合 systemd 或您实际使用的 kubernetes DaemonSet。此外,除非您将某些东西卷安装为 /etc/sysconfig,否则当您在容器中 运行 flannel 时,即使将该内容放入主机文件系统上的文件中也无济于事。
我认为成功的最短路径是将命令行标志添加到the flanneld argument list中,您可以通过kubectl --namespace=kube-system edit daemonset kube-flannel-ds轻松完成,更新container:声明,然后kubectl --namespace=kube-system delete pod -l app=flannel
我遇到了同样的问题,正在尝试使用 k8s 和 Vagrant。
我在 documentation of flannel:
中找到了这条注释
Vagrant typically assigns two interfaces to all VMs. The first, for
which all hosts are assigned the IP address 10.0.2.15, is for external
traffic that gets NATed.
This may lead to problems with flannel. By default, flannel selects
the first interface on a host. This leads to all hosts thinking they
have the same public IP address. To prevent this issue, pass the
--iface eth1 flag to flannel so that the second interface is chosen.
所以我在flannel的pod配置中寻找它。
如果您下载 kube-flannel.yml 文件,您应该查看 DaemonSet 规范,特别是 "kube-flannel" 容器。在那里,您应该添加所需的“--iface=enp0s8”参数(不要忘记“=”)。我用过的部分代码。
containers:
- name: kube-flannel
image: quay.io/coreos/flannel:v0.10.0-amd64
command:
- /opt/bin/flanneld
args:
- --ip-masq
- --kube-subnet-mgr
- --iface=enp0s8
然后运行kubectl apply -f kube-flannel.yml
希望有所帮助。
不直接知道 运行 "kubectl apply -f kube-flannel.yml" 在我这边不起作用,它仍然显示使用名称为 eth0 的接口。
在运行kubectl delete -f kube-flannel.yml然后kubectl apply -f kube-flannel.yml之后,显示使用eth1的接口:
I1122 11:31:44.405982 1 main.go:488] Using interface with name eth1 and address 192.168.0.24
I1122 11:31:44.406153 1 main.go:505] Defaulting external address to interface address (192.168.0.24)
I1122 11:31:44.428414 1 kube.go:131] Waiting 10m0s for node controller to sync
I1122 11:31:44.428552 1 kube.go:294] Starting kube subnet manager
I1122 11:31:45.429349 1 kube.go:138] Node controller sync successful
有没有办法定义 Flannel 应该监听哪个接口?根据 his documentation 在 /etc/sysconfig/flanneld 中添加 FLANNEL_OPTIONS="--iface=enp0s8" 应该可以,但事实并非如此。
我的主节点配置是 运行 xenial(ubuntu 16.04) vagrant:
$ sudo kubeadm init --pod-network-cidr 10.244.0.0/16 --apiserver-advertise-address 10.0.0.10
$ kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
clusterrole "flannel" created
clusterrolebinding "flannel" created
serviceaccount "flannel" created
configmap "kube-flannel-cfg" created
daemonset "kube-flannel-ds" created
ubuntu@master:~$ kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/k8s-manifests/kube-flannel-rbac.yml
clusterrole "flannel" configured
clusterrolebinding "flannel" configured
主机 IP 地址:
$ ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 02:63:8e:2c:ef:cd brd ff:ff:ff:ff:ff:ff
inet 10.0.2.15/24 brd 10.0.2.255 scope global enp0s3
valid_lft forever preferred_lft forever
inet6 fe80::63:8eff:fe2c:efcd/64 scope link
valid_lft forever preferred_lft forever
3: enp0s8: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 08:00:27:fb:ad:bb brd ff:ff:ff:ff:ff:ff
inet 10.0.0.10/24 brd 10.0.0.255 scope global enp0s8
valid_lft forever preferred_lft forever
4: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default
link/ether 02:42:da:aa:6e:13 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 scope global docker0
valid_lft forever preferred_lft forever
5: flannel.1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc noqueue state UNKNOWN group default
link/ether 5e:07:a1:7f:97:53 brd ff:ff:ff:ff:ff:ff
inet 10.244.0.0/32 scope global flannel.1
valid_lft forever preferred_lft forever
inet6 fe80::5c07:a1ff:fe7f:9753/64 scope link
valid_lft forever preferred_lft forever
6: cni0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default qlen 1000
link/ether 0a:58:0a:f4:00:01 brd ff:ff:ff:ff:ff:ff
inet 10.244.0.1/24 scope global cni0
valid_lft forever preferred_lft forever
inet6 fe80::7037:fcff:fe41:b1fb/64 scope link
valid_lft forever preferred_lft forever
Pods 姓名:
$ kubectl get pods --all-namespaces
NAMESPACE NAME READY STATUS RESTARTS AGE
kube-system etcd-master 1/1 Running 0 2m
kube-system kube-apiserver-master 1/1 Running 0 2m
kube-system kube-controller-manager-master 1/1 Running 0 2m
kube-system kube-dns-545bc4bfd4-gjjth 0/3 ContainerCreating 0 3m
kube-system kube-flannel-ds-gdz8f 1/1 Running 0 1m
kube-system kube-flannel-ds-h4fd2 1/1 Running 0 33s
kube-system kube-flannel-ds-rnlsz 1/1 Running 1 33s
kube-system kube-proxy-d4wv9 1/1 Running 0 33s
kube-system kube-proxy-fdkqn 1/1 Running 0 3m
kube-system kube-proxy-kj7tn 1/1 Running 0 33s
kube-system kube-scheduler-master 1/1 Running 0 2m
法兰绒原木:
$ kubectl logs -n kube-system kube-flannel-ds-gdz8f -c kube-flannel
I1216 12:00:35.817207 1 main.go:474] Determining IP address of default interface
I1216 12:00:35.822082 1 main.go:487] Using interface with name enp0s3 and address 10.0.2.15
I1216 12:00:35.822335 1 main.go:504] Defaulting external address to interface address (10.0.2.15)
I1216 12:00:35.909906 1 kube.go:130] Waiting 10m0s for node controller to sync
I1216 12:00:35.909950 1 kube.go:283] Starting kube subnet manager
I1216 12:00:36.987719 1 kube.go:137] Node controller sync successful
I1216 12:00:37.087300 1 main.go:234] Created subnet manager: Kubernetes Subnet Manager - master
I1216 12:00:37.087433 1 main.go:237] Installing signal handlers
I1216 12:00:37.088836 1 main.go:352] Found network config - Backend type: vxlan
I1216 12:00:37.089018 1 vxlan.go:119] VXLAN config: VNI=1 Port=0 GBP=false DirectRouting=false
I1216 12:00:37.295988 1 main.go:299] Wrote subnet file to /run/flannel/subnet.env
I1216 12:00:37.296025 1 main.go:303] Running backend.
I1216 12:00:37.296048 1 main.go:321] Waiting for all goroutines to exit
I1216 12:00:37.296084 1 vxlan_network.go:56] watching for new subnet leases
如何在 kubernetes 中配置 flannel 以在 enp0s8 而不是 enp0s3 中监听?
最重要的是,您链接的文档页面上没有任何内容 /etc/sysconfig;这是一个非常旧的目录,不适合 systemd 或您实际使用的 kubernetes DaemonSet。此外,除非您将某些东西卷安装为 /etc/sysconfig,否则当您在容器中 运行 flannel 时,即使将该内容放入主机文件系统上的文件中也无济于事。
我认为成功的最短路径是将命令行标志添加到the flanneld argument list中,您可以通过kubectl --namespace=kube-system edit daemonset kube-flannel-ds轻松完成,更新container:声明,然后kubectl --namespace=kube-system delete pod -l app=flannel
我遇到了同样的问题,正在尝试使用 k8s 和 Vagrant。 我在 documentation of flannel:
中找到了这条注释Vagrant typically assigns two interfaces to all VMs. The first, for which all hosts are assigned the IP address 10.0.2.15, is for external traffic that gets NATed.
This may lead to problems with flannel. By default, flannel selects the first interface on a host. This leads to all hosts thinking they have the same public IP address. To prevent this issue, pass the --iface eth1 flag to flannel so that the second interface is chosen.
所以我在flannel的pod配置中寻找它。 如果您下载 kube-flannel.yml 文件,您应该查看 DaemonSet 规范,特别是 "kube-flannel" 容器。在那里,您应该添加所需的“--iface=enp0s8”参数(不要忘记“=”)。我用过的部分代码。
containers:
- name: kube-flannel
image: quay.io/coreos/flannel:v0.10.0-amd64
command:
- /opt/bin/flanneld
args:
- --ip-masq
- --kube-subnet-mgr
- --iface=enp0s8
然后运行kubectl apply -f kube-flannel.yml
希望有所帮助。
不直接知道 运行 "kubectl apply -f kube-flannel.yml" 在我这边不起作用,它仍然显示使用名称为 eth0 的接口。
在运行kubectl delete -f kube-flannel.yml然后kubectl apply -f kube-flannel.yml之后,显示使用eth1的接口:
I1122 11:31:44.405982 1 main.go:488] Using interface with name eth1 and address 192.168.0.24
I1122 11:31:44.406153 1 main.go:505] Defaulting external address to interface address (192.168.0.24)
I1122 11:31:44.428414 1 kube.go:131] Waiting 10m0s for node controller to sync
I1122 11:31:44.428552 1 kube.go:294] Starting kube subnet manager
I1122 11:31:45.429349 1 kube.go:138] Node controller sync successful