minikube配置CRI-O作为runtime并指定flannel插件
使用crio作为runtime后,容器的启动将不依赖docker相关的组件,容器进程更加简洁。如下使用crio作为runtime启动一个nginx的进程信息如下:根进程(1)->conmon->nginx。conmon作用于crio和runc(OCI实现)之间,用于在crio启动容器后托管容器,更多参见conmon root 15586 1 0 16:49 ? 00:00 /usr/local/bin/conmon --syslog -c a4f089f6b251c6269e2f79c41cec0317f4a65729b6075c77bbf4337206050501 -n k8s_nginx-test_nginx-test-24cjg_default_55bbcfe7-d63c-468b-bbcc-35a8b6c71eb9 root 15609 15586 00 nginx: master process nginx -g daemon off; ? 安装minikube 安装cri-o(以下步骤来自官方文档):
yum install -y btrfs-progs-devel containers-common device-mapper-devel git glib2-devel glibc-static go gpgme-devel libassuan-devel libgpg-error-devel libseccomp-devel libselinux-devel pkgconfig runc
git clone https://github.com/cri-o/cri-o # or your fork cd cri-o make sudo make install
git clone https:github.com/containers/conmon cd conmon make sudo make install crio的配置文件默认为/etc/crio/crio.conf,可以通过命令crio config --default > /etc/crio/crio.conf来生成默认配置文件。 设置CNI网络(以下步骤来自官方文档) git clone https:github.com/containernetworking/plugins cd plugins git checkout v0.8.1 ./build_linux.sh # or build_windows.sh sudo mkdir -p /opt/cni/bin sudo cp bin/* /opt/cni/bin/
启动CRI-O
sudo make install.systemd sudo systemctl daemon-reload sudo systemctl enable crio sudo systemctl start crio 使用crio-status命令
安装CRI-O命令行工具crictl
# go get github.com/kubernetes-sigs/cri-tools/cmd/crictl
# cat /etc/crictl.yaml runtime-endpoint: unix:var/run/crio/crio.sock image-endpoint: unix:var/run/crio/crio.sock 启动minikube并配置使用CRI-O minikube start --container-runtime=cri-o --vm-driver=none crictl简单使用 在启动minikube之后会启动相关组件pod,使用circtl ps可以看到相关的容器信息,最后一列为POD ID。更多参见crictl [root@iZj6cid8uez7g44i1t0k7tZ net.d]# crictl ps CONTAINER IMAGE CREATED STATE NAME ATTEMPT POD ID b69e8be1ef2b0 gcr.io/k8s-minikube/storage-provisioner@sha256:088daa9fcbccf04c3f415d77d5a6360d2803922190b675cb7fc88a9d2d91985a About an hour ago Running storage-provisioner 282d5beebf847 dd57045952649 bf261d157914477ee1a5969d28ec687f3fbfc9fb5a664b22df78e57023b0e03b About an hour ago Running coredns 4f7a8f3cac5c4 a9df5247ede0f bf261d157914477ee1a5969d28ec687f3fbfc9fb5a664b22df78e57023b0e03b About an hour ago Running coredns 6448effa2f7cd dc1027c8d94c5 c21b0c7400f988db4777858edd13b6d3930d62d7ccf026d2415485a52037f384 About an hour ago Running kube-proxy 0436f736f2a4a 25cb103bc2e1e k8s.gcr.io/kube-addon-manager@sha256:3e315022a842d782a28e729720f21091dde21f1efea28868d65ec595ad871616 About an hour ago Running kube-addon-manager 85ceee77c5c70 cf7378a82993d 301ddc62b80b16315d3c2653cf3888370394277afb3187614cfa20edc352ca0a About an hour ago Running kube-scheduler baf3c10a81831 60d9bcf7a4b83 06a629a7e51cdcc81a5ed6a3e6650348312f20c954ac52ee489a023628ec9c7d About an hour ago Running kube-controller-manager 877a92f202a5f 7a67b324cd8c7 b2756210eeabf84f3221da9959e9483f3919dc2aaab4cd45e7cd072fcbde27ed About an hour ago Running etcd 74fe384e1645b 355ba11ac783f b305571ca60a5a7818bda47da122683d75e8a1907475681ee8b1efbd06bff12e About an hour ago Running kube-apiserver 0 d112f1dc64113 使用crictl inspect CONTAINER_ID可以查看容器的详细信息,使用circtl inspect POD_ID查看pod的详细信息。crictl inspect CONTAINER_ID|grep sandboxId出来的值就是该容器对应的pod的POD_ID。 ?配置使用flannel插件 使用如下方式启动minikube minikube start --extra-config=controller-manager.allocate-node-cidrs=true --extra-config=controller-manager.cluster-cidr=10.233.64.0/18 --extra-config=kubelet.network-plugin=cni --extra-config=kubelet.pod-cidr= --network-plugin=cni --container-runtime=cri-o --vm-driver=none 按照官方命令安装flannel插件,并查看coredns是否正常启动(cni启动之前coredns处于pending状态)。执行下面命令前需要确保/etc/cni/net.d/为空(flannel自动生成)或配置文件正确,否则会有错误 kubectl apply -f https:raw.githubusercontent.com/coreos/flannel/2140ac876ef134e0ed5af15c65e414cf26827915/Documentation/kube-flannel.yml
如果coredns出现如下错误,说明/etc/cni/net.d/中的配置文件版本字段错误,可以参考flannel官方配置,将cniVersion字段修改为"0.3.1",这样coredns稍后会正常启动。使用crictl inspectp POD_ID可以看到network设置为minikube启动参数--extra-config=kubelet.pod-cidr指定的值 cannot convert version ["" "0.1.0" 0.2.0"] to 0.4.0 正常启动后可以在/run/flannel/subnet.env中看到配置的flannel信息, # cat /run/flannel/subnet.env FLANNEL_NETWORK=10.244.0.0/16 FLANNEL_SUBNET=64.1/24 FLANNEL_MTU=1450 FLANNEL_IPMASQ=true 查看本地接口,可以看到flannel接口创建成功,后续新创建的pod将使用flannel网络 ]# ip link 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000 link/loopback 00 brd 00 2: eth0: <BROADCAST,MULTICAST,1)">1500 qdisc pfifo_fast state UP mode DEFAULT group link/ether 16:3e:04:eb:0e brd ff:ff:ff:ff:ff:ff 3: mybridge: <NO-CARRIER,BROADCAST,UP> mtu 1500 qdisc noqueue state DOWN mode DEFAULT group link/ether 0a:be:69:1e:02:70 brd ff:ff:ff:ff:ff:ff 7: flannel.1: <BROADCAST,1)">1450 qdisc noqueue state UNKNOWN mode DEFAULT group default06:66:cd:4f:d2:9a brd ff:ff:ff:ff:ff:ff 8: cni0: <BROADCAST,1)">1450 qdisc noqueue state UP mode DEFAULT group 85:cf:25:dd brd ff:ff:ff:ff:ff:ff 301: veth1b2b30e0@if3: <BROADCAST,1)">1450 qdisc noqueue master cni0 state UP mode DEFAULT group link/ether 8e:47:4b:b8:10:be brd ff:ff:ff:ff:ff:ff link-netnsid 0 302: veth2147d829@if3: <BROADCAST,1)"> link/ether fa:3f:fe:5d:91:82 brd ff:ff:ff:ff:ff:ff link-netnsid 1 303: veth54baeef4@if3: <BROADCAST,1)"> link/ether 9a:99:0f:82:ff:34 brd ff:ff:ff:ff:ff:ff link-netnsid 2 ?flannel原理如下 ?flannel支持Vxlan,Host-gw和UDP模式,其中UDP一般用于debug模式,可在kube-system命名空间的configmap kube-flannel-cfg中查看flannel的运行模式。更多参见官方文档 TIPS:
参考:
(编辑:李大同) 【声明】本站内容均来自网络,其相关言论仅代表作者个人观点,不代表本站立场。若无意侵犯到您的权利,请及时与联系站长删除相关内容! |
- Docker:从私人GitHub仓库获取
- scala – 播放应用程序中使用的SBT Coverage“exclude”
- angularJS file-up-load上传图片
- Google系统管理员的技巧分享与碎碎念
- Ag-grid和Angular2使用angular-cli
- 基于Node(bootstrap+ejs+express+formidable+fs-extra)制
- scala – 作为集合的“包装器”类的案例类.那么map / foldL
- python – Docker烧瓶应用程序环境变量
- Holder的使用
- twitter-bootstrap-3 – 一些bootstrap3 glyphicons不起作用