1-环境配置.docx
免费下载
虚拟机配置
操作系统
:Centos7.9
CPU : 2C
内存
: 8G
磁盘
: 20G
网络规划
10.10.39.60 k8s-master01
10.10.39.61 k8s-master02
10.10.39.62 k8s-master03
10.10.39.100 k8s-master-lb
10.10.39.70 k8s-node01
10.10.39.71 k8s-node02
安装配置部分
互信
ssh-keygen -t rsa
for i in K8S-Master01 K8S-Master02 K8S-Master03 K8S-Node01 K8S-Node02;do
ssh-copy-id -i .ssh/id_rsa.pub $i;done
Yum
和安装需要的依赖
curl -o /etc/yum.repos.d/CentOS-Base.repo
https://mirrors.aliyun.com/repo/Centos-7.repo
yum install -y yum-utils device-mapper-persistent-data lvm2
yum-config-manager --add-repo https://mirrors.aliyun.com/docker-
ce/linux/centos/docker-ce.repo
cat <<EOF > /etc/yum.repos.d/k8s.repo
[k8s]
name=k8s
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-
x86_64/
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg
https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
sed -i -e '/mirrors.cloud.aliyuncs.com/d' -e '/mirrors.aliyuncs.com/d'
/etc/yum.repos.d/CentOS-Base.repo
yum install wget jq psmisc vim net-tools telnet yum-utils device-mapper-
persistent-data lvm2 git -y
rpm -ivh http://mirrors.wlnmp.com/centos/wlnmp-release-centos.noarch.rpm
yum install ntpdate -y
yum install ipvsadm ipset sysstat conntrack libseccomp -y
yum update -y --exclude=kernel*
防火墙时间
kernel
升级
ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
echo 'Asia/Shanghai' >/etc/timezone
ntpdate time2.aliyun.com
(crontab -l; echo "*/5 * * * * /usr/sbin/ntpdate time2.aliyun.com") |
crontab -
systemctl disable --now firewalld
systemctl disable --now dnsmasq
systemctl disable --now NetworkManager
setenforce 0
sed -i 's#SELINUX=enforcing#SELINUX=disabled#g' /etc/sysconfig/selinux
sed -i 's#SELINUX=enforcing#SELINUX=disabled#g' /etc/selinux/config
swapoff -a && sysctl -w vm.swappiness=0
sed -ri '/^[^#]*swap/s@^@#@' /etc/fstab
ulimit -SHn 65535
awk 'BEGIN{printf "* soft nofile 65536\n* hard nofile 13702\n* soft nproc
65535\n* hard nproc 655350\n* soft memlock unlimited\n* hard memlock
unlimited\n" >> "/etc/security/limits.conf"}'
#内核升级
#此处需要下面两个包,可以在 findrpm 网站找到
kernel-ml-4.19.12-1.el7.elrepo.x86_64.rpm
kernel-ml-devel-4.19.12-1.el7.elrepo.x86_64.rpm
#传到每个机器
for i in K8S-Master02 K8S-Master03 K8S-Node01 K8S-Node02;do scp kernel-ml-
4.19.12-1.el7.elrepo.x86_64.rpm kernel-ml-devel-4.19.12-
1.el7.elrepo.x86_64.rpm $i:/tmp/ ; done
#安装且修改
cd /tmp && yum localinstall -y kernel-ml*
grub2-set-default 0 && grub2-mkconfig -o /etc/grub2.cfg
grubby --args="user_namespace.enable=1" --update-kernel="$(grubby --default-
kernel)"
#检查值是否为 4.19
grubby --default-kernel
yum install ipvsadm ipset sysstat conntrack libseccomp -y
#ipvs
modprobe -- ip_vs
modprobe -- ip_vs_rr
modprobe -- ip_vs_wrr
modprobe -- ip_vs_sh
modprobe -- nf_conntrack
#配置 modules
awk 'BEGIN{printf
"ip_vs\nip_vs_lc\nip_vs_wlc\nip_vs_rr\nip_vs_wrr\nip_vs_lblc\nip_vs_lblcr\ni
p_vs_dh\nip_vs_sh\nip_vs_fo\nip_vs_nq\nip_vs_sed\nip_vs_ftp\nip_vs_sh\nnf_co
nntrack\nip_tables\nip_set\nxt_set\nipt_set\nipt_rpfilter\nipt_REJECT\nipip\
n" >> "/etc/modules-load.d/ipvs.conf"}'
systemctl enable --now systemd-modules-load.service
#配置 sysctl
awk 'BEGIN{printf "net.ipv4.ip_forward = 1\nnet.bridge.bridge-nf-call-
iptables = 1\nnet.bridge.bridge-nf-call-ip6tables = 1\nfs.may_detach_mounts
= 1\nnet.ipv4.conf.all.route_localnet =
1\nvm.overcommit_memory=1\nvm.panic_on_oom=0\nfs.inotify.max_user_watches=89
100\nfs.file-
max=52706963\nfs.nr_open=52706963\nnet.netfilter.nf_conntrack_max=237020\nne
t.ipv4.tcp_keepalive_time = 600\nnet.ipv4.tcp_keepalive_probes =
3\nnet.ipv4.tcp_keepalive_intvl =15\nnet.ipv4.tcp_max_tw_buckets =
36000\nnet.ipv4.tcp_tw_reuse = 1\nnet.ipv4.tcp_max_orphans =
327680\nnet.ipv4.tcp_orphan_retries = 3\nnet.ipv4.tcp_syncookies =
1\nnet.ipv4.tcp_max_syn_backlog = 16384\nnet.ipv4.ip_conntrack_max =
65536\ntcp_max_syn_backlog = 16384\nnet.ipv4.tcp_timestamps =
0\nnet.core.somaxconn = 16384" >> "/etc/sysctl.d/k8s.conf"}'
sysctl --system
#检查
reboot
lsmod | grep --color=auto -e ip_vs -e nf_conntrack
containerD
安装配置
yum install docker-ce-20.10.* docker-ce-cli-20.10.* -y (containerd.io)
awk 'BEGIN{printf "overlay\nbr_netfilter\n" > "/etc/modules-
load.d/containerd.conf"}'
modprobe -- overlay
modprobe -- br_netfilter
awk 'BEGIN{printf "net.bridge.bridge-nf-call-iptables =
1\nnet.ipv4.ip_forward = 1\nnet.bridge.bridge-nf-call-ip6tables = 1\n" >
"/etc/sysctl.d/99-kubernetes-cri.conf"}'
sysctl --system
mkdir -p /etc/containerd
awk 'BEGIN{"containerd config default" | getline cmd_out; printf "%s\n",
cmd_out > "/etc/containerd/config.toml"}'
#然后手动修改配置文件的 Cgroup 为 Systemd
#修改 sandbox 地址为对应的版本即可
systemctl daemon-reload
systemctl enable --now containerd
of 3
免费下载
【版权声明】本文为墨天轮用户原创内容,转载时必须标注文档的来源(墨天轮),文档链接,文档作者等基本信息,否则作者和墨天轮有权追究责任。如果您发现墨天轮中有涉嫌抄袭或者侵权的内容,欢迎发送邮件至:contact@modb.pro进行举报,并提供相关证据,一经查实,墨天轮将立刻删除相关内容。
下载排行榜
文档被以下合辑收录
评论