离线安装calico V3.28.1
- 去github上面下载自己所需的calico离线包,项目地址:
https://github.com/projectcalico/calico (下载3.28.1)
-
假设要安装最新版本v3.28.1,首先可以下载这个版本的calico.yaml,具体命令是
curl -O -L https://raw.githubusercontent.com/projectcalico/calico/v3.28.1/manifests/calico.yaml -
下载完成之后可以通过calico.yaml查看需要安装哪些离线包,命令是:
$ cat calico.yaml | grep image
image: docker.io/calico/cni:v3.28.1
imagePullPolicy: IfNotPresent
image: docker.io/calico/cni:v3.28.1
imagePullPolicy: IfNotPresent
image: docker.io/calico/node:v3.28.1
imagePullPolicy: IfNotPresent
image: docker.io/calico/node:v3.28.1
imagePullPolicy: IfNotPresent
image: docker.io/calico/kube-controllers:v3.28.1
imagePullPolicy: IfNotPresent -
通过上述命令,查看到需要安装calico-cni.tar, calico-kube-controllers.tar 和 calico-node.tar三个包,然后需要将这三个包导入到k8s的命名空间中。
查询命名空间的命令是
$ sudo ctr namespace ls
NAME LABELS
default
k8s.io
moby
k8s的命名空间是k8s.io
5、使用导入命令将这三个包导入到k8s的命名空间中:
sudo ctr -n k8s.io images import calico-cni.tar
sudo ctr -n k8s.io images import calico-kube-controllers.tar
sudo ctr -n k8s.io images import calico-node.tar
-
导入之后就可以apply calico.yaml 文件了
kubectl apply -f calico.yaml -
导入之后查看calico的pod,发现calico和coredns已经起来了
$ kubectl get pods -n kube-system
NAME READY STATUS RESTARTS AGE
calico-kube-controllers-8d76c5f9b-brv86 1/1 Running 0 22h
calico-node-hxks2 1/1 Running 0 22h
coredns-66f779496c-9hqsx 1/1 Running 0 23h
coredns-66f779496c-rcc74 1/1 Running 0 23h
etcd-kevin-pc 1/1 Running 4 (28m ago) 23h
kube-apiserver-kevin-pc 1/1 Running 4 (28m ago) 23h
kube-controller-manager-kevin-pc 1/1 Running 4 (28m ago) 23h
kube-proxy-gglh4 1/1 Running 1 (28m ago) 23h
kube-scheduler-kevin-pc 1/1 Running 4 (28m ago) 23h
至此安装完成。
另:如果是node节点加入集群,先在master1上打印加入集群的命令 kubeadm token create --print-join-command,然后在node1上执行,执行后node节点会出现找不到pause3.9和cni插件镜像,手动导入即可。另外如果日志报错node节点使用IP地址冲突(root@master1:~# kubectl logs -n kube-system calico-node-xj9k2 -c calico-node 2025-06-10 03:04:45.341 [INFO][9] startup/startup.go 431: Early log level set to info 2025-06-10 03:04:45.342 [INFO][9] startup/utils.go 126: Using NODENAME environment for node name node1 2025-06-10 03:04:45.342 [INFO][9] startup/utils.go 138: Determined node name: node1 2025-06-10 03:04:45.342 [INFO][9] startup/startup.go 95: Starting node node1 with version v3.28.1 2025-06-10 03:04:45.342 [INFO][9] startup/startup.go 436: Checking datastore connection 2025-06-10 03:04:45.348 [INFO][9] startup/startup.go 460: Datastore connection verified 2025-06-10 03:04:45.349 [INFO][9] startup/startup.go 105: Datastore is ready 2025-06-10 03:04:45.353 [WARNING][9] startup/winutils.go 150: Neither --kubeconfig nor --master was specified. Using the inClusterConfig. This might not work. 2025-06-10 03:04:45.358 [INFO][9] startup/startup.go 489: Initialize BGP data 2025-06-10 03:04:45.358 [INFO][9] startup/autodetection_methods.go 103: Using autodetected IPv4 address on interface nerdctl0: 10.4.0.1/24 2025-06-10 03:04:45.358 [INFO][9] startup/startup.go 565: Node IPv4 changed, will check for conflicts 2025-06-10 03:04:45.360 [WARNING][9] startup/startup.go 1002: Calico node 'master1' is already using the IPv4 address 10.4.0.1. 2025-06-10 03:04:45.360 [INFO][9] startup/startup.go 395: Clearing out-of-date IPv4 address from this node IP="10.4.0.1/24" 2025-06-10 03:04:45.365 [WARNING][9] startup/utils.go 48: Terminating Calico node failed to start root@master1:~#) 因node1 的物理网卡 eth0 的 IP 地址是 10.0.12.4/22,而 Calico 错误地选择了 10.4.0.1/24(来自 nerdctl0 接口)作为节点 IP,导致与 master1 冲突。
解决办法:在 master1 上编辑 Calico DaemonSet,明确指定使用 eth0 接口:
1、kubectl edit daemonset -n kube-system calico-node
2、添加以下内容
name: IP_AUTODETECTION_METHOD
value: "interface=eth0"
2、pod会自动重建,重建后查看日志显示
master1无法与node1的IP建立BGP连接
node1无法与master1的IP建立BGP连接,
3、在腾讯云后台,分别开放两台机器的179,4789端口,Pod ready!!!
查看node calico版本
1、kubectl get pods -n kube-system | grep calico
2、kubectl exec -it -n kube-system
3、在powershell里运行 calico-node -v
浙公网安备 33010602011771号