docker run --net=host --privileged --name=calico-node \
-
e HOSTNAME=no188 \
-
e NODENAME=${HOSTNAME} \
-
e IP=192.168.8.188 \
-
e IP6= \
-
e CALICO_NETWORKING_BACKEND= \
-
e FELIX_DEFAULTENDPOINTTOHOSTACTION=RETURN \
-
e AS= \
-
e NO_DEFAULT_POOLS= \
-
e CALICO_LIBNETWORK_ENABLED=true \
-
e CALICO_IPV4POOL_CIDR=10.233.0.0/16 \
-
e ETCD_ENDPOINTS=https://192.168.8.161:2379,https://192.168.8.162:2379,https://192.168.8.163:2379 \
-
e ETCD_CA_CERT_FILE=/etc/calico/certs/ca_cert.crt \
-
e ETCD_CERT_FILE=/etc/calico/certs/cert.crt \
-
e ETCD_KEY_FILE=/etc/calico/certs/key.pem \
-
v /var/log/calico:/var/log/calico \
-
v /run/docker/plugins:/run/docker/plugins \
-
v /lib/modules:/lib/modules \
-
v /var/run/docker.sock:/var/run/docker.sock \
-
v /var/run/calico:/var/run/calico \
-
v /etc/calico/certs:/etc/calico/certs:ro \
calico/node:v1.3.0
docker run --net=host --privileged --name=calico-node -d --restart=always \
-
v /etc/kubernetes/ssl:/etc/kubernetes/ssl \
-
e ETCD_ENDPOINTS=https://192.168.8.161:2379,https://192.168.8.162:2379,https://192.168.8.163:2379 \
-
e ETCD_KEY_FILE=/etc/kubernetes/ssl/kubernetes-key.pem \
-
e ETCD_CERT_FILE=/etc/kubernetes/ssl/kubernetes.pem \
-
e ETCD_CA_CERT_FILE=/etc/kubernetes/ssl/ca.pem \
-
e NODENAME=${HOSTNAME} \
-
e IP= \
-
e CALICO_IPV4POOL_CIDR=172.1.0.0/16 \
-
e NO_DEFAULT_POOLS= \
-
e AS= \
-
e CALICO_LIBNETWORK_ENABLED=true \
-
e IP6= \
-
e CALICO_NETWORKING_BACKEND=bird \
-
e FELIX_DEFAULTENDPOINTTOHOSTACTION=ACCEPT \
-
v /var/run/calico:/var/run/calico \
-
v /lib/modules:/lib/modules \
-
v /run/docker/plugins:/run/docker/plugins \
-
v /var/run/docker.sock:/var/run/docker.sock \
-
v /var/log/calico:/var/log/calico \
192.168.1.103/k8s_public/calico-node:v1.1.3
验证证书:
openssl x509
-noout -text -in kubernetes
.pem
docker相关的option配置温佳丽
/etc/sysconfig/docker
/etc/systemd/system/docker
.service
/etc/systemd/system/docker
.service.d/
/usr/lib/systemd/system/docker
.service
/etc/sysconfig/docker
