服务配置
服务器角色 | 服务器IP |
k8s-master1 | 192.168.1.170 |
k8s-node1 | 192.168.1.172 |
k8s-node2 | 192.168.1.173 |
禁用selinux
关闭前测试状态
关闭指令
关闭后查看(需重启系统)
修改服务器名称,方便运维
[root@localhost ~]# hostnamectl set-hostname k8smaster1本地配置服务名称,方便连接
[root@k8smaster1 ~]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.1.170 k8smaster1
192.168.1.171 k8smaster2
192.168.1.172 k8snode1
192.168.1.173 k8snode2
[root@k8snode1 ~]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.1.170 k8smaster1
192.168.1.171 k8smaster2
192.168.1.172 k8snode1
192.168.1.173 k8snode2配置免密登录
[root@k8smaster1 ~]# ssh-keygen -t rsa
[root@k8smaster1 ~]# ssh-copy-id k8smaster2
[root@k8smaster1 ~]# ssh-copy-id k8snode1
[root@k8smaster1 ~]# ssh-copy-id k8snode2
关闭交换分区,提升性能
未关闭前
swapoff -a #### 临时关闭方法
注释 /etc/fstab swap 选项
加载内核模块
加载前查看
加载后查看
开启ipv4网络包转发参数
vi /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-iptables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1启动ipv4网络包转发参数
关闭防火墙
[root@k8smaster1 ~]# systemctl stop firewalld && systemctl disable firewalld
Removed symlink /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.配置docker-ce Yum 源
[root@k8smaster1 ~]# yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo配置 k8s组件repo源
配置时间同步
[root@k8smaster2 yum.repos.d]# yum install -y ntpdate
[root@k8smaster2 yum.repos.d]# ntpdate cn.pool.ntp.org
[root@k8smaster1 ~]# crontab -e
no crontab for root - using an empty one
* */1 * * * /usr/sbin/ntpdate cn.pool.ntp.org
[root@k8smaster1 ~]# systemctl restart crond开启ipvs 模块
[root@k8smaster1 log]# cd /etc/sysconfig/modules/
[root@k8smaster1 modules]# bash ipvs.modules
安装基础软件包
yum install -y device-mapper-persistent-data lvm2 wget net-tools nfs-utils lrzsz gcc gcc-c++ make cmake libxml2-devel openssl-devel curl curl-devel unzip sudo ntp libaio-devel wget vim ncurses-devel autoconf automake zlib-devel python-devel epel-release openssh-server socat ipvsadm conntrack telnet配置容器运行时container
[root@k8smaster1 ~]# yum install -y containerd.io-1.6.6配置containerd配置文件
[root@k8smaster1 ~]# mkdir -p /etc/containerd
[root@k8smaster1 ~]# containerd config default > /etc/containerd/config.toml
配置containerd工具配置文件
[root@k8smaster1 containerd]# cat > /etc/crictl.yaml << EOF
> runtime-endpoint: unix:///run/containerd/containerd.sock
> image-endpoint: unix:///run/containerd/containerd.sock
> timeout: 10
> debug: false
> EOF
配置containerd加速器
安装docker-ce
[root@k8smaster1 ~]# yum install -y docker-ce
[root@k8smaster1 ~]# systemctl enable docker --now
配置docker镜像加速器
开始安装1.27.0
[root@k8smaster1 modules]# yum install -y kubelet-1.27.0 kubeadm-1.27.0 kubectl-1.27.0
[root@k8smaster1 modules]# systemctl enable kubelet
