系统要求

Linux kernel >= 4.9.17
更多信息请查看 cilium 系统要求

环境

以一台 Ubuntu Server 20.04.1 LTS 64bit 为例

nameiprole
node110.160.6.136etcd, master, worker

下载安装包

sudo wget https://github.com/kubesphere/kubekey/releases/download/v1.1.0/kubekey-v1.1.0-linux-64bit.deb

使用 cilium 作为网络插件部署 KubeSphere

1.安装 KubeKey

sudo dpkg -i kubekey-v1.1.0-linux-64bit.deb

2.生成配置文件

sudo kk create config --with-kubernetes v1.19.8

3.修改配置文件,将网络插件修改为 cilium
注意将spec.network.plugin 的值修改为 cilium

sudo vi config-sample.yaml
apiVersion: kubekey.kubesphere.io/v1alpha1
kind: Cluster
metadata:
  name: sample
spec:
  hosts:
  - {name: node1, address: 10.160.6.136, internalAddress: 10.160.6.136, user: ubuntu, password: ********}
  roleGroups:
    etcd:
    - node1
    master: 
    - node1
    worker:
    - node1
  controlPlaneEndpoint:
    domain: lb.kubesphere.local
    address: ""
    port: 6443
  kubernetes:
    version: v1.19.8
    imageRepo: kubesphere
    clusterName: cluster.local
  network:
    plugin: cilium
    kubePodsCIDR: 10.233.64.0/18
    kubeServiceCIDR: 10.233.0.0/18
  registry:
    registryMirrors: []
    insecureRegistries: []
  addons: []

4.部署依赖

sudo kk init os -f config-sample.yaml

5.部署 KubeSphere

sudo kk create cluster -f config-sample.yaml --with-kubesphere v3.1.0

看到如下提示说明安装完成

#####################################################
###              Welcome to KubeSphere!           ###
#####################################################

Console: http://10.160.6.136:30880
Account: admin
Password: P@88w0rd

NOTES:
  1. After you log into the console, please check the
     monitoring status of service components in
     "Cluster Management". If any service is not
     ready, please wait patiently until all components 
     are up and running.
  2. Please change the default password after login.

#####################################################
https://kubesphere.io             2021-05-18 17:15:03
#####################################################
INFO[17:15:16 CST] Installation is complete.

6.登陆 KubeSphere console

7.检查状态

安装hubble UI

kubectl apply -f https://raw.githubusercontent.com/cilium/cilium/v1.8/install/kubernetes/experimental-install.yaml

检查状态

安装 demo 服务,并在 hubble UI 查看服务依赖关系

1.安装 demo

kubectl apply -f https://raw.githubusercontent.com/cilium/cilium/1.9.7/examples/minikube/http-sw-app.yaml -n default

2.将 hubble UI 服务类型修改为 nodeport

3.访问 demo

kubectl exec xwing -n default -- curl -s -XPOST deathstar.default.svc.cluster.local/v1/request-landing
Ship landed
kubectl exec tiefighter -n default -- curl -s -XPOST deathstar.default.svc.cluster.local/v1/request-landing
Ship landed

4.在 hubble 上 查看服务依赖关系

Feynman 更改标题为「使用 cilium 作为网络插件部署 K8s + KubeSphere
16 天 后

请教下,系统要求需要是x86架构吧,好像网上说是cilium目前不支持arm架构?

    1 个月 后

    kubectl -n kube-system exec -ti cilium-4ft5k – cilium status

    KVStore: Ok Disabled
    Kubernetes: Ok 1.20 (v1.20.4) [linux/amd64]
    Kubernetes APIs: [“CustomResourceDefinition”, “cilium/v2::CiliumClusterwideNetworkPolicy”, “cilium/v2::CiliumEndpoint”, “cilium/v2::CiliumNetworkPolicy”, “cilium/v2::CiliumNode”, “core/v1::Namespace”, “core/v1::Node”, “core/v1:😛ods”, “core/v1::Service”, “discovery/v1beta1::EndpointSlice”, “networking.k8s.io/v1::NetworkPolicy”]
    KubeProxyReplacement: Probe [eth0 (DR)] [NodePort (SNAT, 30000-32767, XDP: DISABLED), HostPort, ExternalIPs, HostReachableServices (TCP, UDP), SessionAffinity]
    Cilium: Ok OK
    NodeMonitor: Disabled
    Cilium health daemon: Ok
    IPAM: IPv4: 20/255 allocated from 10.233.64.0/24,
    Masquerading: BPF [eth0] 10.233.64.0/24
    Controller Status: 89/89 healthy
    Proxy Status: OK, ip 10.233.64.33, 0 redirects active on ports 10000-20000
    Hubble: Disabled
    Cluster health: 2/2 reachable (2021-07-05T06:12:14Z)

    默认hubble disalbed, ui 看不到流量。

      14 天 后