For information on deploying flannel manually, using the Kubernetes installer toolkit kubeadm, see Installing Kubernetes on Linux with kubeadm.
kubeadm is used, then pass
kubeadm init to ensure that the
podCIDR is set.
flannel manifest defines four things:
- A ClusterRole and ClusterRoleBinding for role based acccess control (RBAC).
- A service account for
- A ConfigMap containing both a CNI configuration and a
flannelconfiguration should match the pod network CIDR. The choice of
backendis also made here and defaults to VXLAN.
- A DaemonSet for every architecture to deploy the
flannelpod on each Node. The pod has two containers 1) the
flanneldaemon itself, and 2) an initContainer for deploying the CNI configuration to a location that the
When you run pods, they will be allocated IP addresses from the pod network CIDR. No matter which node those pods end up on, they will be able to communicate with each other.
flannel.alpha.coreos.com/public-ip-overwrite: Allows to overwrite the public IP of a node. Useful if the public IP can not determined from the node, e.G. because it is behind a NAT. It can be automatically set to a nodes
ExternalIPusing the flannel-node-annotator
Older versions of Kubernetes
kube-flannel.yaml has some features that aren't compatible with older versions of Kubernetes, though flanneld itself should work with any version of Kubernetes.
For Kubernetes v1.6~v1.15
If you see errors saying
found invalid field... when you try to apply
kube-flannel.yaml then you can try the "legacy" manifest file
kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/k8s-manifests/kube-flannel-legacy.yml
This file does not bundle RBAC permissions. If you need those, run
kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/k8s-manifests/kube-flannel-rbac.yml
If you didn't apply the
kube-flannel-rbac.yml manifest and you need to, you'll see errors in your flanneld logs about failing to connect.
Failed to create SubnetManager: error retrieving pod spec...
For Kubernetes v1.16
rbac.authorization.k8s.io/v1. When you use Kubernetes v1.16, you should replace
rbac.authorization.k8s.io/v1 had become GA from Kubernetes v1.17.
The flannel CNI plugin
Kubernetes 1.6 requires CNI plugin version 0.5.1 or later.