快速部署k8s
环境
名称 | IP | 系统 |
---|---|---|
master | 192.168.136.132 | centos8 |
node1 | 192.168.136.138 | centos8 |
node2 | 192.168.136.140 | centos8 |
准备工作
设置主机名 关闭防火墙和selinux、swap分区空间
//设置主机名
[root@master ~]# hostnamectl set-hostname master.example.com
[root@master ~]# bash
[root@master ~]# hostname
master.example.com
[root@node1 ~]# hostnamectl set-hostname node1.example.com
[root@node1 ~]# bash
[root@node1 ~]# hostname
node1.example.com
[root@node2 ~]# hostnamectl set-hostname node2.example.com
[root@node2 ~]# bash
[root@node2 ~]# hostname
node2.example.com
以下操作在三台机器都要进行
//关闭防火墙
[root@master ~]# systemctl disable --now firewalld.service
Removed /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
//关闭selinux
[root@master ~]# vim /etc/selinux/config
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of these three values:
# targeted - Targeted processes are protected,
# minimum - Modification of targeted policy. Only selected processes are protected.
# mls - Multi Level Security protection.
SELINUXTYPE=targeted
[root@master ~]# setenforce 0
//关闭swap分区空间
[root@master ~]# vim /etc/fstab
#
# /etc/fstab
# Created by anaconda on Fri Nov 12 08:04:53 2021
#
# Accessible filesystems, by reference, are maintained under '/dev/disk/'.
# See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info.
#
# After editing this file, run 'systemctl daemon-reload' to update systemd
# units generated from this file.
#
/dev/mapper/cs-root / xfs defaults 0 0
UUID=b63f82a7-55fa-4e7c-b94e-71f1a1e3cb74 /boot xfs defaults 0 0
# 把下面一行删除掉或注释即可
# 把下面一行删除掉或注释即可
/dev/mapper/cs-swap none swap defaults 0 0
在master节点配置DNS域名解析 IPv4流量传递到iptables
[root@master ~]# vim /etc/hosts
[root@master ~]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
添加以下类容
192.168.136.132 master master.example.com
192.168.136.138 node1 node1.example.com
192.168.136.140 node2 node2.example.com
//master上配置流量传递
[root@master ~]# vim /etc/sysctl.d/k8s.conf
[root@master ~]# cat /etc/sysctl.d/
99-sysctl.conf k8s.conf
[root@master ~]# cat /etc/sysctl.d//k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
//让配置生效
[root@master ~]# sysctl --system
* Applying /usr/lib/sysctl.d/10-default-yama-scope.conf ...
kernel.yama.ptrace_scope = 0
* Applying /usr/lib/sysctl.d/50-coredump.conf ...
kernel.core_pattern = |/usr/lib/systemd/systemd-coredump %P %u %g %s %t %c %h %e
* Applying /usr/lib/sysctl.d/50-default.conf ...
kernel.sysrq = 16
kernel.core_uses_pid = 1
kernel.kptr_restrict = 1
net.ipv4.conf.all.rp_filter = 1
net.ipv4.conf.all.accept_source_route = 0
net.ipv4.conf.all.promote_secondaries = 1
net.core.default_qdisc = fq_codel
fs.protected_hardlinks = 1
fs.protected_symlinks = 1
* Applying /usr/lib/sysctl.d/50-libkcapi-optmem_max.conf ...
net.core.optmem_m