centos7 安装 docker calico

原文链接：https://www.cnblogs.com/lkun/p/7857453.html

参考链接（etcd搭建）：https://blog.csdn.net/jiangshouzhuang/article/details/52822125

etcd 搭建：

node1：

nohup etcd --name node1 --initial-advertise-peer-urls http://192.168.100.107:2380   
--listen-peer-urls http://0.0.0.0:2380 --listen-client-urls http://0.0.0.0:2379,http://0.0.0.0:4001 
--advertise-client-urls http://0.0.0.0:2379  --initial-cluster-token etcd-cluster  
--initial-cluster node1=http://192.168.100.107:2380,node2=http://192.168.100.108:2380 --initial-cluster-state new &> etcd.log&

node2：

nohup etcd --name node2 --initial-advertise-peer-urls http://192.168.100.108:2380   
--listen-peer-urls http://0.0.0.0:2380 --listen-client-urls http://0.0.0.0:2379,http://0.0.0.0:4001 
--advertise-client-urls http://0.0.0.0:2379  --initial-cluster-token etcd-cluster  
--initial-cluster node1=http://192.168.100.107:2380,node2=http://192.168.100.108:2380 --initial-cluster-state new &> etcd.log&

检查etcd：

[root@node2 ~]# etcdctl -C http://192.168.100.107:2379,http://192.168.100.108:2379 member list
46ed1796ef158c6f: name=node1 peerURLs=http://192.168.100.107:2380 clientURLs=http://0.0.0.0:2379 isLeader=true
57bd6fb5424e9607: name=node2 peerURLs=http://192.168.100.108:2380 clientURLs=http://0.0.0.0:2379 isLeader=false

docker  配置：

node1配置：

[root@node1 ~]# cat /etc/sysconfig/docker
OPTIONS='--cluster-store=etcd://192.168.100.107:2379 --log-driver=journald --signature-verification=false'

node2配置：

[root@node2 ~]# cat /etc/sysconfig/docker
OPTIONS='--cluster-store=etcd://192.168.100.108:2379 --log-driver=journald --signature-verification=false'

calico-node容器启动：docker pull quay.io/calico/node:v2.6.2

docker run --net=host --privileged --name=calico-node -d --restart=always -e NODENAME=node1 -e CALICO_NETWORKING_BACKEND=bird -e CALICO_LIBNETWORK_ENABLED=true -e ETCD_ENDPOINTS=http://node1:2379 -v /var/log/calico:/var/log/calico -v /var/run/calico:/var/run/calico -v /lib/modules:/lib/modules -v /run:/run -v /run/docker/plugins:/run/docker/plugins -v /var/run/docker.sock:/var/run/docker.sock quay.io/calico/node:v2.6.2

检查：

[root@node1 ~]# calicoctl node status
Calico process is running.

IPv4 BGP status
+-----------------+-------------------+-------+----------+-------------+
|  PEER ADDRESS   |     PEER TYPE     | STATE |  SINCE   |    INFO     |
+-----------------+-------------------+-------+----------+-------------+
| 192.168.100.108 | node-to-node mesh | up    | 02:50:57 | Established |
+-----------------+-------------------+-------+----------+-------------+

IPv6 BGP status
No IPv6 peers found.

 创建calico网络

[root@node1 ~]# docker network create --driver calico --ipam-driver calico-ipam calico-net1
922e39e3990d199e07365ffe3b7f3d4c4b8365fda8ab89810863473251235819

 这时node1和node2都可以看到此网络：

[root@node1 ~]# docker network ls
NETWORK ID          NAME                DRIVER              SCOPE
82bef7a1eabd        bridge              bridge              local
5ec88055b6f3        calico-net1         calico              global
33f0f6170f24        host                host                local
cf2ae938e7f0        none                null                local

[root@node2 ~]#  docker network ls
NETWORK ID          NAME                DRIVER              SCOPE
f95a0c79fe4c        bridge              bridge              local
5ec88055b6f3        calico-net1         calico              global
fac2d56a2487        host                host                local
0cc71e06f4e6        none                null                local

 启动容器，测试网络：

node1：

docker run -itd --name calico1 --network=calico-net1 centos sleep inf

node2：

docker run -itd --name calico2 --network=calico-net1 centos sleep inf

容器网络查看：

node1：

[root@node1 ~]# docker exec calico1  ip a 
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
8: cali0@if9: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default 
    link/ether ee:ee:ee:ee:ee:ee brd ff:ff:ff:ff:ff:ff link-netnsid 0
    inet 192.168.166.128/32 scope global cali0
       valid_lft forever preferred_lft forever
    inet6 fe80::ecee:eeff:feee:eeee/64 scope link 
       valid_lft forever preferred_lft forever

node2：

[root@node2 ~]# docker exec calico3 ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
7: cali0@if8: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default 
    link/ether ee:ee:ee:ee:ee:ee brd ff:ff:ff:ff:ff:ff link-netnsid 0
    inet 192.168.104.1/32 scope global cali0
       valid_lft forever preferred_lft forever
    inet6 fe80::ecee:eeff:feee:eeee/64 scope link 
       valid_lft forever preferred_lft forever

容器网络测试：

[root@node2 ~]# docker exec calico3 ping 192.168.166.128
PING 192.168.166.128 (192.168.166.128) 56(84) bytes of data.
64 bytes from 192.168.166.128: icmp_seq=1 ttl=62 time=0.475 ms
64 bytes from 192.168.166.128: icmp_seq=2 ttl=62 time=0.481 ms