-
Notifications
You must be signed in to change notification settings - Fork 15
How to install CNI Network plugin (Calico)
CNI is enabled in a kubernetes cluster CKE deployed. CKE does not install CNI plugins, you should install some CNI plugin manually.
This page describes how to install CNI plugin by taking Calico as an example.
Supported version:
- CKE: v0.8
- Calico: v3.2
Prepare a Cluster Configuration file.
Add the following option to your cluster configuration file.
options:
kubelet:
extra_binds:
- source: /var/lib/calico
destination: /var/lib/calicoLaunch CKE and set your cluster configuration.
Wait for Kubernetes deployment to complete.
Downloads rbac.yaml and calico.yaml from the following page.
https://docs.projectcalico.org/v3.2/getting-started/kubernetes/
Change calico-config in calico.yaml as following.
data:
etcd_endpoints: "https://`YOUR_ETCD_HOST`:2379"
etcd_ca: "/calico-secrets/etcd-ca"
etcd_cert: "/calico-secrets/etcd-cert"
etcd_key: "/calico-secrets/etcd-key"Remove calico-etcd-secrets resource in calico.yaml.
Issue etcd certificate files by ckecli command.
$ ckecli etcd user-add calico /
$ ckecli etcd issue -output=file calicoRename generated files as following.
$ mv calico-xxxxxxxxxxxxxxxx.ca etcd-ca
$ mv calico-xxxxxxxxxxxxxxxx.crt etcd-cert
$ mv calico-xxxxxxxxxxxxxxxx.key etcd-keyCreate a secret resource to kubernetes cluster using generated certificate files.
$ kubectl create secret generic calico-etcd-secrets --from-file=./etcd-ca --from-file=./etcd-key --from-file=./etcd-cert -n kube-systemDeploy Calico pods on kubernetes cluster.
$ kubectl create -f rbac.yaml
$ kubectl create -f calico.yamlCalico pods will be running.
$ /data/kubectl get pods -n kube-system
NAME READY STATUS RESTARTS AGE
calico-kube-controllers-d87c4bdc6-kjxrf 1/1 Running 0 54s
calico-node-7x5zn 2/2 Running 0 54s
calico-node-cmmzg 2/2 Running 0 54s
calico-node-fj6qc 2/2 Running 0 54s
calico-node-fxm4x 2/2 Running 0 54s
calico-node-xfmzm 2/2 Running 0 54s
calico-node-zkmc6 2/2 Running 0 54s