一、基础环境准备
在openstack平台上创建两台虚拟机:
主: 10.104.43.110
备: 10.104.43.118
1、修改主机名并配置映射
# 所有节点修改主机名
[root@k8s-h-master ~]# hostnamectl set-hostname master
[root@k8s-h-master ~]# bash
[root@master ~]#
[root@k8s-h-node ~]# hostnamectl set-hostname node
[root@k8s-h-node ~]# bash
[root@node ~]#
# 所有节点配置映射
[root@master ~]# echo '
10.104.43.110 master
10.104.43.118 node' >> /etc/hosts
[root@node ~]# echo '
> 10.104.43.110 master
> 10.104.43.118 node' >> /etc/hosts
2、配置关闭防火墙和selinux
# 所有节点关闭selinux
# 关闭SELinux,否则后续K8S挂载目录时可能报错 Permission denied
[root@master ~]# sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config;
[root@master ~]# setenforce 0
[root@node ~]# sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config;
[root@node ~]# setenforce 0
# 所有节点关闭防火墙
[root@master ~]# systemctl stop firewalld.service
[root@master ~]# systemctl disable firewalld.service
[root@node ~]# systemctl stop firewalld.service
[root@node ~]# systemctl disable firewalld.service
# 关闭swap
# 如果开启了swap分区,kubelet会启动失败(可以通过将参数 --fail-swap-on 设置为false来忽略swap on),故需要在每个node节点机器上关闭swap分区。
# 这里索性将所有节点的swap分区都关闭,同时注释/etc/fstab中相应的条目,防止开机自动挂载swap分区:
[root@master ~]# swapoff -a
[root@master ~]# sed -ri 's/.*swap.*/#&/' /etc/fstab
[root@node ~]# swapoff -a
[root@node ~]# sed -ri 's/.*swap.*/#&/' /etc/fstab
# 允许iptables检查桥接流量
[root@master ~]# cat <<EOF | sudo tee /etc/modules-load.d/k8s.conf
br_netfilter
EOF
[root@master ~]# cat <<EOF | sudo tee /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
EOF
[root@master ~]# sudo sysctl --system
[root@node ~]# cat <<EOF | sudo tee /etc/modules-load.d/k8s.conf
br_netfilter
EOF
[root@node ~]# cat <<EOF | sudo tee /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
EOF
[root@node ~]# sysctl --system
3、配置yum源
# 删除默认yum源
[root@master yum.repos.d]# rm -rf /etc/yum.repos.d/*
[root@node yum.repos.d]# rm -rf /etc/yum.repos.d/*
# 下载阿里云源
[root@master yum.repos.d]# curl -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
[root@node yum.repos.d]# curl -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 2523 100 2523 0 0 33599 0 --:--:-- --:--:-- --:--:-- 34561
# 下载docker-ce源
[root@master yum.repos.d]# yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
[root@node yum.repos.d]# yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
已加载插件:fastestmirror
adding repo from: https://download.docker.com/linux/centos/docker-ce.repo
grabbing file https://download.docker.com/linux/centos/docker-ce.repo to /etc/yum.repos.d/docker-ce.repo
repo saved to /etc/yum.repos.d/docker-ce.repo
4、安装配置docker
# 安装docker
[root@master yum.repos.d]# yum install -y docker-ce-24.0.2
[root@node yum.repos.d]# yum install -y docker-ce-24.0.2
# 配置daemon
[root@master ~]# mkdir -p /etc/docker
[root@node ~]# mkdir -p /etc/docker
[root@master ~]# tee /etc/docker/daemon.json <<-'EOF'
> {
> "registry-mirrors": ["https://nxwgbmaq.mirror.aliyuncs.com"],
> "exec-opts": ["native.cgroupdriver=systemd"],
> "log-driver": "json-file",
> "log-opts": {
> "max-size": "100m"
> },
> "storage-driver": "overlay2"
> }
> EOF
[root@node ~]# tee /etc/docker/daemon.json <<-'EOF'
> {
> "registry-mirrors": ["https://nxwgbmaq.mirror.aliyuncs.com"],
> "exec-opts": ["native.cgroupdriver=systemd"],
> "log-driver": "json-file",
> "log-opts": {
> "max-size": "100m"
> },
> "storage-driver": "overlay2"
> }
> EOF
{
"registry-mirrors": ["https://nxwgbmaq.mirror.aliyuncs.com"],
"exec-opts": ["native.cgroupdriver=systemd"],
"log-driver": "json-file",
"log-opts": {
"max-size": "100m"
},
"storage-driver": "overlay2"
}
# 加载配置重启服务
[root@master ~]# systemctl daemon-reload
[root@master ~]# systemctl restart docker
[root@node ~]# systemctl daemon-reload
[root@node ~]# systemctl restart docker
# docker服务开机启动
[root@master ~]# systemctl enable docker
Created symlink from /etc/systemd/system/multi-user.target.wants/docker.service to /usr/lib/systemd/system/docker.service.
[root@node ~]# systemctl enable docker
Created symlink from /etc/systemd/system/multi-user.target.wants/docker.service to /usr/lib/systemd/system/docker.service.
# 修改/etc/containerd/config.toml
[root@