💎一站式轻松地调用各大LLM模型接口,支持GPT4、智谱、星火、月之暗面及文生图 广告
[TOC] ### **准备工作** 1、准备好两台主机,内核在4.19.57+,或5.2.0+(使用cilium替代kube-proxy需要) ``` $ uname -r 5.4.187-1.el7.elrepo.x86_64 ``` 2、安装好K8S集群 注意,根据[Cilium的部署指引](https://docs.cilium.io/en/stable/gettingstarted/k8s-install-kubeadm/),安装K8S集群时无须传`--pod-network-cidr`参数;另外这里我们没有安装kube-proxy,是用cilium来代替它 ``` $ kubectl get node NAME STATUS ROLES AGE VERSION 192.168.92.108 NotReady control-plane,master 31s v1.23.3 192.168.92.109 NotReady <none> 11s v1.23.3 $ kubectl get pod -n kube-system -o wide NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES coredns-6d8c4cb4d-6vhgs 0/1 Pending 0 41s <none> <none> <none> <none> coredns-6d8c4cb4d-kpv2f 0/1 Pending 0 41s <none> <none> <none> <none> etcd-192.168.92.108 1/1 Running 5 53s 192.168.92.108 192.168.92.108 <none> <none> kube-apiserver-192.168.92.108 1/1 Running 7 53s 192.168.92.108 192.168.92.108 <none> <none> kube-controller-manager-192.168.92.108 1/1 Running 7 55s 192.168.92.108 192.168.92.108 <none> <none> kube-scheduler-192.168.92.108 1/1 Running 7 53s 192.168.92.108 192.168.92.108 <none> <none> ``` 3、在master节点上安装好helm3 ``` $ helm version version.BuildInfo{Version:"v3.4.2", GitCommit:"23dd3af5e19a02d4f4baa5b2f242645a1a3af629", GitTreeState:"clean", GoVersion:"go1.14.13"} ``` ### **安装Cilium** 首先下载chart包,这里我们下载1.11.2版本 ``` $ wget --no-check-certificate https://helm.cilium.io/cilium-1.11.2.tgz ``` 然后进行安装: ``` $ helm install cilium ./cilium-1.11.2.tgz -n kube-system --set tunnel=disabled,ipam.operator.clusterPoolIPv4PodCIDR=172.26.0.0/16,ipv4NativeRoutingCIDR=172.26.0.0/16,autoDirectNodeRoutes=true,kubeProxyReplacement=strict,k8sServiceHost=192.168.92.108,k8sServicePort=6443 ``` 由于该chart包中,默认使用vxlan,我们需要更改为直接路由。上面的参数中 * `tunnel=disabled`:表示不使用隧道,可以取vxlan、geneve或disabled * `autoDirectNodeRoutes=true`:表示由cilium在主机上生成Pod的路由规则 * `kubeProxyReplacement=strict`:表示强制替代kube-proxy,可取值disabled,partitial等 * `k8sServiceHost/k8sServicePort`:当要替代kube-proxy时,这两个参数必须填写,否则cilium会默认使用10.96.0.1去连接apiserver,导致连不上(因为10.96.0.1的转发此时是由cilium来实现) 如果想安装hubble,则可以设置参数`hubble.relay.enabled=true,hubble.ui.enabled=true`。