E0228 07:32:28.912833       1 reflector.go:201] k8s.io/dns/pkg/dns/dns.go:147: Failed to list *v1.Endpoints: Get https://10.0.0.1:443/api/v1/endpoints?resourceVersion=0: x509: certificate is valid for 10.254.0.1, 109.105.4.65, not 10.0.0.1

在生成证书的 master_ssl.cnf

指定的 IP.1 = 10.254.0.1

etcdctl -C http://localhost:4001 set /coreos.com/network/config '{"Network":"10.254.0.0/16"}'

重起 flanneld

# etcdctl -C http://109.105.30.132:4001 ls /coreos.com/network/subnets

/coreos.com/network/subnets/10.254.20.0-24

/coreos.com/network/subnets/10.254.50.0-24

/coreos.com/network/subnets/10.254.43.0-24

/coreos.com/network/subnets/10.254.67.0-24

nohup flanneld -etcd-endpoints=http://109.105.30.132:4001 > flanneld.log 2>&1 &

api server 启动参数 --service-cluster-ip-range=10.254.0.0/16

========================================================

kubelet 启动参数增加 --cluster-dns=10.254.0.100 --cluster-domain=cluster.local

测试 创建busybox pod

kubectl exec busybox -- nslookup svc

////////////////////////////////////////////////////////////////////////

修改docker0 网桥的地址

./mk-docker-opts.sh -i                 (flannel 解压包里)

source /run/flannel/subnet.env

ifconfig docker0 $FLANNEL_SUBNET

systemctl restart docker

----------------------------------------------------

如果不行

centos7:

vi /usr/lib/systemd/system/docker.service

启动参数加上 --bip=${FLANNEL_SUBNET}

vi /etc/systemd/system/docker.service.d/env.conf

[Service] Environment="HTTP_PROXY=http://109.105.4.17:8119" "HTTPS_PROXY=http://109.105.4.17:8119" "NO_PROXY=localhost,127.0.0.1,registry.cn-hangzhou.aliyuncs.com,docker.io,registry.bst-1.cns.bstjpc.com" "FLANNEL_SUBNET=10.254.39.1/24"

systemctl daemon-reload

systemctl restart docker

-------------------------------------------------------------

ubuntu14:

vi /etc/default/docker

DOCKER_OPTS="--bip=10.254.61.1/24"

service docker restart

-------------------------------

ubuntu16:

vi /etc/systemd/system/docker.service.d/docker.conf
[service]
Environment="FLANNEL_SUBNET=10.254.43.1/24"

/lib/systemd/system

05-11 19:40