一、建立k8s集群
1、官网安装:
2、开始
1.防火墙
关闭防火墙:
systemctl stop firewalld.service
开启防火墙:
systemctl start firewalld.service
关闭开机启动:
systemctl disable firewalld.service
- 关闭selinux
# 将 SELinux 设置为 permissive 模式(相当于将其禁用)
sudo setenforce 0
sudo sed -i 's/^SELINUX=enforcing$/SELINUX=permissive/' /etc/selinux/config
- 切换到root
sudo su
- 修改主机名称
hostnamectl set-hostname xxxxx
- 关闭 swap
swapoff -a
centos7在2024年6月30日,生命周期结束,官方不再进行支持维护,官方的YUM源也下线了,下线的方式是使yum的域名不解析。所以现在需要配置国内的YUM源
sudo vi /etc/yum.repos.d/CentOS-Base.repo
将CentOS-Base.repo里的内容全部替换为:
# CentOS-Base.repo
#
# 这里配置了CentOS的yum源,使用了阿里云和清华大学的镜像点。
#
[base]
name=CentOS-$releasever - Base
baseurl=http://mirrors.aliyun.com/centos/$releasever/os/$basearch/
http://mirrors.tuna.tsinghua.edu.cn/centos/$releasever/os/$basearch/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
#released updates
[updates]
name=CentOS-$releasever - Updates
baseurl=http://mirrors.aliyun.com/centos/$releasever/updates/$basearch/
http://mirrors.tuna.tsinghua.edu.cn/centos/$releasever/updates/$basearch/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
#additional packages that may be useful
[extras]
name=CentOS-$releasever - Extras
baseurl=http://mirrors.aliyun.com/centos/$releasever/extras/$basearch/
http://mirrors.tuna.tsinghua.edu.cn/centos/$releasever/extras/$basearch/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
#additional packages that extend functionality of existing packages
[centosplus]
name=CentOS-$releasever - Plus
baseurl=http://mirrors.aliyun.com/centos/$releasever/centosplus/$basearch/
http://mirrors.tuna.tsinghua.edu.cn/centos/$releasever/centosplus/$basearch/
gpgcheck=1
enabled=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
#contrib - packages by Centos Users
[contrib]
name=CentOS-$releasever - Contrib
baseurl=http://mirrors.aliyun.com/centos/$releasever/contrib/$basearch/
http://mirrors.tuna.tsinghua.edu.cn/centos/$releasever/contrib/$basearch/
gpgcheck=1
enabled=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
# 使用failovermethod指定优先级,这里设置为随机(roundrobin),也可以改为priority并指定每个URL的优先级
failovermethod=roundrobin
清理YUM缓存并更新
sudo yum clean all
sudo yum makecache
sudo yum update
完毕
vim /etc/fstab
#
# /etc/fstab
# Created by anaconda on Sun Mar 13 12:51:19 2022
#
# Accessible filesystems, by reference, are maintained under '/dev/disk'
# See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info
#
/dev/mapper/cl-root / xfs defaults 0 0
UUID=f724164d-a1bc-412e-b119-fb07aab95643 /boot xfs defaults 0 0
/dev/mapper/cl-home /home xfs defaults 0 0
#/dev/mapper/cl-swap swap swap defaults 0 0
将 带有swap那行注释掉
6.修改本机名和添加其它节点的主机名
yum install vim -y
vim /etc/hosts
添加如下内容
192.168.x.x k8s-master-1
192.168.x.x k8s-node-1
7.修改内核参数和模块
转发 IPv4 并让 iptables 看到桥接流量
通过运行 lsmod | grep br_netfilter 来验证 br_netfilter 模块是否已加载。
若要显式加载此模块,请运行 sudo modprobe br_netfilter。
cat <<EOF | sudo tee /etc/modules-load.d/k8s.conf
overlay
br_netfilter
EOF
sudo modprobe overlay
sudo modprobe br_netfilter
为了让 Linux 节点的 iptables 能够正确查看桥接流量,请确认 sysctl 配置中的 net.bridge.bridge-nf-call-iptables 设置为 1。例如:
# 设置所需的 sysctl 参数,参数在重新启动后保持不变
cat <<EOF | sudo tee /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-iptables = 1
net.bridge.bridge-nf-call-ip6tables = 1
net.ipv4.ip_forward = 1
EOF
# 应用 sysctl 参数而不重新启动
sudo sysctl --system
3、安装 容器运行时
- 安装docker
官网安装
设置 Docker 国内镜像,并设置cgroupDriver
1.安装docker
yum update -y
yum install -y yum-utils device-mapper-persistent-data lvm2
yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
yum -y install docker-ce-20.10.7 docker-ce-cli-20.10.7 containerd.io-1.4.6 docker-compose-plugin
systemctl start docker
systemctl status docker
systemctl enable docker
2.换成国内docker仓库
mkdir -p /etc/docker
touch /etc/docker/daemon.json
vim /etc/docker/daemon.json
添加如下内容
{
"exec-opts":["native.cgroupdriver=systemd"],
"registry-mirrors": ["https://docker.registry.cyou",
"https://docker-cf.registry.cyou",
"https://docker
最低0.47元/天 解锁文章
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
