Kubernetes Cilium网络组件和CoreDNS配置
1.部署helm网络组件
wget https://mirrors.huaweicloud.com/helm/v3.15.2/helm-v3.15.2-linux-amd64.tar.gz tar -zxvf helm-v3.15.2-linux-amd64.tar.gz cp linux-amd64/helm /usr/bin/ # helm version version.BuildInfo{Version:"v3.15.2", GitCommit:"1a500d5625419a524fdae4b33de351cc4f58ec35", GitTreeState:"clean", GoVersion:"go1.22.4"}
2.添加cilium安装源并下载安装包
# 添加安装源 helm repo add cilium https://helm.cilium.io # 下载安装包,运行pull命令后会获得最新版cilium的tar包 helm pull cilium/cilium tar -xvf cilium-*.tar # 修改image为国内源 sed -i "s#quay.io/#m.daocloud.io/quay.io/#g" cilium/values.yaml
3 在master节点上安装cilium
# helm install cilium ./cilium/ \ --namespace kube-system \ --set hubble.relay.enabled=false \ --set hubble.ui.enabled=false \ --set prometheus.enabled=true \ --set operator.prometheus.enabled=true \ --set hubble.enabled=true \ --set hubble.metrics.enabled="{dns,drop,tcp,flow,port-distribution,icmp,http}" 注:如需开启IPv6可添加--set ipv6.enabled=true参数
4 查看pod以及crd
# kubectl get apiservices.apiregistration.k8s.io NAME SERVICE AVAILABLE AGE v1. Local True 136d v1.admissionregistration.k8s.io Local True 136d v1.apiextensions.k8s.io Local True 136d v1.apps Local True 136d v1.authentication.k8s.io Local True 136d v1.authorization.k8s.io Local True 136d v1.autoscaling Local True 136d
5 在master节点,上将hubble-ui修改为NodePort访问
# kubectl edit svc hubble-ui -n kube-system # kubectl get svc -A | grep hubble kube-system hubble-metrics ClusterIP None <none> 9965/TCP 5h1m kube-system hubble-peer ClusterIP 10.66.180.91 <none> 443/TCP 5h1m kube-system hubble-relay ClusterIP 10.66.79.186 <none> 80/TCP 5h1m kube-system hubble-ui NodePort 10.66.91.101 <none> 80:32093/TCP
摘自:https://www.cnblogs.com/cn-jasonho/p/18281134
浙公网安备 33010602011771号