ICode9

精准搜索请尝试: 精确搜索
首页 > 其他分享> 文章详细

K8S Cilium网络插件——安装

2022-01-21 23:01:03  阅读:264  来源: 互联网

标签:__ ... hubble 插件 cilium ui K8S Cilium


注:本文基于Cilium v1.11.0编写

1 安装cilium

1.1 cilium-cli

先安装cilium-cli工具,

wget https://github.com/cilium/cilium-cli/releases/latest/download/cilium-linux-amd64.tar.gz
tar -xf cilium-linux-amd64.tar.gz -C /usr/bin/

1.2 cilium

然后直接用cilium安装即可,安装完检查状态

[root@master8 home]# cilium install
ℹ️  using Cilium version "v1.11.0"
 Auto-detected cluster name: kubernetes
 Auto-detected IPAM mode: cluster-pool
 Found CA in secret cilium-ca
 Generating certificates for Hubble...
 Creating Service accounts...
 Creating Cluster roles...
 Creating ConfigMap for Cilium version 1.11.0...
 Creating Agent DaemonSet...
 Creating Operator Deployment...
⌛ Waiting for Cilium to be installed and ready...
♻️  Restarting unmanaged pods...
♻️  Restarted unmanaged pod kube-system/coredns-558bd4d5db-5rph9
♻️  Restarted unmanaged pod kube-system/coredns-558bd4d5db-bw246
✅ Cilium was successfully installed! Run 'cilium status' to view installation health
[root@master8 ~]# cilium status
    /¯¯\
 /¯¯\__/¯¯\    Cilium:         OK
 \__/¯¯\__/    Operator:       OK
 /¯¯\__/¯¯\    Hubble:         disabled
 \__/¯¯\__/    ClusterMesh:    disabled
    \__/

Deployment        cilium-operator    Desired: 1, Ready: 1/1, Available: 1/1
DaemonSet         cilium             Desired: 3, Ready: 3/3, Available: 3/3
Containers:       cilium             Running: 3
                  cilium-operator    Running: 1
Cluster Pods:     2/2 managed by Cilium
Image versions    cilium-operator    quay.io/cilium/operator-generic:v1.11.0: 1
                  cilium             quay.io/cilium/cilium:v1.11.0: 3

2 部署hubble

2.1 hubble

hubble是用于网络和安全的观察工具,可以直接通过cilium命令安装

[root@master8 ~]# cilium hubble enable
 Found CA in secret cilium-ca
✨ Patching ConfigMap cilium-config to enable Hubble...
♻️  Restarted Cilium pods
⌛ Waiting for Cilium to become ready before deploying other Hubble component(s)...
✅ Relay is already deployed
⌛ Waiting for Hubble to be installed...
✅ Hubble was successfully enabled!
[root@master8 ~]# cilium status
    /¯¯\
 /¯¯\__/¯¯\    Cilium:         OK
 \__/¯¯\__/    Operator:       OK
 /¯¯\__/¯¯\    Hubble:         OK
 \__/¯¯\__/    ClusterMesh:    disabled
    \__/

Deployment        cilium-operator    Desired: 1, Ready: 1/1, Available: 1/1
Deployment        hubble-relay       Desired: 1, Ready: 1/1, Available: 1/1
DaemonSet         cilium             Desired: 3, Ready: 3/3, Available: 3/3
Containers:       hubble-relay       Running: 1
                  cilium             Running: 3
                  cilium-operator    Running: 1
Cluster Pods:     3/3 managed by Cilium
Image versions    cilium             quay.io/cilium/cilium:v1.11.0: 3
                  cilium-operator    quay.io/cilium/operator-generic:v1.11.0: 1
                  hubble-relay       quay.io/cilium/hubble-relay:v1.11.0: 1

2.2 hubble-cli

安装hubble-cli工具,

wget https://github.com/cilium/hubble/releases/download/v0.9.0/hubble-linux-amd64.tar.gz
tar -xf hubble-linux-amd64.tar.gz -C /usr/bin/

然后是为hubble服务在本机启用端口转发,从而让我们能连接到该服务,

[root@master8 home]# cilium hubble port-forward&
[1] 100758
[root@master8 home]# hubble status
Healthcheck (via localhost:4245): Ok
Current/Max Flows: 7,296/12,285 (59.39%)
Flows/s: 7.27
Connected Nodes: 3/3

2.3 hubble-ui

最后为了能够通过web ui查看hubble收集的信息,还需要安装对应的ui服务,

[root@master8 home]# cilium hubble enable --ui
 Found CA in secret cilium-ca
✨ Patching ConfigMap cilium-config to enable Hubble...
♻️  Restarted Cilium pods
⌛ Waiting for Cilium to become ready before deploying other Hubble component(s)...
✅ Relay is already deployed
✅ Hubble UI is already deployed
⌛ Waiting for Hubble to be installed...
✅ Hubble was successfully enabled!
[root@master8 home]# cilium status
    /¯¯\
 /¯¯\__/¯¯\    Cilium:         OK
 \__/¯¯\__/    Operator:       OK
 /¯¯\__/¯¯\    Hubble:         OK
 \__/¯¯\__/    ClusterMesh:    disabled
    \__/

DaemonSet         cilium             Desired: 3, Ready: 3/3, Available: 3/3
Deployment        cilium-operator    Desired: 1, Ready: 1/1, Available: 1/1
Deployment        hubble-relay       Desired: 1, Ready: 1/1, Available: 1/1
Deployment        hubble-ui          Desired: 1, Ready: 1/1, Available: 1/1
Containers:       cilium             Running: 3
                  cilium-operator    Running: 1
                  hubble-relay       Running: 1
                  hubble-ui          Running: 1
Cluster Pods:     4/4 managed by Cilium
Image versions    cilium-operator    quay.io/cilium/operator-generic:v1.11.0: 1
                  hubble-relay       quay.io/cilium/hubble-relay:v1.11.0: 1
                  hubble-ui          quay.io/cilium/hubble-ui:v0.8.3: 1
                  hubble-ui          quay.io/cilium/hubble-ui-backend:v0.8.3: 1
                  hubble-ui          registry-1.docker.io/envoyproxy/envoy:v1.18.2: 1
                  cilium             quay.io/cilium/cilium:v1.11.0: 3

然后同样需要为hubble-ui服务开启端口转发,

[root@master8 home]# cilium hubble ui&
[2] 115889

因为我是用虚拟机部署的,所以要通过master node的hostip访问,端口是12000
在这里插入图片描述
如果无法获取到cilium相关镜像,可从以下链接下载(访问密码:6501):
cilium-cli:v0.10.0
cilium:v1.11.0
operator-generic:v1.11.0
hubble-cli:0.9.0
hubble-relay:v1.11.0
hubble-ui-backend:v0.8.3
hubble-ui:v0.8.3
envoy:v1.18.2


参考文档:

  1. https://docs.cilium.io/en/stable/gettingstarted/k8s-install-default/
  2. https://docs.cilium.io/en/stable/gettingstarted/hubble_setup/#hubble-setup
  3. https://docs.cilium.io/en/stable/gettingstarted/hubble/

标签:__,...,hubble,插件,cilium,ui,K8S,Cilium
来源: https://blog.csdn.net/u010039418/article/details/122591668

本站声明: 1. iCode9 技术分享网(下文简称本站)提供的所有内容,仅供技术学习、探讨和分享;
2. 关于本站的所有留言、评论、转载及引用,纯属内容发起人的个人观点,与本站观点和立场无关;
3. 关于本站的所有言论和文字,纯属内容发起人的个人观点,与本站观点和立场无关;
4. 本站文章均是网友提供,不完全保证技术分享内容的完整性、准确性、时效性、风险性和版权归属;如您发现该文章侵犯了您的权益,可联系我们第一时间进行删除;
5. 本站为非盈利性的个人网站,所有内容不会用来进行牟利,也不会利用任何形式的广告来间接获益,纯粹是为了广大技术爱好者提供技术内容和技术思想的分享性交流网站。

专注分享技术,共同学习,共同进步。侵权联系[81616952@qq.com]

Copyright (C)ICode9.com, All Rights Reserved.

ICode9版权所有