{"id":411,"date":"2020-01-13T18:51:00","date_gmt":"2020-01-13T10:51:00","guid":{"rendered":"http:\/\/www.luyouli.com\/?p=411"},"modified":"2020-01-13T19:46:52","modified_gmt":"2020-01-13T11:46:52","slug":"centos-8-0-%e6%90%ad%e5%bb%ba-kubernetes-1-17-0","status":"publish","type":"post","link":"https:\/\/www.luyouli.com\/?p=411","title":{"rendered":"CentOS 8.0 \u642d\u5efa kubernetes 1.17.0"},"content":{"rendered":"\n

CentOS 8.0\u603b\u7b97\u662f\u5728XX\u4e91\u4e0a\u7528\u4e86\uff0c\u6211\u5c31\u60f3\u7740\u628a\u8001\u67b6\u6784\uff08LNMPR\uff09\u6539\u6210\u7528kubernetes\uff0c\u4e0d\u5f97\u4e0d\u8bf4\u5bb9\u5668\u8fd9\u4e2a\u4e1c\u4e1c\u5b9e\u5728\u662f\u592a\u8d5e\u4e86<\/p>\n\n\n\n

\u7cfb\u7edf\uff1aCentOS 8.0<\/p>\n\n\n\n

\"\"<\/figure>\n\n\n\n

\u4e00\u3001\u51c6\u5907\u5de5\u4f5c\uff1a<\/p>\n\n\n\n

# yum install epel-release -y && yum update -y<\/p>\n\n\n\n

\u7981\u7528SWAP\n# sed -i 's\/^.*swap*\/#&\/g' \/etc\/fstab\n# swapoff -a<\/pre>\n\n\n
<\/p>\n\n\n
\u5173\u95ed\u9632\u706b\u5899\n# systemctl stop firewalld\n# systemctl disable firewalld <\/pre>\n\n\n\n
\u5173\u95edselinux\n# vim \/etc\/selinux\/config\nSELINUX=disabled<\/pre>\n\n\n\n
\u8bbe\u7f6esysctl\u53c2\u6570\uff0c\u5f00\u542fBBR\n# vim \/etc\/sysctl.conf\nnet.bridge.bridge-nf-call-ip6tables = 1\nnet.bridge.bridge-nf-call-iptables = 1\nnet.core.default_qdisc = fq\nnet.ipv4.tcp_congestion_control = bbr \n# sysctl -p<\/pre>\n\n\n\n
\u672c\u60f3\u5347\u7ea7\u5185\u6838\u52305.4.x\u7136\u540e\u9ad8\u5927\u4e0a\u4e00\u4e0b\uff0c\u7ed3\u679c5.4.x\u5bf9\u4e8ekubernetes\u7684\u652f\u6301\u8fd8\u4e0d\u90a3\u4e48\u5b8c\u5584\uff0c\u6240\u4ee5\u5c31\u76f4\u63a5\u7528\u9ed8\u8ba4\u76844.18.0\u641e\u8d77<\/p>\n\n\n\n
\u4e8c\u3001\u5b89\u88c5Docker<\/p>\n\n\n\n
# yum remove docker docker-common docker-selinux docker-engine<\/p>\n\n\n\n
# yum install -y yum-utils device-mapper-persistent-data lvm2<\/p>\n\n\n\n
# yum-config-manager –add-repo https:\/\/download.docker.com\/linux\/centos\/docker-ce.repo<\/p>\n\n\n\n
# yum install https:\/\/download.docker.com\/linux\/fedora\/30\/x86_64\/stable\/Packages\/containerd.io-1.2.6-3.3.fc30.x86_64.rpm<\/a><\/p>\n\n\n\n
# yum install docker-ce -y<\/p>\n\n\n\n
# vim \/etc\/docker\/daemon.json<\/p>\n\n\n\n
{\n   \"exec-opts\":[\"native.cgroupdriver=systemd\"]\n}<\/pre>\n\n\n\n
#  systemctl enable docker &&  systemctl restart docker <\/p>\n\n\n\n
\"\"<\/figure>\n\n\n\n
\u4e09\u3001YUM\u5b89\u88c5Kubernetes 1.17.0<\/p>\n\n\n\n
 # vim \/etc\/yum.repos.d\/kubernetes.repo <\/p>\n\n\n\n
[kubernetes]\nname=Kubernetes\nbaseurl=https:\/\/mirrors.aliyun.com\/kubernetes\/yum\/repos\/kubernetes-el7-x86_64\/\nenabled=1\ngpgcheck=0\nrepo_gpgcheck=0\ngpgkey=https:\/\/mirrors.aliyun.com\/kubernetes\/yum\/doc\/yum-key.gpg https:\/\/mirrors.aliyun.com\/kubernetes\/yum\/doc\/rpm-package-key.gpg<\/a> <\/pre>\n\n\n\n
# yum install kubelet-1.17.0 kubeadm-1.17.0 kubectl-1.17.0 -y<\/p>\n\n\n\n
\"\"<\/figure>\n\n\n\n
# systemctl enable kubelet <\/p>\n\n\n\n
\u56db\u3001\u521d\u59cb\u5316kubernetes\u96c6\u7fa4<\/p>\n\n\n\n
#  kubeadm init –kubernetes-version=1.17.0 –image-repository registry.aliyuncs.com\/google_containers –pod-network-cidr=10.244.0.0\/16 <\/p>\n\n\n\n
\"\"<\/figure>\n\n\n\n
\u51fa\u73b0 Your Kubernetes control-plane has initialized successfully! \u5c31OK\u4e86<\/p>\n\n\n\n
\u6309\u7167\u63d0\u793a\u4f9d\u6b21\u8fdb\u884c\u64cd\u4f5c\u5373\u53ef<\/p>\n\n\n\n
mkdir -p $HOME\/.kube\nsudo cp -i \/etc\/kubernetes\/admin.conf $HOME\/.kube\/config\nsudo chown $(id -u):$(id -g) $HOME\/.kube\/config<\/pre>\n\n\n\n
\"\"<\/figure>\n\n\n\n
\u4e94\u3001\u5b89\u88c5flannel<\/p>\n\n\n\n
# docker pull quay.io\/coreos\/flannel:v0.11.0-amd64<\/p>\n\n\n\n
#  mkdir -p \/etc\/cni\/net.d\/ <\/p>\n\n\n\n
# vim \/etc\/cni\/net.d\/10-flannel.conf<\/p>\n\n\n\n
 {\n  \"name\": \"cbr0\",\n  \"type\": \"flannel\",\n  \"delegate\": {\n    \"isDefaultGateway\": true\n  }\n} <\/pre>\n\n\n\n
# mkdir -p \/usr\/share\/oci-umount\/oci-umount.d<\/p>\n\n\n\n
# mkdir \/run\/flannel\/<\/p>\n\n\n\n
# vim \/run\/flannel\/subnet.env<\/p>\n\n\n\n
FLANNEL_NETWORK=10.244.0.0\/16\nFLANNEL_SUBNET=10.244.0.1\/24\nFLANNEL_MTU=1400\nFLANNEL_IPMASQ=true<\/pre>\n\n\n\n
#  kubectl apply -f https:\/\/raw.githubusercontent.com\/coreos\/flannel\/master\/Documentation\/kube-flannel.yml<\/a><\/p>\n\n\n\n
\"\"<\/figure>\n\n\n\n
\u7136\u540e\u5494\u5494\u4e00\u987f\u67e5\u770b<\/p>\n\n\n\n
\"\"<\/figure>\n\n\n\n
\u81f3\u6b64\uff0c\u7b97\u662f\u641e\u5b9a\u4e86<\/p>\n\n\n\n
<\/p>\n\n\n\n
\u634e\u5e26\u624b\u89e3\u51b3\u4e24\u4e2a\u5c0f\u95ee\u9898\uff1a<\/p>\n\n\n\n
\u4e00\u4e2a\u662f\uff1a\u8ba9master\u673a\u53c2\u5de5\u4f5c\u8d1f\u8f7d\uff0cAll-In-One\u7684kubernetes\u73af\u5883 <\/p>\n\n\n\n
# kubectl describe node master | grep -E ‘(Roles|Taints)’  <\/p>\n\n\n\n
# kubectl taint nodes –all node-role.kubernetes.io\/master-<\/p>\n\n\n\n
\"\"<\/figure>\n\n\n\n
<\/p>\n\n\n\n
\u53e6\u4e00\u4e2a\u662f\uff1aThe range of valid ports is 30000-32767\u7684\u95ee\u9898 <\/p>\n\n\n\n
# vim \/etc\/kubernetes\/manifests\/kube-apiserver.yaml<\/p>\n\n\n\n
\u5728service-cluster-ip-range\u8fd9\u4e00\u884c\u4e0b\u9762\u589e\u52a0<\/p>\n\n\n\n
–service-node-port-range=1-65535<\/p>\n\n\n\n
\"\"<\/figure>\n\n\n\n
# systemctl restart kubelet    #\u91cd\u542f\u4e00\u4e0b\uff0c\u641e\u5b9a<\/p>\n\n\n\n
\u4e0b\u9762flannel\u7684master\u5206\u652f\u94fe\u63a5\u548c\u5185\u5bb9\uff0c\u4eca\u5929\u8fde\u4e86N\u591a\u6b21\u624d\u4e0b\u8f7d\u4e0b\u6765<\/p>\n\n\n\n
https:\/\/raw.githubusercontent.com\/coreos\/flannel\/master\/Documentation\/kube-flannel.yml<\/a><\/p>\n\n\n\n
---\napiVersion: policy\/v1beta1\nkind: PodSecurityPolicy\nmetadata:\n  name: psp.flannel.unprivileged\n  annotations:\n    seccomp.security.alpha.kubernetes.io\/allowedProfileNames: docker\/default\n    seccomp.security.alpha.kubernetes.io\/defaultProfileName: docker\/default\n    apparmor.security.beta.kubernetes.io\/allowedProfileNames: runtime\/default\n    apparmor.security.beta.kubernetes.io\/defaultProfileName: runtime\/default\nspec:\n  privileged: false\n  volumes:\n    - configMap\n    - secret\n    - emptyDir\n    - hostPath\n  allowedHostPaths:\n    - pathPrefix: \"\/etc\/cni\/net.d\"\n    - pathPrefix: \"\/etc\/kube-flannel\"\n    - pathPrefix: \"\/run\/flannel\"\n  readOnlyRootFilesystem: false\n  # Users and groups\n  runAsUser:\n    rule: RunAsAny\n  supplementalGroups:\n    rule: RunAsAny\n  fsGroup:\n    rule: RunAsAny\n  # Privilege Escalation\n  allowPrivilegeEscalation: false\n  defaultAllowPrivilegeEscalation: false\n  # Capabilities\n  allowedCapabilities: ['NET_ADMIN']\n  defaultAddCapabilities: []\n  requiredDropCapabilities: []\n  # Host namespaces\n  hostPID: false\n  hostIPC: false\n  hostNetwork: true\n  hostPorts:\n  - min: 0\n    max: 65535\n  # SELinux\n  seLinux:\n    # SELinux is unused in CaaSP\n    rule: 'RunAsAny'\n---\nkind: ClusterRole\napiVersion: rbac.authorization.k8s.io\/v1beta1\nmetadata:\n  name: flannel\nrules:\n  - apiGroups: ['extensions']\n    resources: ['podsecuritypolicies']\n    verbs: ['use']\n    resourceNames: ['psp.flannel.unprivileged']\n  - apiGroups:\n      - \"\"\n    resources:\n      - pods\n    verbs:\n      - get\n  - apiGroups:\n      - \"\"\n    resources:\n      - nodes\n    verbs:\n      - list\n      - watch\n  - apiGroups:\n      - \"\"\n    resources:\n      - nodes\/status\n    verbs:\n      - patch\n---\nkind: ClusterRoleBinding\napiVersion: rbac.authorization.k8s.io\/v1beta1\nmetadata:\n  name: flannel\nroleRef:\n  apiGroup: rbac.authorization.k8s.io\n  kind: ClusterRole\n  name: flannel\nsubjects:\n- kind: ServiceAccount\n  name: flannel\n  namespace: kube-system\n---\napiVersion: v1\nkind: ServiceAccount\nmetadata:\n  name: flannel\n  namespace: kube-system\n---\nkind: ConfigMap\napiVersion: v1\nmetadata:\n  name: kube-flannel-cfg\n  namespace: kube-system\n  labels:\n    tier: node\n    app: flannel\ndata:\n  cni-conf.json: |\n    {\n      \"name\": \"cbr0\",\n      \"cniVersion\": \"0.3.1\",\n      \"plugins\": [\n        {\n          \"type\": \"flannel\",\n          \"delegate\": {\n            \"hairpinMode\": true,\n            \"isDefaultGateway\": true\n          }\n        },\n        {\n          \"type\": \"portmap\",\n          \"capabilities\": {\n            \"portMappings\": true\n          }\n        }\n      ]\n    }\n  net-conf.json: |\n    {\n      \"Network\": \"10.244.0.0\/16\",\n      \"Backend\": {\n        \"Type\": \"vxlan\"\n      }\n    }\n---\napiVersion: apps\/v1\nkind: DaemonSet\nmetadata:\n  name: kube-flannel-ds-amd64\n  namespace: kube-system\n  labels:\n    tier: node\n    app: flannel\nspec:\n  selector:\n    matchLabels:\n      app: flannel\n  template:\n    metadata:\n      labels:\n        tier: node\n        app: flannel\n    spec:\n      affinity:\n        nodeAffinity:\n          requiredDuringSchedulingIgnoredDuringExecution:\n            nodeSelectorTerms:\n              - matchExpressions:\n                  - key: beta.kubernetes.io\/os\n                    operator: In\n                    values:\n                      - linux\n                  - key: beta.kubernetes.io\/arch\n                    operator: In\n                    values:\n                      - amd64\n      hostNetwork: true\n      tolerations:\n      - operator: Exists\n        effect: NoSchedule\n      serviceAccountName: flannel\n      initContainers:\n      - name: install-cni\n        image: quay.io\/coreos\/flannel:v0.11.0-amd64\n        command:\n        - cp\n        args:\n        - -f\n        - \/etc\/kube-flannel\/cni-conf.json\n        - \/etc\/cni\/net.d\/10-flannel.conflist\n        volumeMounts:\n        - name: cni\n          mountPath: \/etc\/cni\/net.d\n        - name: flannel-cfg\n          mountPath: \/etc\/kube-flannel\/\n      containers:\n      - name: kube-flannel\n        image: quay.io\/coreos\/flannel:v0.11.0-amd64\n        command:\n        - \/opt\/bin\/flanneld\n        args:\n        - --ip-masq\n        - --kube-subnet-mgr\n        resources:\n          requests:\n            cpu: \"100m\"\n            memory: \"50Mi\"\n          limits:\n            cpu: \"100m\"\n            memory: \"50Mi\"\n        securityContext:\n          privileged: false\n          capabilities:\n            add: [\"NET_ADMIN\"]\n        env:\n        - name: POD_NAME\n          valueFrom:\n            fieldRef:\n              fieldPath: metadata.name\n        - name: POD_NAMESPACE\n          valueFrom:\n            fieldRef:\n              fieldPath: metadata.namespace\n        volumeMounts:\n        - name: run\n          mountPath: \/run\/flannel\n        - name: flannel-cfg\n          mountPath: \/etc\/kube-flannel\/\n      volumes:\n        - name: run\n          hostPath:\n            path: \/run\/flannel\n        - name: cni\n          hostPath:\n            path: \/etc\/cni\/net.d\n        - name: flannel-cfg\n          configMap:\n            name: kube-flannel-cfg\n---\napiVersion: apps\/v1\nkind: DaemonSet\nmetadata:\n  name: kube-flannel-ds-arm64\n  namespace: kube-system\n  labels:\n    tier: node\n    app: flannel\nspec:\n  selector:\n    matchLabels:\n      app: flannel\n  template:\n    metadata:\n      labels:\n        tier: node\n        app: flannel\n    spec:\n      affinity:\n        nodeAffinity:\n          requiredDuringSchedulingIgnoredDuringExecution:\n            nodeSelectorTerms:\n              - matchExpressions:\n                  - key: beta.kubernetes.io\/os\n                    operator: In\n                    values:\n                      - linux\n                  - key: beta.kubernetes.io\/arch\n                    operator: In\n                    values:\n                      - arm64\n      hostNetwork: true\n      tolerations:\n      - operator: Exists\n        effect: NoSchedule\n      serviceAccountName: flannel\n      initContainers:\n      - name: install-cni\n        image: quay.io\/coreos\/flannel:v0.11.0-arm64\n        command:\n        - cp\n        args:\n        - -f\n        - \/etc\/kube-flannel\/cni-conf.json\n        - \/etc\/cni\/net.d\/10-flannel.conflist\n        volumeMounts:\n        - name: cni\n          mountPath: \/etc\/cni\/net.d\n        - name: flannel-cfg\n          mountPath: \/etc\/kube-flannel\/\n      containers:\n      - name: kube-flannel\n        image: quay.io\/coreos\/flannel:v0.11.0-arm64\n        command:\n        - \/opt\/bin\/flanneld\n        args:\n        - --ip-masq\n        - --kube-subnet-mgr\n        resources:\n          requests:\n            cpu: \"100m\"\n            memory: \"50Mi\"\n          limits:\n            cpu: \"100m\"\n            memory: \"50Mi\"\n        securityContext:\n          privileged: false\n          capabilities:\n             add: [\"NET_ADMIN\"]\n        env:\n        - name: POD_NAME\n          valueFrom:\n            fieldRef:\n              fieldPath: metadata.name\n        - name: POD_NAMESPACE\n          valueFrom:\n            fieldRef:\n              fieldPath: metadata.namespace\n        volumeMounts:\n        - name: run\n          mountPath: \/run\/flannel\n        - name: flannel-cfg\n          mountPath: \/etc\/kube-flannel\/\n      volumes:\n        - name: run\n          hostPath:\n            path: \/run\/flannel\n        - name: cni\n          hostPath:\n            path: \/etc\/cni\/net.d\n        - name: flannel-cfg\n          configMap:\n            name: kube-flannel-cfg\n---\napiVersion: apps\/v1\nkind: DaemonSet\nmetadata:\n  name: kube-flannel-ds-arm\n  namespace: kube-system\n  labels:\n    tier: node\n    app: flannel\nspec:\n  selector:\n    matchLabels:\n      app: flannel\n  template:\n    metadata:\n      labels:\n        tier: node\n        app: flannel\n    spec:\n      affinity:\n        nodeAffinity:\n          requiredDuringSchedulingIgnoredDuringExecution:\n            nodeSelectorTerms:\n              - matchExpressions:\n                  - key: beta.kubernetes.io\/os\n                    operator: In\n                    values:\n                      - linux\n                  - key: beta.kubernetes.io\/arch\n                    operator: In\n                    values:\n                      - arm\n      hostNetwork: true\n      tolerations:\n      - operator: Exists\n        effect: NoSchedule\n      serviceAccountName: flannel\n      initContainers:\n      - name: install-cni\n        image: quay.io\/coreos\/flannel:v0.11.0-arm\n        command:\n        - cp\n        args:\n        - -f\n        - \/etc\/kube-flannel\/cni-conf.json\n        - \/etc\/cni\/net.d\/10-flannel.conflist\n        volumeMounts:\n        - name: cni\n          mountPath: \/etc\/cni\/net.d\n        - name: flannel-cfg\n          mountPath: \/etc\/kube-flannel\/\n      containers:\n      - name: kube-flannel\n        image: quay.io\/coreos\/flannel:v0.11.0-arm\n        command:\n        - \/opt\/bin\/flanneld\n        args:\n        - --ip-masq\n        - --kube-subnet-mgr\n        resources:\n          requests:\n            cpu: \"100m\"\n            memory: \"50Mi\"\n          limits:\n            cpu: \"100m\"\n            memory: \"50Mi\"\n        securityContext:\n          privileged: false\n          capabilities:\n             add: [\"NET_ADMIN\"]\n        env:\n        - name: POD_NAME\n          valueFrom:\n            fieldRef:\n              fieldPath: metadata.name\n        - name: POD_NAMESPACE\n          valueFrom:\n            fieldRef:\n              fieldPath: metadata.namespace\n        volumeMounts:\n        - name: run\n          mountPath: \/run\/flannel\n        - name: flannel-cfg\n          mountPath: \/etc\/kube-flannel\/\n      volumes:\n        - name: run\n          hostPath:\n            path: \/run\/flannel\n        - name: cni\n          hostPath:\n            path: \/etc\/cni\/net.d\n        - name: flannel-cfg\n          configMap:\n            name: kube-flannel-cfg\n---\napiVersion: apps\/v1\nkind: DaemonSet\nmetadata:\n  name: kube-flannel-ds-ppc64le\n  namespace: kube-system\n  labels:\n    tier: node\n    app: flannel\nspec:\n  selector:\n    matchLabels:\n      app: flannel\n  template:\n    metadata:\n      labels:\n        tier: node\n        app: flannel\n    spec:\n      affinity:\n        nodeAffinity:\n          requiredDuringSchedulingIgnoredDuringExecution:\n            nodeSelectorTerms:\n              - matchExpressions:\n                  - key: beta.kubernetes.io\/os\n                    operator: In\n                    values:\n                      - linux\n                  - key: beta.kubernetes.io\/arch\n                    operator: In\n                    values:\n                      - ppc64le\n      hostNetwork: true\n      tolerations:\n      - operator: Exists\n        effect: NoSchedule\n      serviceAccountName: flannel\n      initContainers:\n      - name: install-cni\n        image: quay.io\/coreos\/flannel:v0.11.0-ppc64le\n        command:\n        - cp\n        args:\n        - -f\n        - \/etc\/kube-flannel\/cni-conf.json\n        - \/etc\/cni\/net.d\/10-flannel.conflist\n        volumeMounts:\n        - name: cni\n          mountPath: \/etc\/cni\/net.d\n        - name: flannel-cfg\n          mountPath: \/etc\/kube-flannel\/\n      containers:\n      - name: kube-flannel\n        image: quay.io\/coreos\/flannel:v0.11.0-ppc64le\n        command:\n        - \/opt\/bin\/flanneld\n        args:\n        - --ip-masq\n        - --kube-subnet-mgr\n        resources:\n          requests:\n            cpu: \"100m\"\n            memory: \"50Mi\"\n          limits:\n            cpu: \"100m\"\n            memory: \"50Mi\"\n        securityContext:\n          privileged: false\n          capabilities:\n             add: [\"NET_ADMIN\"]\n        env:\n        - name: POD_NAME\n          valueFrom:\n            fieldRef:\n              fieldPath: metadata.name\n        - name: POD_NAMESPACE\n          valueFrom:\n            fieldRef:\n              fieldPath: metadata.namespace\n        volumeMounts:\n        - name: run\n          mountPath: \/run\/flannel\n        - name: flannel-cfg\n          mountPath: \/etc\/kube-flannel\/\n      volumes:\n        - name: run\n          hostPath:\n            path: \/run\/flannel\n        - name: cni\n          hostPath:\n            path: \/etc\/cni\/net.d\n        - name: flannel-cfg\n          configMap:\n            name: kube-flannel-cfg\n---\napiVersion: apps\/v1\nkind: DaemonSet\nmetadata:\n  name: kube-flannel-ds-s390x\n  namespace: kube-system\n  labels:\n    tier: node\n    app: flannel\nspec:\n  selector:\n    matchLabels:\n      app: flannel\n  template:\n    metadata:\n      labels:\n        tier: node\n        app: flannel\n    spec:\n      affinity:\n        nodeAffinity:\n          requiredDuringSchedulingIgnoredDuringExecution:\n            nodeSelectorTerms:\n              - matchExpressions:\n                  - key: beta.kubernetes.io\/os\n                    operator: In\n                    values:\n                      - linux\n                  - key: beta.kubernetes.io\/arch\n                    operator: In\n                    values:\n                      - s390x\n      hostNetwork: true\n      tolerations:\n      - operator: Exists\n        effect: NoSchedule\n      serviceAccountName: flannel\n      initContainers:\n      - name: install-cni\n        image: quay.io\/coreos\/flannel:v0.11.0-s390x\n        command:\n        - cp\n        args:\n        - -f\n        - \/etc\/kube-flannel\/cni-conf.json\n        - \/etc\/cni\/net.d\/10-flannel.conflist\n        volumeMounts:\n        - name: cni\n          mountPath: \/etc\/cni\/net.d\n        - name: flannel-cfg\n          mountPath: \/etc\/kube-flannel\/\n      containers:\n      - name: kube-flannel\n        image: quay.io\/coreos\/flannel:v0.11.0-s390x\n        command:\n        - \/opt\/bin\/flanneld\n        args:\n        - --ip-masq\n        - --kube-subnet-mgr\n        resources:\n          requests:\n            cpu: \"100m\"\n            memory: \"50Mi\"\n          limits:\n            cpu: \"100m\"\n            memory: \"50Mi\"\n        securityContext:\n          privileged: false\n          capabilities:\n             add: [\"NET_ADMIN\"]\n        env:\n        - name: POD_NAME\n          valueFrom:\n            fieldRef:\n              fieldPath: metadata.name\n        - name: POD_NAMESPACE\n          valueFrom:\n            fieldRef:\n              fieldPath: metadata.namespace\n        volumeMounts:\n        - name: run\n          mountPath: \/run\/flannel\n        - name: flannel-cfg\n          mountPath: \/etc\/kube-flannel\/\n      volumes:\n        - name: run\n          hostPath:\n            path: \/run\/flannel\n        - name: cni\n          hostPath:\n            path: \/etc\/cni\/net.d\n        - name: flannel-cfg\n          configMap:\n            name: kube-flannel-cfg<\/pre>\n","protected":false},"excerpt":{"rendered":"
CentOS 8.0\u603b\u7b97\u662f\u5728XX\u4e91\u4e0a\u7528\u4e86\uff0c\u6211\u5c31\u60f3\u7740\u628a\u8001\u67b6\u6784\uff08LNMPR\uff09\u6539\u6210\u7528kubernetes\uff0c\u4e0d\u5f97\u4e0d\u8bf4\u5bb9 […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[20],"tags":[],"class_list":["post-411","post","type-post","status-publish","format-standard","hentry","category-kubernetes"],"blocksy_meta":{"styles_descriptor":{"styles":{"desktop":"","tablet":"","mobile":""},"google_fonts":[],"version":6}},"views":7620,"_links":{"self":[{"href":"https:\/\/www.luyouli.com\/index.php?rest_route=\/wp\/v2\/posts\/411","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.luyouli.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.luyouli.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.luyouli.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.luyouli.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=411"}],"version-history":[{"count":19,"href":"https:\/\/www.luyouli.com\/index.php?rest_route=\/wp\/v2\/posts\/411\/revisions"}],"predecessor-version":[{"id":440,"href":"https:\/\/www.luyouli.com\/index.php?rest_route=\/wp\/v2\/posts\/411\/revisions\/440"}],"wp:attachment":[{"href":"https:\/\/www.luyouli.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=411"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.luyouli.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=411"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.luyouli.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=411"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}