Solution Deploy Network Solution
- How to deploy a
weave-netnetworking solution in the cluster? - An example
weave-daemonset-k8s.yamlmanifest file: ``` apiVersion: v1 kind: List items:- apiVersion: v1 kind: ServiceAccount metadata: name: weave-net labels: name: weave-net namespace: kube-system
- apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: weave-net
labels:
name: weave-net
rules:
- apiGroups:
- ’’ resources:
- pods
- namespaces
- nodes verbs:
- get
- list
- watch
- apiGroups:
- extensions resources:
- networkpolicies verbs:
- get
- list
- watch
- apiGroups:
- ‘networking.k8s.io’ resources:
- networkpolicies verbs:
- get
- list
- watch
- apiGroups:
- ’’ resources:
- nodes/status verbs:
- patch
- update
- apiGroups:
- apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: weave-net
labels:
name: weave-net
roleRef:
kind: ClusterRole
name: weave-net
apiGroup: rbac.authorization.k8s.io
subjects:
- kind: ServiceAccount name: weave-net namespace: kube-system
- apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: weave-net
namespace: kube-system
labels:
name: weave-net
rules:
- apiGroups:
- ’’ resources:
- configmaps resourceNames:
- weave-net verbs:
- get
- update
- apiGroups:
- ’’ resources:
- configmaps verbs:
- create
- apiGroups:
- apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: weave-net
namespace: kube-system
labels:
name: weave-net
roleRef:
kind: Role
name: weave-net
apiGroup: rbac.authorization.k8s.io
subjects:
- kind: ServiceAccount name: weave-net namespace: kube-system
- apiVersion: apps/v1 kind: DaemonSet metadata: name: weave-net labels: name: weave-net namespace: kube-system spec: # Wait 5 seconds to let pod connect before rolling next pod selector: matchLabels: name: weave-net minReadySeconds: 5 template: metadata: labels: name: weave-net spec: initContainers: - name: weave-init image: ‘weaveworks/weave-kube:2.8.1’ command: - /home/weave/init.sh env: securityContext: privileged: true volumeMounts: - name: cni-bin mountPath: /host/opt - name: cni-bin2 mountPath: /host/home - name: cni-conf mountPath: /host/etc - name: lib-modules mountPath: /lib/modules - name: xtables-lock mountPath: /run/xtables.lock readOnly: false containers: - name: weave command: - /home/weave/launch.sh env: - name: IPALLOC_RANGE value: 10.32.1.0/24 - name: INIT_CONTAINER value: “true” - name: HOSTNAME valueFrom: fieldRef: apiVersion: v1 fieldPath: spec.nodeName image: ‘weaveworks/weave-kube:2.8.1’ readinessProbe: httpGet: host: 127.0.0.1 path: /status port: 6784 resources: requests: cpu: 50m securityContext: privileged: true volumeMounts: - name: weavedb mountPath: /weavedb - name: dbus mountPath: /host/var/lib/dbus readOnly: true - mountPath: /host/etc/machine-id name: cni-machine-id readOnly: true - name: xtables-lock mountPath: /run/xtables.lock readOnly: false - name: weave-npc env: - name: HOSTNAME valueFrom: fieldRef: apiVersion: v1 fieldPath: spec.nodeName image: ‘weaveworks/weave-npc:2.8.1’ #npc-args resources: requests: cpu: 50m securityContext: privileged: true volumeMounts: - name: xtables-lock mountPath: /run/xtables.lock readOnly: false hostNetwork: true dnsPolicy: ClusterFirstWithHostNet hostPID: false restartPolicy: Always securityContext: seLinuxOptions: {} serviceAccountName: weave-net tolerations: - effect: NoSchedule operator: Exists - effect: NoExecute operator: Exists volumes: - name: weavedb hostPath: path: /var/lib/weave - name: cni-bin hostPath: path: /opt - name: cni-bin2 hostPath: path: /home - name: cni-conf hostPath: path: /etc - name: cni-machine-id hostPath: path: /etc/machine-id - name: dbus hostPath: path: /var/lib/dbus - name: lib-modules hostPath: path: /lib/modules - name: xtables-lock hostPath: path: /run/xtables.lock type: FileOrCreate priorityClassName: system-node-critical updateStrategy: type: RollingUpdate ```
- Deploy the file with this command:
kubectl apply -f /root/weave/weave-daemonset-k8s.yaml