# Rancher custom create k3s 更換 cni 為 calico * 在 rancher 編輯 k3s 的 cluster.yaml ``` spec: ...... rkeConfig: ...... machineGlobalConfig: flannel-backend: none # k3s cni 預設為 flannel,把它設為 none ``` ![image](https://hackmd.io/_uploads/rkSmj_sAyx.png) * 下載 calico.yaml,並放到 `/var/lib/rancher/k3s/server/manifests/` 目錄下 ``` $ curl -O https://raw.githubusercontent.com/projectcalico/calico/v3.29.3/manifests/calico.yaml $ cp calico.yaml /var/lib/rancher/k3s/server/manifests/ $ ls -l /var/lib/rancher/k3s/server/manifests/ total 348 -rw-r--r-- 1 root root 324369 Apr 15 14:21 calico.yaml -rw------- 1 root root 1914 Apr 15 14:20 ccm.yaml -rw------- 1 root root 4990 Apr 15 14:20 coredns.yaml -rw------- 1 root root 3392 Apr 15 14:20 local-storage.yaml drwx------ 1 root root 330 Apr 15 14:20 metrics-server drwxr-xr-x 1 root root 182 Apr 15 14:19 rancher -rw------- 1 root root 1633 Apr 15 14:20 rolebindings.yaml -rw------- 1 root root 927 Apr 15 14:20 runtimes.yaml -rw------- 1 root root 1126 Apr 15 14:20 traefik.yaml ``` * k3s 部屬完成 ``` $ kubectl get po -A NAMESPACE NAME READY STATUS RESTARTS AGE cattle-fleet-system fleet-agent-0 2/2 Running 0 58s cattle-system apply-system-agent-upgrader-on-k3s-with-4cc717cd9c5c0f5e4-b52vb 0/1 Completed 0 38s cattle-system cattle-cluster-agent-554659584b-r4gzp 1/1 Running 0 105s cattle-system helm-operation-6gvxb 0/2 Completed 0 76s cattle-system helm-operation-cxvmq 0/2 Completed 0 31s cattle-system rancher-webhook-767dd4dc9d-smrg6 1/1 Running 0 59s cattle-system system-upgrade-controller-56696956b-qtsrx 1/1 Running 0 51s kube-system calico-kube-controllers-78576cf5c8-t8nm6 1/1 Running 0 3m40s kube-system calico-node-j5jpb 1/1 Running 0 3m40s kube-system coredns-9b9499f65-xf2vx 1/1 Running 0 5m21s kube-system helm-install-traefik-cbdw8 0/1 Completed 2 5m21s kube-system helm-install-traefik-crd-5qqhz 0/1 Completed 0 5m21s kube-system local-path-provisioner-86d975c679-t52n4 1/1 Running 0 5m21s kube-system metrics-server-5bbd6c9f9c-wrblj 1/1 Running 0 5m21s kube-system svclb-traefik-a45d450e-q2z78 2/2 Running 0 2m32s kube-system traefik-5cb64fb94-vrlvz 1/1 Running 0 2m32s ``` * 修改 calico 環境變數,指定要認本機的 `eth0` 網卡,修改 calico-node container 的環境變數。 ``` $ kubectl -n kube-system edit ds/calico-node ...... - name: IP_AUTODETECTION_METHOD value: interface=eth0 ``` ![image](https://hackmd.io/_uploads/rk8nTOsAye.png) * 測試 pod 是否可以上網 ``` $ kubectl create deploy test --image=nginx $ kubectl get pod NAME READY STATUS RESTARTS AGE test-556b4dcc6c-lzrcl 1/1 Running 0 23s $ kubectl exec test-556b4dcc6c-lzrcl -- curl www.google.com ``` ## 參考 https://docs.tigera.io/calico/latest/reference/configure-calico-node#:~:text=IPv6-,IP_AUTODETECTION_METHOD,-The%20method%20to