配置calicoctl

在官网下载calicoctl二进制文件，并给予可执行权限

curl -O -L  https://github.com/projectcalico/calicoctl/releases/download/v3.13.2/calicoctl

在master节点上配置

export DATASTORE_TYPE=kubernetes
export KUBECONFIG=~/.kube/config

测试

./calicoctl get nodes

部署路由反射器RR

[root@localhost ~]# yum install -y bird bird6

编辑bird配置文件

[root@localhost ~]# cat /etc/bird.conf|sed '/^#/d'|sed '/^$/d'
/*
 *	This is an example configuration file.
 */
router id 10.19.161.122;
protocol kernel {
	persist;		# Don't remove routes on bird shutdown
	scan time 20;		# Scan kernel routing table every 20 seconds
	export all;		# Default is export none
}
protocol device {
	scan time 10;		# Scan interfaces every 10 seconds
}
protocol static {
}
template bgp rr_client {
	local as 64512;
	multihop;
	rr client;
	graceful restart;
	import all;
	export all;
}
protocol bgp shen_mater150 from rr_client {
	description "10.19.161.150";
	neighbor 10.19.161.150 as 64512;
}
protocol bgp shen_mater151 from rr_client {
	description "10.19.161.151";
	neighbor 10.19.161.151 as 64512;
}
protocol bgp shen_mater152 from rr_client {
	description "10.19.161.152";
	neighbor 10.19.161.152 as 64512;
}
protocol bgp shen_master1 from rr_client {
	description "10.19.161.100";
	neighbor 10.19.161.100 as 64512;
}
protocol bgp shen_master2 from rr_client {
	description "10.19.161.101";
	neighbor 10.19.161.101 as 64512;
}
protocol bgp shen_master3 from rr_client {
	description "10.19.161.102";
	neighbor 10.19.161.102 as 64512;
}
protocol bgp shen_node141 from rr_client {
	description "10.19.164.141";
	neighbor 10.19.164.141 as 64512;
}

关闭原集群中bgp的NodeMesh模式

[root@shen-master150 calico]# cat stop.yaml 
apiVersion: projectcalico.org/v3
kind: BGPConfiguration
metadata:
  name: default
spec:
  logSeverityScreen: Info
  nodeToNodeMeshEnabled: false
  asNumber: 64512
[root@shen-master150 calico]# calicoctl create -f stop.yaml 
[root@shen-master150 calico]# calicoctl get bgpconfig
NAME      LOGSEVERITY   MESHENABLED   ASNUMBER   
default   Info          false         64512 

给calico集群指定一个全局的bpg邻居，即路由反射器

[root@shen-master150 calico]# cat stop.yaml 
apiVersion: projectcalico.org/v3
kind: BGPConfiguration
metadata:
  name: default
spec:
  logSeverityScreen: Info
  nodeToNodeMeshEnabled: false
  asNumber: 64512
[root@shen-master150 calico]# calicoctl create -f stop.yaml ^C
[root@shen-master150 calico]# cat bgp.yaml 
apiVersion: projectcalico.org/v3
kind: BGPPeer
metadata:
  name: bgppeer-global
spec:
  peerIP: 10.19.161.122
  asNumber: 64512
[root@shen-master150 calico]# calicoctl create -f bgp.yaml 

查看状态

[root@shen-master150 calico]# calicoctl node status
Calico process is running.

IPv4 BGP status
+---------------+-----------+-------+----------+-------------+
| PEER ADDRESS  | PEER TYPE | STATE |  SINCE   |    INFO     |
+---------------+-----------+-------+----------+-------------+
| 10.19.161.122 | global    | up    | 03:02:36 | Established |
+---------------+-----------+-------+----------+-------------+

IPv6 BGP status
No IPv6 peers found.