本文将搭建一套master-node-node k8s集群环境,需要准备三台至少cpu > 2G, mem > 2G的虚拟机,步骤如下:
1. 在所有节点配置hosts并节点间的连接性
#分别在三个节点配置host,示例为master节点的配置
root@k8s-master01:~# hostnamectl set-hostname k8s-master01
root@k8s-master01:~# cat /etc/hosts
127.0.0.1 localhost
# The following lines are desirable for IPv6 capable hosts
::1 localhost ip6-localhost ip6-loopback
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
127.0.1.1 s02g07017.cloud.em160.tbsite.net s02g07017
172.18.8.211 k8s-master01
172.18.8.210 k8s-node01
172.18.8.212 k8s-node02#确保节点间的连接性
root@k8s-master01:~# ping k8s-node1
root@k8s-master01:~# ping k8s-node01
root@k8s-master01:~# ping k8s-node022. 在所有节点安装所需应用
#安装依赖包
root@k8s-master01:~# apt-get update
root@k8s-master01:~# apt-get install conntrack ipvsadm ipset jq iptables curl sysstat libseccomp2 wget vim net-tools git#关闭防火墙
root@k8s-master01:~# systemctl stop firewalld
root@k8s-master01:~# iptables -F ; service iptables save #disable swap分区,以免pod运行在swap中
root@k8s-master01:~# setenforce 0 && sed -i 's/^SELINUX=.*/SELINUX=disabled/' /etc/selinux/config
setenforce: SELinux is disabled#配置kubernetes.conf,调整内核参数,【可选
root@k8s-master01:/home/whq# cat > kubernetes.conf <<EOF
> net.bridge.bridge-nf-call-iptables=1 # 开启网桥模式
> net.bridge.bridge-nf-call-ip6tables=1 # 开启网桥模式
> net.ipv4.ip_forward=1
> net.ipv4.tcp_tw_recycle=0
> vm.swappiness=0 # 禁止使用 swap 空间,只有当系统 OOM 时才允许使用它
> vm.overcommit_memory=1 # 不检查物理内存是否够用
> vm.panic_on_oom=0 # 开启 OOM
> fs.inotify.max_user_instances=8192
> fs.inotify.max_user_watches=1048576
> fs.file-max=52706963
> fs.nr_open=52706963
> net.ipv6.conf.all.disable_ipv6=1 # 关闭IPV6协议
> net.netfilter.nf_conntrack_max=2310720
> EOF
root@k8s-master01:/home/whq# cp kubernetes.conf /etc/sysctl.d/kubernetes.conf
root@k8s-master01:/home/whq# sysctl -p /etc/sysctl.d/kubernetes.conf #kube-proxy开启ipvs的前置条件
root@k8s-master01:/home/whq# modprobe br_netfilter
root@k8s-master01:/home/whq# vi /etc/modules
#添加以下内容
modprobe -- ip_vs
modprobe -- ip_vs_rr
modprobe -- ip_vs_wrr
modprobe -- ip_vs_sh
#modprobe -- nf_conntrack_ipv4
modprobe -- nf_conntrack
root@k8s-master01:/home/whq# chmod 755 /etc/modules
root@k8s-master01:/home/whq# bash /etc/modules
modprobe: FATAL: Module nf_conntrack_ipv4 not found in directory /lib/modules/5.4.0-77-generic
root@k8s-master01:/home/whq# chmod 755 /etc/modules && bash /etc/modules && lsmod | grep -e ip_vs -e nf_conntrack
ip_vs_sh 16384 0
ip_vs_wrr 16384 0
ip_vs_rr 16384 0
ip_vs 155648 6 ip_vs_rr,ip_vs_sh,ip_vs_wrr
nf_conntrack 139264 1 ip_vs
nf_defrag_ipv6 24576 2 nf_conntrack,ip_vs
libcrc32c 16384 2 nf_conntrack,ip_vs#安装docker
root@k8s-master01:/home/whq# sudo apt-get install \
> apt-transport-https \
> ca-certificates \
> curl \
> gnupg-agent \
> software-properties-common
root@k8s-master01:/home/whq# sudo add-apt-repository \
> "deb [arch=amd64] https://mirrors.ustc.edu.cn/docker-ce/linux/ubuntu/ \
> $(lsb_release -cs) \
> stable"
root@k8s-master01:/home/whq# sudo apt-get install docker-ce docker-ce-cli containerd.io
root@k8s-master01:/home/whq# sudo add-apt-repository "deb [arch=amd64] https://mirrors.ustc.edu.cn/docker-ce/linux/ubuntu/ \
$(lsb_release -cs) \
root@k8s-master01:/home/whq# cat > /etc/docker/daemon.json <<EOF
> {
> "registry-mirrors": ["https://fxr0bix2.mirror.aliyuncs.com"],
> "exec-opts": ["native.cgroupdriver=systemd"],
> "log-driver": "json-file",
> "log-opts": {
> "max-size": "100m"
> }
> }
> EOF
root@k8s-master01:/home/whq# mkdir -p /etc/systemd/system/docker.service.d
root@k8s-master01:/home/whq# systemctl daemon-reload
最低0.47元/天 解锁文章
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
