操作步骤如下:
1.在vmware vsphere上配置所有主机使用的端口组安全项
Forged transmits 设置为: Accept Promiscuous Mode 设置为:Accept Promiscuous Mode(混杂模式)和Forged Transmits(伪传输)
2.给每台主机添加第二块网卡
3.创建网络定义
DHCP类型
yaml
apiVersion: k8s.cni.cncf.io/v1
kind: NetworkAttachmentDefinition
metadata:
name: net10
namespace: default
spec:
config: |-
{
"cniVersion": "0.3.1",
"name": "net10",
"type": "macvlan",
"master": "ens224",①
"mode": "bridge",
"ipam": {
"type": "whereabouts",
"range": "10.10.10.0/24",②
"range_start": "10.10.10.100",③
"range_end": "10.10.10.200",④
"routes": [
{ "dst": "10.10.0.0/16","gw": "10.10.10.1"}⑤
]
}
}① 第二块网卡名称
② 第二块网卡所在网络CIDR
③ ④IP地址池范围
④ 自定义路由
静态IP类型
yaml
apiVersion: k8s.cni.cncf.io/v1
kind: NetworkAttachmentDefinition
metadata:
name: net10-static
namespace: default
spec:
config: |-
{
"cniVersion": "0.3.1",
"name": "net10-static",
"type": "macvlan",
"master": "ens224",
"mode": "bridge",
"ipam": {
"type": "static",
"routes": [
{ "dst": "10.10.0.0/16", "gw": "10.10.10.1" }
]
}
}pod使用多网络 ,给POD指定注解:
yaml
#DHCP方式:
metadata:
annotations:
k8s.v1.cni.cncf.io/networks: default/net10
#静态IP方式:
metadata:
annotations:
k8s.v1.cni.cncf.io/networks: '[{"name": "net10-static", "namespace":"default" ,"ips": ["10.10.10.188/24" ]}]'给StatefulSet/Deployement指定注解:
yaml
#DHCP方式:
spec:
template:
metadata:
annotations:
k8s.v1.cni.cncf.io/networks: default/net10
#静态IP方式:replicas只能为1
spec:
template:
metadata:
annotations:
k8s.v1.cni.cncf.io/networks: '[{"name": "net10-static", "namespace":"default" ,"ips": ["10.10.10.102/24" ]}]'