系统准备
设置主机名
hostnamectl set-hostname node1 ## 设置主机名为node1
#修改 /etc/hosts文件
更改本地ip
vi /etc/netplan/00-installer-config.yaml
# This is the network config written by 'subiquity'
network:
version: 2
renderer: NetworkManager
ethernets:
enpos5:
dhcp4: no
dhcp6: no
addresses: [192.168.65.8/24] #注意改本地IP
routes:
- to: default
via: 192.168.95.254
nameservers:
addresses: [8.8.8.8,114.114.114.114]
netplan apply
更改sudo权限
#用户在不被提示密码的情况下运行 sudo 命令, /etc/sudoers
visudo
sudo visudo
username ALL=(ALL) NOPASSWD:ALL
安装工具
#安装telnet服务
sudo apt-get install openbsd-inetd telnetd
sudo /etc/init.d/openbsd-inetd restart
# 查看 telnet服务是否开启
sudo netstat -a | grep telnet
#安装telnet客户端
sudo apt-get install telnet
超时时间设置
Linux下设置超时时间,是在配置文件/etc/profile里。在该文件下,添加一个变量:
**export TMOUT=3600**
时间单位是S,上面配置的超时时间是1个小时。
另外,在ssh配置文件/etc/ssh/sshd_config中,将ssh的保活配置打开:
**ClientAliveInterval 300**
**ClientAliveCountMax 3**
意思是5分钟检查一次客户端响应,最多检查3次。如果3次都检查到客户端不响应,那么就认为ssh已经断开了。
关闭swap
sudo swapoff -a #从/proc/swaps中禁止所有swap
sudo swapon -s #显示swap已使用的情况
sudo sed -ri 's/.swap./#&/' /etc/fstab
free -h #检查swap使用,swap一行值为0B表示当前已禁用
修改br_netfilter 模块
#br_netfilter 模块用于将桥接流量转发至 iptables 链,br_netfilter 内核参数需要开启转发
cat <<EOF | sudo tee /etc/modules-load.d/k8s.conf
overlay
br_netfilter
EOF
开启IP转发
#开启ip转发
sudo vim /etc/sysctl.conf
# 去除注释 #
net.ipv4.ip_forward=1
#查看
sysctl -p
安装 v1.24
#卸载旧版本
sudo apt-get remove docker docker-engine docker.io containerd runc
sudo rm -rf /var/lib/docker
sudo rm -rf /var/lib/containerd
#更新apt,允许使用https
sudo apt-get update
sudo apt-get install \
ca-certificates \
curl \
gnupg \
lsb-release
#添加docker官方GPG key
sudo mkdir -p /etc/apt/keyrings
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg
#设置软件仓库源
echo \
"deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu \
$(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
#安装containerd
sudo apt-get update
sudo apt-get install -y containerd.io
# 查看运行状态
systemctl enable containerd
systemctl status containerd
#修改配置 在 Linux 上,containerd 的默认 CRI 套接字是 /run/containerd/containerd.sock
#生成默认配置
containerd config default > /etc/containerd/config.toml
#修改CgroupDriver为systemd
SystemdCgroup = true
#重启containerd
systemctl restart containerd
#安装crictl
wget https://github.com/kubernetes-sigs/cri-tools/releases/download/v1.26.0/crictl-v1.26.0-linux-arm64.tar.gz
sudo tar zxvf crictl-v1.26.0-linux-arm64.tar.gz -C /usr/local/bin
rm -f crictl-v1.26.0-linux-arm64.tar.gz
sudo apt-get install -y kubelet=1.24.0-00 kubeadm=1.24.0-00 kubectl=1.24.0-00 --allow-downgrades
#编辑/etc/crictl.yaml的内容
cat /etc/crictl.yaml
runtime-endpoint: unix:///run/containerd/containerd.sock
image-endpoint: unix:///run/containerd/containerd.sock
timeout: 10
debug: true
#crictl 测试
crictl version
#安装k8s
sudo apt-get install -y kubelet=1.24.0-00 kubeadm=1.24.0-00 kubectl=1.24.0-00 --allow-downgrades
sudo kubeadm init \
--pod-network-cidr=10.244.0.0/16 \
--service-cidr=10.96.0.0/12 \
--ignore-preflight-errors=Swap \
--image-repository=registry.aliyuncs.com/google_containers \
--v 5
#配置kubeconfig
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
systemctl enable kubelet
systemctl restart kubelet
apt-mark hold kubectl kubelet kubeadm
#安装 flannel
kubectl apply -f https://raw.githubusercontent.com/flannel-io/flannel/master/Documentation/kube-flannel.yml