<ruby id="bdb3f"></ruby>

    <p id="bdb3f"><cite id="bdb3f"></cite></p>

      <p id="bdb3f"><cite id="bdb3f"><th id="bdb3f"></th></cite></p><p id="bdb3f"></p>
        <p id="bdb3f"><cite id="bdb3f"></cite></p>

          <pre id="bdb3f"></pre>
          <pre id="bdb3f"><del id="bdb3f"><thead id="bdb3f"></thead></del></pre>

          <ruby id="bdb3f"><mark id="bdb3f"></mark></ruby><ruby id="bdb3f"></ruby>
          <pre id="bdb3f"><pre id="bdb3f"><mark id="bdb3f"></mark></pre></pre><output id="bdb3f"></output><p id="bdb3f"></p><p id="bdb3f"></p>

          <pre id="bdb3f"><del id="bdb3f"><progress id="bdb3f"></progress></del></pre>

                <ruby id="bdb3f"></ruby>

                合規國際互聯網加速 OSASE為企業客戶提供高速穩定SD-WAN國際加速解決方案。 廣告
                [TOC] 本次主題:在現有集群上安裝 Calico API 服務器,以便使用 kubectl 管理 Calico API API 服務器為 Calico 提供 REST API,并允許使用 kubectl 管理 projectcalico.org/v3 API,而無需 calicoctl > 注意:從 Calico v3.20.0 開始,新的基于 operator 方式的 Calico 安裝默認包含 API 服務器組件,因此不需要本文檔中的說明。 # 前提條件 - 確保您有一個使用 Kubernetes API 數據存儲安裝了 Calico 的集群。 如果沒有,您可以從 etcd 遷移。 - 使用適當的升級說明升級到 Calico v3.20+。 - 對于不是通過 `operator` 安裝,您將需要一臺安裝了 openssl 的計算機 # 安裝calico Apiserver ## 創建 Calico API 證書 ```shell openssl genrsa -out apiserver.key 2048 openssl req -new -key apiserver.key -out apiserver.csr -subj "/CN=calico-apiserver" echo "subjectAltName=DNS:calico-api.calico-apiserver.svc" > ./cert_extensions openssl x509 -req -in apiserver.csr -signkey apiserver.key -out apiserver.crt -days 3650 -extfile ./cert_extensions openssl x509 -noout -text -in apiserver.crt ``` ## 將證書提供 calico Apiserver 使用 ```shell kubectl create secret -n calico-apiserver generic calico-apiserver-certs --from-file=apiserver.key --from-file=apiserver.crt ``` ## 創建 calico APIserver ```shell curl -o /etc/kubernetes/addons/calico-apiserver.yaml https://projectcalico.docs.tigera.io/archive/v3.23/manifests/apiserver.yaml kubectl apply -f /etc/kubernetes/addons/calico-apiserver.yaml ``` ## 將證書綁定 calico Apiserver 服務 ```shell # calico apiserver容器啟動成功的話,AVAILABLE字段會顯示為True $ kubectl get apiservice v3.projectcalico.org NAME SERVICE AVAILABLE AGE v3.projectcalico.org calico-apiserver/calico-api True 11m kubectl patch apiservice v3.projectcalico.org -p \ "{\"spec\": {\"caBundle\": \"$(kubectl get secret -n calico-apiserver calico-apiserver-certs -o go-template='{{ index .data "apiserver.crt" }}')\"}}" ``` ## 檢查API是否可用 ```shell $ kubectl api-resources | grep '\sprojectcalico.org' bgpconfigurations bgpconfig,bgpconfigs projectcalico.org/v3 false BGPConfiguration bgppeers projectcalico.org/v3 false BGPPeer caliconodestatuses caliconodestatus projectcalico.org/v3 false CalicoNodeStatus clusterinformations clusterinfo projectcalico.org/v3 false ClusterInformation felixconfigurations felixconfig,felixconfigs projectcalico.org/v3 false FelixConfiguration globalnetworkpolicies gnp,cgnp,calicoglobalnetworkpolicies projectcalico.org/v3 false GlobalNetworkPolicy globalnetworksets projectcalico.org/v3 false GlobalNetworkSet hostendpoints hep,heps projectcalico.org/v3 false HostEndpoint ippools projectcalico.org/v3 false IPPool ipreservations projectcalico.org/v3 false IPReservation kubecontrollersconfigurations projectcalico.org/v3 false KubeControllersConfiguration networkpolicies cnp,caliconetworkpolicy,caliconetworkpolicies projectcalico.org/v3 true NetworkPolicy networksets netsets projectcalico.org/v3 true NetworkSet profiles projectcalico.org/v3 false Profile $ kubectl get ippool -owide NAME CREATED AT default-ipv4-ippool 2024-03-01T02:15:47Z $ kubectl describe ippool default-ipv4-ippool Name: default-ipv4-ippool Namespace: Labels: <none> Annotations: <none> API Version: projectcalico.org/v3 Kind: IPPool Metadata: Creation Timestamp: 2024-03-01T02:15:47Z Resource Version: 314593 UID: df19c8a5-7cfd-405c-9058-ec092f3a6b79 Spec: Allowed Uses: Workload Tunnel Block Size: 26 Cidr: 172.26.0.0/16 Ipip Mode: Never Nat Outgoing: true Node Selector: all() Vxlan Mode: Never Events: <none> ``` >[danger] 注意:kubectl 可能會繼續首選 crd.projectcalico.org API 組,因為它在本地緩存 API 的方式。 您可以通過刪除集群的緩存目錄來強制 kubectl 更新。 默認情況下,緩存位于 $(HOME)/.kube/cache 中。 # 卸載calico Apiserver ```shell kubectl delete -f /etc/kubernetes/addons/calico-apiserver.yaml ```
                  <ruby id="bdb3f"></ruby>

                  <p id="bdb3f"><cite id="bdb3f"></cite></p>

                    <p id="bdb3f"><cite id="bdb3f"><th id="bdb3f"></th></cite></p><p id="bdb3f"></p>
                      <p id="bdb3f"><cite id="bdb3f"></cite></p>

                        <pre id="bdb3f"></pre>
                        <pre id="bdb3f"><del id="bdb3f"><thead id="bdb3f"></thead></del></pre>

                        <ruby id="bdb3f"><mark id="bdb3f"></mark></ruby><ruby id="bdb3f"></ruby>
                        <pre id="bdb3f"><pre id="bdb3f"><mark id="bdb3f"></mark></pre></pre><output id="bdb3f"></output><p id="bdb3f"></p><p id="bdb3f"></p>

                        <pre id="bdb3f"><del id="bdb3f"><progress id="bdb3f"></progress></del></pre>

                              <ruby id="bdb3f"></ruby>

                              哎呀哎呀视频在线观看