本文共 4363 字,大约阅读时间需要 14 分钟。
server count: 7
server version: Centos7.4
192.168.158.131 k8s01 etcd、Master、Node、keepalived
192.168.158.132 k8s02 etcd、Master、Node、keepalived 192.168.158.133 k8s03 etcd、Master、Node、keepalived 192.168.158.134 k8s04 node 192.168.158.135 k8s05 node 192.168.158.136 k8s06 node 192.168.158.137 k8s07 node 192.168.158.138 k8s08 k8s-cluster.smile13.com (VIP)
sudo systemctl stop firewalld && sudo systemctl disable firewalld
sed -i ‘/SELINUX=enforcing/d’ /etc/selinux/config
sed -i ‘/SELINUX=disabled/d’ /etc/selinux/config echo “SELINUX=disabled” >> /etc/selinux/config 重启后生效。
# yum -y install ntp修改配置文件/etc/ntp.conf注释掉原有的server指向把时间服务器的域名地址指向一个靠谱可连的时间服务器,我选择的是ntp1.aliyun.com.# vi /etc/ntp.conf……#server 0.centos.pool.ntp.org iburst#server 1.centos.pool.ntp.org iburst#server 2.centos.pool.ntp.org iburst#server 3.centos.pool.ntp.org iburst server ntp1.aliyun.com iburst......启动ntp并加入开机启动# systemctl start ntpd# systemctl enable ntpdCreated symlink from /etc/systemd/system/multi-user.target.wants/ntpd.service to /usr/lib/systemd/system/ntpd.service.注意:在启动之前,先使用ntpdate手动同步一下时间,免得本机与对时中心时间差距太大,使得ntpd不能正常同步。这里选用ntp1.aliyun.com作为对时中心:sudo ntpdate -u ntp1.aliyun.com
ssh-keygen -t rsa #输入之后一直选择enter即可。生成的秘钥位于 ~/.ssh文件夹下。可用cd 命令进入查看。6.2 导入authorized_keys
cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
cat ~/.ssh/id_rsa.pub | ssh -p 22 user@host 'cat >> ~/.ssh/authorized_keys'
chmod 600 ~/.ssh/authorized_keys
swapoff -a然后再打开文件/etc/fstab,找到swap有关的一行,如下图红框所示,在这一行的最左边加上"#",将该行注释掉:## /etc/fstab# Created by anaconda on Fri Jul 20 23:01:49 2018## Accessible filesystems, by reference, are maintained under '/dev/disk'# See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info#UUID=f5f7670b-9aaf-414c-8e5e-50cb33e81d48 / xfs defaults 0 0UUID=8ef45b9a-a906-40a9-a51c-af05d3d13766 /boot xfs defaults 0 0#UUID=26981930-f538-4a6f-a055-6ca7a5a51112 swap swap defaults 0 0执行free -m命令检查,swap值应该都为0了[root@k8s01 ~]# free -m. total used free shared buff/cache availableMem: 29443 181 28985 8 276 28865Swap: 0 0 0
[root@k8s01 ~]# cat /etc/sysconfig/modules/ipvs.modules#!/bin/bashmodprobe -- ip_vsmodprobe -- ip_vs_rrmodprobe -- ip_vs_wrrmodprobe -- ip_vs_shmodprobe -- nf_conntrack_ipv4上面脚本创建了的/etc/sysconfig/modules/ipvs.modules文件,保证在节点重启后能自动加载所需模块。查看是否已经正确加载所需的内核模块:[root@k8s01 ~]# lsmod | grep -e ip_vs -e nf_conntrack_ipv4nf_conntrack_ipv4 16384 2 nf_defrag_ipv4 16384 1 nf_conntrack_ipv4ip_vs_sh 16384 0 ip_vs_wrr 16384 0 ip_vs_rr 16384 0 ip_vs 151552 6 ip_vs_rr,ip_vs_sh,ip_vs_wrrnf_conntrack 135168 8 xt_conntrack,nf_nat_masquerade_ipv4,nf_conntrack_ipv4,nf_nat,ipt_MASQUERADE,nf_nat_ipv4,nf_conntrack_netlink,ip_vslibcrc32c 16384 4 nf_conntrack,nf_nat,xfs,ip_vs接下来还需要确保各个节点上已经安装了ipset软件包yum install ipset。 为了便于查看ipvs的代理规则,最好安装一下管理工具ipvsadm yum install ipvsadm。如果以上前提条件如果不满足,则即使kube-proxy的配置开启了ipvs模式,也会退回到iptables模式。
------详细教程请查看:docker安装完成后,配置为阿里云的源yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
[root@k8s01 ~]# cat /etc/yum.repos.d/kubernetes.repo [kubernetes]name=Kubernetesbaseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/enabled=1gpgcheck=1repo_gpgcheck=1gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
[root@k8s01 sysctl.d]# cat /etc/sysctl.d/k8s.conf net.bridge.bridge-nf-call-ip6tables = 1net.bridge.bridge-nf-call-iptables = 1net.ipv4.ip_forward = 1net.ipv4.ip_nonlocal_bind = 1
yum install -y kubelet-1.13.1 kubeadm-1.13.1 kubectl-1.13.1systemctl enable kubelet.service# 配置kubelet使用国内阿里pause镜像,官方的镜像被墙,kubelet启动不了[root@k8s01 kubernetes]# cat /etc/sysconfig/kubeletKUBELET_EXTRA_ARGS="--pod-infra-container-image=registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.1"
版权声明:本文为博主原创文章,转载请注明出处!