Because the current version of flannel does 0.12.0not support it etcd v3, you need to use the etcd v2API to write the configuration, otherwise the written key will not be found when you start flanneld later
mk-docker-opts.sh The script writes the Pod subnet information allocated to flanneld into the /run/flannel/docker file, and then uses the environment variables in this file to configure the docker0 bridge when docker starts
flanneld interfaces communicate with other nodes where the system default route for node has a plurality of network interfaces (e.g., network and the public network), and can -ifacespecify a communication interface parameters
-ip-masq flanneld sets SNAT rules for traffic outside the access Pod network, and at the same time sets the variable -ip-masq passed to Docker (in the /run/flannel/docker file) to false, so that Docker will no longer create SNAT rules;
When Docker's -ip-masq is true, the created SNAT rule is more "violent": all requests initiated by the node's Pod to access non-docker0 interfaces will be SNATed, so that the request source IP for accessing other node's Pods will be set to flannel .1 The IP of the interface, the destination Pod cannot see the real source Pod IP.
The SNAT rules created by flanneld are relatively mild, and only do SNAT for requests to access non-Pod network segments.
1.3.5. Distribute the flannel certificate and startup files to all nodes