集群环境规划
IP |
hostname |
user |
passwd |
role |
os |
192.168.6.101 |
node01 |
root |
oracle |
master |
CentOS Linux release 7.7.1908 (Core) |
192.168.6.102 |
node02 |
root |
oracle |
slave |
CentOS Linux release 7.7.1908 (Core) |
192.168.6.103 |
node03 |
root |
oracle |
slave |
CentOS Linux release 7.7.1908 (Core) |
环境搭建
本次环境搭建需要安装三台Centos服务器(一主二从),然后在每台服务器中分别安装docker(18.06.3),kubeadm(1.17.4)、kubelet(1.17.4)、kubectl(1.17.4)程序。
环境初始化
1、检查操作系统的版本
[root@node01 ~]# cat /etc/redhat-release
CentOS Linux release 7.7.1908 (Core)
2、主机名解析
[root@node01 ~]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.6.101 node01
192.168.6.102 node02
192.168.6.103 node03
3、时间同步
[root@node01 ~]# yum install chrony -y
[root@node01 ~]# systemctl status chronyd
● chronyd.service - NTP client/server
Loaded: loaded (/usr/lib/systemd/system/chronyd.service; enabled; vendor preset: enabled)
Active: inactive (dead)
Docs: man:chronyd(8)
man:chrony.conf(5)
启动chronyd
[root@node01 ~]# systemctl start chronyd
[root@node01 ~]# systemctl enable chronyd
4、禁用iptables和firewalld服务
[root@node01 ~]# systemctl stop firewalld
[root@node01 ~]# systemctl disable firewalld
5、禁用selinux
[root@node01 ~]# cat /etc/sysconfig/selinux
SELINUX=disabled
6、禁用swap分区
[root@node01 ~]# vim /etc/fstab
#/dev/mapper/centos-swap swap swap defaults 0 0
7、修改linux的内核参数
[root@node01 ~]# vim /etc/sysctl.d/kubernetes.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
重新加载配置
[root@node01 ~]# sysctl -p
加载网桥过滤模块
[root@node01 ~]# modprobe br_netfilter
查看网桥过滤模块是否加载成功
[root@node01 ~]# lsmod | grep br_netfilter
br_netfilter 22256 0
bridge 151336 1 br_netfilter
8、配置ipvs功能
在kubernetes中service有两种代理模型,一种是基于iptables的,一种是基于ipvs的
[root@node01 ~]# yum install ipset -y
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* base: mirrors.aliyun.com
* extras: mirrors.aliyun.com
* updates: mirrors.aliyun.com
Package ipset-7.1-1.el7.x86_64 already installed and latest version
Nothing to do
[root@node01 ~]# yum install ipvsadm -y
9、添加需要加载的模块写入脚本文件
cat <<EOF > /etc/sysconfig/modules/ipvs.modules
#!/bin/bash
modprobe -- ip_vs
modprobe -- ip_vs_rr
modprobe -- ip_vs_wrr
modprobe -- ip_vs_sh
modprobe -- nf_conntrack_ipv4
EOF
10、为脚本文件添加执行权限
[root@node01 ~]# chmod +x /etc/sysconfig/modules/ipvs.modules
11、执行脚本文件
[root@node01 ~]# /etc/sysconfig/modules/ipvs.modules
12、