目录
修改静态ip地址
vim /etc/sysconfig/network-scripts/ifcfg-ens33
# 静态IP地址
IPADDR="192.168.3.200"
NETMASK="255.255.255.0"
GATEWAY="192.168.3.2"
DNS1="114.114.114.114"
修改主机名称
hostnamectl set-hostname master1-admin
停止防火墙
systemctl stop firewalld.service
systemctl disable firewalld.service
禁用selinux
sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config
常用软件包的安装
yum install -y epel-release tree vim wget bash-completion lrzsz nfs-utils net-tools sysstat iotop unzip nc nmap telnet bc psmisc yum-utils ipvsadm git socat conntrack sshpass
rocky linux 8修改阿里云源
sed -e 's|^mirrorlist=|#mirrorlist=|g' \
-e 's|^#baseurl=http://dl.rockylinux.org/$contentdir|baseurl=https://mirrors.aliyun.com/rockylinux|g' \
-i.bak \
/etc/yum.repos.d/Rocky-*.repo
rocky linux 9修改阿里云源
sed -e 's|^mirrorlist=|#mirrorlist=|g' \
-e 's|^#baseurl=http://dl.rockylinux.org/$contentdir|baseurl=https://mirrors.sjtug.sjtu.edu.cn/rocky|g' \
-i.bak \
/etc/yum.repos.d/rocky-*.repo
配置系统时间与网络同步
删除原有配置加入下面地址 vim /etc/chrony.conf
server ntp.aliyun.com iburst
server ntp.ntsc.ac.cn iburst
server time.neu.edu.cn iburst
systemctl restart chronyd chronyc sources -v #查看同步状态 timedatectl #查看同步状态 Local time: 五 2024-03-22 17:30:40 CST Universal time: 五 2024-03-22 09:30:40 UTC RTC time: 五 2024-03-22 09:30:40 Time zone: Asia/Shanghai (CST, +0800) System clock synchronized: no ####yes NTP service: active RTC in local TZ: no
关闭系统swap缓存
swapoff -a && sed -i 's/.*swap.*/#&/' /etc/fstab
host文件解析配置
echo '192.168.3.31 zhyj1.com zhyj1' >> /etc/hosts
ssh免密快速配置
创建秘钥
ssh-keygen -f ~/.ssh/id_rsa -P '' -q
参数讲解:
ssh-keygen:密钥对创建工具 [-P old_passphrase] 密码 [-f output_keyfile] 输出的秘钥文件 [-q] 不输出信息 [-t dsa ] 指定秘钥类型
拷备秘钥到其他主机:
yum install sshpass
sshpass -p123456 ssh-copy-id -f -i ~/.ssh/id_rsa.pub "-o StrictHostKeyChecking=no" 192.168.3.32
参数讲解: [root@web02 ~]# sshpass -help Usage: sshpass [-f|-d|-p|-e] [-hV] command parameters sshpass -p123456 ssh-copy-id -f -i ~/.ssh/id_rsa.pub "-o StrictHostKeyChecking=no" 192.168.137.32 sshpass [-f|-d|-p|-e] [-hV] command parameters ssh-copy-id -f -i ~/.ssh/id_rsa.pub -o StrictHostKeyChecking=no root@172.16.1.8 ssh-copy-id [-f] [-i [identity_file]] [-p port] [[-o <ssh -o options>] ...] [user@]hostname 说明: -f: force mode 强制 [-i [identity_file]] 指定秘钥文件 [[-o <ssh -o options>] ...] 指定ssh参数选项
加载系统内核参数
modprobe br_netfilter
cat > /etc/sysctl.d/k8s.conf << EOF
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
EOF
sysctl -p /etc/sysctl.d/k8s.conf
#加入开机启动项目
echo "modprobe br_netfilter" >> /etc/rc.d/rc.local
echo "sysctl -p /etc/sysctl.d/k8s.conf" >> /etc/rc.d/rc.local
chmod +x /etc/rc.d/rc.local
#查看是否加载
lsmod | grep br_netfilter
tab键命令补全
yum install bash-completion
docker-ce阿里云源安装
yum install yum-utils -y
yum config-manager --add-repo=https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
yum install docker-ce -y --allowerasing # rocky8/9
yum install docker-ce -y # centos7
sudo mkdir -p /etc/docker
sudo tee /etc/docker/daemon.json <<-'EOF'
{
"insecure-registries": ["192.168.137.35:5000"],
"registry-mirrors": ["https://xwom7jvu.mirror.aliyuncs.com"]
}
EOF
sudo systemctl daemon-reload
sudo systemctl restart docker
# daemon.json 配置文件
{"registry-mirrors":["https://rsbud4vc.mirror.aliyuncs.com","https://registry.docker-cn.com","https://docker.mirrors.ustc.edu.cn","https://dockerhub.azk8s.cn","http://hub-mirror.c.163.com"],
"insecure-registries":["192.168.40.62","harbor.cn"]
}
#降级containerd.io
yum install containerd.io-1.6.28-3.1.el8.x86_64
#指定安装docker的版本
yum install docker-ce-24.0.2-1.el8.x86_64
docker常用命令
[root@zhyj5 ~]# docker commit -a "hello" -m "add" 2c3457d804ba vv
sha256:0988d4c96972b89c9d366be33578cc020b794dd8cbdf65fd87157fe7c0fbf0d8
[root@zhyj5 ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
vv latest 0988d4c96972 7 seconds ago 471MB
v1 latest f7e1bba77f64 3 minutes ago 471MB
centos latest 76d6bc25b8a5 5 years ago 200MB
mycentos v2 76d6bc25b8a5 5 years ago 200MB
#Portainer安装
docker run -d -p 8088:9000 \
--restart=always -v /var/run/docker.sock:/var/run/docker.sock --privileged=true portainer/portainer-ce
#删除所有容器
docker rm $(docker ps -aq)
#停止所有容器
docker stop $(docker ps -q)
#打包所有镜像
docker save $(docker images | grep -v REPOSITORY | awk 'BEGIN{OFS=":";ORS=" "}{print $1,$2}') -o allimages.tar