当前位置:网站首页>正在運行的Kubernetes集群想要調整Pod的網段地址
正在運行的Kubernetes集群想要調整Pod的網段地址
2022-07-07 11:29:00 【Jiangxl~】
正在運行的K8S集群調整Pod的網段地址
文章目錄
1.修改Pod網段地址的背景
使用sealos部署的K8S集群,默認的Pod網段是100.64.0.0/16,在私有化環境運行沒有任何問題,但是當集群部署在阿裏雲的ECS中之後,通過SLB七層負載K8S集群中的應用程序時,就會出現訪問异常的現象,數據包無法正常返回給SLB,經過與阿裏雲工程師的探討得知,SLB轉發的Proxy網段是100.64.0.0/16,與K8S Pod的網段地址沖突,從而可能產生網絡异常的現象。
2.當前K8S集群信息
[[email protected] ~]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
k8s-master Ready master 6m43s v1.19.16
k8s-node-1 Ready <none> 6m13s v1.19.16
k8s-node-2 Ready <none> 6m13s v1.19.16
當前的Pod網段地址是100網段,我們要將其調整為10.10.0.0/18。
3.先在K8S集群搭建一個Pod
先在K8S集群搭建一個Pod,觀察修改網段前後Pod是否可用。
1)資源編排文件
[[email protected]-master k8s]# cat nginx.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: nginx
name: nginx
namespace: default
spec:
replicas: 1
selector:
matchLabels:
app: nginx
template:
metadata:
labels:
app: nginx
spec:
containers:
- image: nginx
imagePullPolicy: Always
name: nginx
ports:
- containerPort: 80
name: http
protocol: TCP
- containerPort: 443
name: https
protocol: TCP
---
apiVersion: v1
kind: Service
metadata:
labels:
app: nginx
name: nginx-80-443
namespace: default
spec:
ports:
- name: http
port: 80
protocol: TCP
targetPort: 80
- name: https
port: 443
protocol: TCP
targetPort: 443
selector:
app: nginx
type: NodePort
2)部署
[[email protected] k8s]# kubectl get all
NAME READY STATUS RESTARTS AGE
pod/nginx-6b89b7f467-ct6md 1/1 Running 0 8m32s
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 26m
service/nginx-80-443 NodePort 10.99.243.115 <none> 80:31575/TCP,443:31418/TCP 8m32s
NAME READY UP-TO-DATE AVAILABLE AGE
deployment.apps/nginx 1/1 1 1 8m32s
NAME DESIRED CURRENT READY AGE
replicaset.apps/nginx-6b89b7f467 1 1 1 8m32s
4.調整K8S集群的Pod網段
4.1.調整K8S地址池的網段
1.查看K8S默認的地址池
[[email protected] k8s]# kubectl get ippool
NAME AGE
default-ipv4-ippool 18m
2.調整地址池的地址範圍
[[email protected] k8s]# kubectl edit ippool default-ipv4-ippool
cidr: 10.10.0.0/18
4.2.調整Controller-Manager組件的網段
[[email protected] k8s]# vim /etc/kubernetes/manifests/kube-controller-manager.yaml
- --cluster-cidr=10.10.0.0/18
4.4.調整Kube-proxy網段地址
[root@k8s-master k8s]# kubectl edit cm kube-proxy -n kube-system
clusterCIDR: 10.10.0.0/18
4.5.調整K8S集群所有節點yaml文件中的網段地址
有多少個Node就執行多少次相同的操作。
[[email protected] k8s]# kubectl get nodes k8s-master -o yaml > master.yaml
[[email protected] k8s]# kubectl get nodes k8s-node-1 -o yaml > node-1.yaml
[[email protected] k8s]# kubectl get nodes k8s-node-2 -o yaml > node-2.yaml
[[email protected] k8s]# vim master.yaml
v:"10.10.0.0/18": {}
spec:
podCIDR: 10.10.0.0/18
podCIDRs:
- 10.10.0.0/18
[root@k8s-master k8s]# kubectl delete node k8s-master
node "k8s-master" deleted
[root@k8s-master k8s]# kubectl apply -f master.yaml
node/k8s-master created
[root@k8s-master k8s]# kubectl delete node k8s-node-1
node "k8s-node-1" deleted
[root@k8s-master k8s]# kubectl delete node k8s-node-2
node "k8s-node-2" deleted
[root@k8s-master k8s]# kubectl apply -f node-1.yaml
node/k8s-node-1 created
[root@k8s-master k8s]# kubectl apply -f node-2.yaml
node/k8s-node-2 created
4.6.所有節點重啟kubelet
systemctl restart kubelet
4.7.重啟K8S集群中的Pod
[[email protected] k8s]# kubectl delete pod nginx-6b89b7f467-ct6md
pod "nginx-6b89b7f467-ct6md" deleted
[[email protected] k8s]# kubectl get pod -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
nginx-6b89b7f467-869m2 1/1 Running 0 23s 10.10.5.129 k8s-node-1 <none> <none>
Pod地址已經成功修改。
边栏推荐
- 90后,辞职创业,说要卷死云数据库
- The annual salary of general test is 15W, and the annual salary of test and development is 30w+. What is the difference between the two?
- 使用MeterSphere让你的测试工作持续高效
- 对比学习之 Unsupervised Learning of Visual Features by Contrasting Cluster Assignments
- Android interview knowledge points
- Easyui学习整理笔记
- 0.96 inch IIC LCD driver based on stc8g1k08
- Une fois que l'uniapp a sauté de la page dans onlaunch, cliquez sur Event Failure resolution
- The opacity value becomes 1%
- Antd select selector drop-down box follows the scroll bar to scroll through the solution
猜你喜欢
PostgreSQL中的表复制
The post-90s resigned and started a business, saying they would kill cloud database
聊聊SOC启动(七) uboot启动流程三
The opacity value becomes 1%
自动化测试框架
Input type= "password" how to solve the problem of password automatically brought in
RationalDMIS2022 高级编程宏程序
禁锢自己的因素,原来有这么多
一度辍学的数学差生,获得今年菲尔兹奖
Zhou Yajin, a top safety scholar of Zhejiang University, is a curiosity driven activist
随机推荐
Vuthink正确安装过程
Case study of Jinshan API translation function based on retrofit framework
Still cannot find RPC dispatcher table failed to connect in virtual KD
Debezium同步之Debezium架构详解
普通测试年薪15w,测试开发年薪30w+,二者差距在哪?
Distributed database master-slave configuration (MySQL)
Qt 实现容器的DELETE的方式
网络协议 概念
常用sql语句整理:mysql
关于jmeter中编写shell脚本json的应用
Android interview knowledge points
Activity生命周期
Go slice comparison
uniapp 在onLaunch中跳转页面后,点击事件失效解决方法
.NET MAUI 性能提升
[pyqt] the cellwidget in tablewidget uses signal and slot mechanism
Basic knowledge of process (orphan, zombie process)
Add a self incrementing sequence number to the antd table component
关于在云服务器上(这里用腾讯云)安装mysql8.0并使本地可以远程连接的方法
Go Slice 比较