Deployment of Etcd+calico clusters

ETCD stand-alone mode

Setting environment variables

Export hostip= "192.168.12.50"

Execute the following command to open the ETCD client connection ports 4001 and 2379, ETCD interconnect Port 2380

If this is the first time this command is executed, Docker will download the latest ETCD official image

Docker run-d-v/usr/share/ca-certificates/:/etc/ssl/certs-p 4001:4001-p 2380:2380-p 2379:2379  --name etcd Quay.io /coreos/etcd  -name etcd0  -advertise-client-urls http://${hostip}:2379,http://${hostip}:4001  - Listen-client-urls http://0.0.0.0:2379,http://0.0.0.0:4001  -initial-advertise-peer-urls Http://${hostip} : 2380  -listen-peer-urls http://0.0.0.0:2380  -initial-cluster-token etcd-cluster-1  -initial-cluster etcd0=http://${hostip}:2380  -initial-cluster-state New

Select any of the 2 ports above to detect the node condition:

Curl-l http://127.0.0.1:2379/v2/members

Multi-node ETCD cluster

Configuring a multi-node ETCD cluster is similar to a single node, the main difference being the-initial-cluster parameter, which represents the interconnected address (peer URL) of each member:

Node 01 executes the following command:

etcd01 -initial-cluster "etcd01=http://192.168.73.140:2380,etcd02=http://192.168.73.137:2380" \- Initial-cluster-state New

Node 02 executes the following command

etcd02 -initial-cluster "etcd01=http://192.168.73.140:2380,etcd02=http://192.168.73.137:2380" \- Initial-cluster-state New

Check the cluster connection, and execute the following commands at each node, respectively:

Curl-l http://127.0.0.1:2379/v2/members

If normal, you will see 2 nodes of information, and the results should be the same for each node:

{"Members": [{"id": "2bd5fcc327f74dd5", "name": "Etcd01", "Peerurls": ["http://192.168.73.140:2380"], "clienturls": [" http://192.168.73.140:2379 "," http://192.168.73.140:4001 "]},{" id ":" c8a9cac165026b12 "," name ":" Etcd02 "," Peerurls " : ["http://192.168.73.137:2380"], "clienturls": ["http://192.168.73.137:2379", "http://192.168.73.137:4001"]}]}

Extending the ETCD Cluster

Execute a command on any of the ETCD nodes in the cluster to register the new node with the cluster:

Curl Http://127.0.0.1:2379/v2/members-XPOST-H "Content-type:application/json"-d ' {"Peerurls": ["/HTTP// 192.168.73.172:2380"]} '

Start the ETCD container on the new node and notice the difference in the Red font section

etcd03 -advertise-client-urls http://192.168.73.150:2379,http://192.168.73.150:4001-listen-client-urls Http://0.0.0.0:2379-initial-advertise-peer-urls Http://192.168.73.150:2380-listen-peer-urls http://0.0.0.0:2380- Initial-cluster-token Etcd-cluster-initial-cluster "etcd01=http://192.168.73.140:2380,etcd02=http:// 192.168.73.137:2380,etcd03=http://192.168.73.150:2380existing

Perform health checks on any node:

[Email protected] ~]# etcdctl cluster-healthmember 2bd5fcc327f74dd5 is healthy:got healthy result from http://192.168.73 .140:2379member C8A9CAC165026B12 is healthy:got healthy result from Http://192.168.73.137:2379cluster is healthy

Calico Deployment

Now the physical host download calicoctl, download page:

Https://github.com/projectcalico/calico-containers/releases

and copy the downloaded Calicoctl to /usr/local/bin .

Execute the following command on the first ETCD node:

[[email protected] ~]# calicoctl node  #如果是第一次执行该命令, you will need to download calico node image online and start running Docker container with the  Following Command:docker run-d--restart=always--net=host--privileged--name=calico-node-e hostname=docker01-e IP=-E Ip6=-E calico_networking=true-e as=-e no_default_pools=-e etcd_authority=127.0.0.1:2379-e etcd_scheme=http-v/var/l Og/calico:/var/log/calico-v/var/run/calico:/var/run/calico calico/node:v0.18.0calico node is running with ID: 60b284221a94b418509f86d3c8d7073e11ab3c2a3ca17e4efd2568e97791ff33waiting for successful StartupNo IP provided. Using detected Ip:192.168.73.140calico node started successfully

Execute on the second ETCD node:

[[email protected] ~]# calicoctl node  --If the command is executed for the first time, it will require a networked download calico node image running Docker container with the following C Ommand:docker run-d--restart=always--net=host--privileged--name=calico-node-e hostname=docker01-e IP=-E IP6=-E CA Lico_networking=true-e as=-E no_default_pools=-e etcd_authority=127.0.0.1:2379-e etcd_scheme=http-v/var/log/calico :/var/log/calico-v/var/run/calico:/var/run/calico calico/node:v0.18.0calico node is running with ID: 72e7213852e529a3588249d85f904e38a92d671add3cdfe5493687aab129f5e2waiting for successful StartupNo IP provided. Using detected Ip:192.168.73.137calico node started successfully

Configure the Address resource pool by executing the following command on any one of the calico nodes:

[Email protected] ~]# calicoctl pool Remove 192.168.0.0/16  #删除默认资源池 [[email protected] ~]# Calicoctl pool Add 10.0.238 .0/24--nat-outgoing--ipip   #添加新的IP资源池, supports inter-Docker network interoperability on hosts across subnets and requires the addition of--IPIP parameters; If you want Docker to access the extranet, you need to add the--nat-outgoing parameter [Email protected] ~]# Calicoctl pool show    #查看配置后的结果

At any calico node, check the Calico status:

[Email protected] ~]# Calicoctl statuscalico-node container is running. Status:up 3 hoursrunning Felix version 1.4.0rc1ipv4 BGP statusip:192.168.73.140 as    number:64511 (inherited) +------- ---------+-------------------+-------+----------+-------------+|  Peer Address  |     Peer Type     | State |  Since   |     Info    |+----------------+-------------------+-------+----------+-------------+| 192.168.73.137 | node-to-node Mesh |   Up  established |+----------------+-------------------+-------+----------+-------------+ipv6 BGP Statusno IPV6 address configured.

Configuring the Docker Container Network

Start the Business one container on 2 nodes, do not load the network driver, the back network let calico to configure:

[[email protected] ~]# Docker run--name test01-itd--log-driver none--net none Daocloud.io/library/centos:6.6/bin/bash [[email protected] ~]# Docker run--name test02-itd--log-driver none--net none Daocloud.io/library/centos:6.6/bin/bash

Create Calico profile on any of the calico nodes:

[Email protected] ~]# Calicoctl profile Add Starboss

On each Calico node, join the same profile for each node that needs to be accessed separately:

[[email protected] ~]# calicoctl container test01 profile set Starbossprofile (s) set to Starboss. [[email protected] ~]# calicoctl container test02 profile set Starbossprofile (s) set to Starboss.

Specify IP for the container manually via Calico, note that this IP needs to conform to the IP configuration of the Calico pool:

[[email protected] ~]# calicoctl container add test01 10.0.238.10IP 10.0.238.10 added to Test01[[email protected] ~]# Cali Coctl container Add test02 10.0.238.11IP 10.0.238.10 added to test02

View the configuration of the Calico node at any node:

[[email protected] ~]# calicoctl endpoint show--detailed+----------+-----------------+----------------------- -------------------------------------------+----------------------------------+-----------------+-------------- -----+----------+--------+| Hostname |                           Orchestrator ID |           Workload ID |    Endpoint ID |        Addresses | MAC | Profiles | State |+----------+-----------------+------------------------------------------------------------------+-------- --------------------------+-----------------+-------------------+----------+--------+|      Docker01 | Docker | 8f935b0441739f52334e9f16099a2b52e2c982e3aef3190e02dd7ce67e61a853 | 75b0e79a022211e6975c000c29308ed8 | 192.168.0.10/32 | 1e:14:2d:bf:51:f5 | Starboss | active | |      Docker02 | Docker | 3d0a8f39753537592f3e38d7604b0b6312039f3bf57cf13d91e953e7e058263e | 8EFB263E022211E6A180000C295008AF | 192.168.0.11/32 | Ee:2b:c2:5e:b6:c5 | Starboss | Active |+----------+-----------------+------------------------------------------------------------------+------- ---------------------------+-----------------+-------------------+----------+--------+

Test to ping a container in another host on a physical host:

[[email protected] ~]# docker exec test01  ping 192.168.0.11PING 192.168.0.11 (192.168.0.11) (+) bytes of data.64 by TES from 192.168.0.11:icmp_seq=1 ttl=62 time=0.557 ms64 bytes from 192.168.0.11:icmp_seq=2 ttl=62 time=0.603 ms64 bytes From 192.168.0.11:icmp_seq=3 ttl=62 time=0.656 ms64 bytes from 192.168.0.11:icmp_seq=4 ttl=62 time=0.386 ms

　　

Deployment of Etcd+calico clusters