calico網絡 包含 overlay 和 underlay網絡
overlay IPIP和VXLAN模式, IPIP可以使用BGP協議, VXLAN不能使用BGP協議, 可以跨網段,建立隧道
underlay BGP模式, 必須同一個C網
1、修改ippool,需要把ipipMode從Always修改成為Never(執行下面命令修改ipipMode)
[root@k8s-master1 target]# calicoctl get ippool default-ipv4-ippool -o yaml
[root@k8s-master-01 ~]# calicoctl get ippool default-ipv4-ippool -o yaml > ippool.yaml
apiVersion: projectcalico.org/v3
kind: IPPool
metadata:
creationTimestamp: "2022-06-15T01:37:22Z"
name: default-ipv4-ippool
resourceVersion: "906"
uid: c56b271d-6837-4087-90e5-879b9c033b55
spec:
allowedUses:
- Workload
- Tunnel
blockSize: 26
cidr: 192.168.0.0/16
ipipMode: Always
natOutgoing: true
nodeSelector: all()
vxlanMode: Never
#修改ippool.yaml 文件ipipmode: Always為 Never
[root@k8s-master-01 ~]# calicoctl apply -f ippool.yaml
1、修改ippool,需要把ipipMode從Always修改成為Never(執行下面命令修改ipipMode)
[root@k8s-master-01 ~]# calicoctl get ippool -o wide
NAME CIDR NAT IPIPMODE VXLANMODE ISABLED DISABLEBGPEXPORT SELECTOR
default-ipv4-ippool 192.168.0.0/16 true Never Never false false all()
2. 關閉 ipip模式, 定義asnumber 自治網絡號
cat << EOF | calicoctl create -f - apiVersion: projectcalico.org/v3 kind: BGPConfiguration metadata: name: default spec: logSeverityScreen: Info nodeToNodeMeshEnabled: false asNumber: 64512 EOF
3. 指定反射器地址
cat << EOF | calicoctl create -f - apiVersion: projectcalico.org/v3 kind: BGPPeer metadata: name: bgppeer-global-55 spec: peerIP: 192.168.15.1 asNumber: 64512 EOF
交換機配置
Calico 關閉 natOutgoing 配置
在 Dubbo 應用生產容器化過程中,生產環境 Zookeeper 對單個 IP 連接限制數比節點上 Pod 數小,導致節點上容器里的 Dubbo 應用經常會出現連接 Zookeeper 被拒絕的問題。再因為容器網絡和物理網絡已經打通,通過 calico 配置 natOutgoing 參數為 false,
[root@master1 ~]# kubectl edit ippool default-ipv4-ippool -o yaml
apiVersion: crd.projectcalico.org/v1 kind: IPPool metadata: name: default-ipv4-ippool spec: blockSize: 26 cidr: 192.168.56.0/24 ipipMode: Never natOutgoing: false nodeSelector: all() vxlanMode: Never
參考:
https://blog.csdn.net/M2l0ZgSsVc7r69eFdTj/article/details/106561069
https://www.cnblogs.com/dengcongcong/p/7066894.html