环境准备
0. 前置工作:
四台服务器
操作系统: Centos7
内存: 2GB
CPU: 2核心
硬盘: 20GB
网络: 四台服务器之间互通, 本次示例中为虚拟机桥接网络
服务器IP以及用途:
部署K8S-Master 节点: 192.168.19.121
部署K8S-Node-1节点: 192.168.19.122
部署K8S-Node-2节点: 192.168.19.123
部署K8S-NFS节点: 192.168.19.124
更换CentOS官方yum源(可选)(在所有节点都执行)
重置DNS服务器为谷歌公共DNS
cat > /etc/resolv.conf << EOF nameserver 8.8.8.8 nameserver 8.8.4.4 EOF备份当前yum源
cp -ar /etc/yum.repos.d /etc/yum.repos.d.bak清除原有yum源文件
rm -f /etc/yum.repos.d/*创建新的yum源配置文件, 示例为阿里云yum源
vim /etc/yum.repos.d/CentOS-Base.repo # 内容如下: [base] name=CentOS-$releasever - Base - Aliyun baseurl=http://mirrors.aliyun.com/centos/$releasever/os/$basearch/ gpgcheck=1 gpgkey=http://mirrors.aliyun.com/centos/RPM-GPG-KEY-CentOS-7 #released updates [updates] name=CentOS-$releasever - Updates - Aliyun baseurl=http://mirrors.aliyun.com/centos/$releasever/updates/$basearch/ gpgcheck=1 gpgkey=http://mirrors.aliyun.com/centos/RPM-GPG-KEY-CentOS-7 #additional packages that may be useful [extras] name=CentOS-$releasever - Extras - Aliyun baseurl=http://mirrors.aliyun.com/centos/$releasever/extras/$basearch/ gpgcheck=1 gpgkey=http://mirrors.aliyun.com/centos/RPM-GPG-KEY-CentOS-7更新yum缓存
sudo yum clean all sudo yum makecache
安装工具包(在所有节点都执行)
yum -y install vim yum -y install wget yum -y install net-tools.x86_64
1. 关闭防火墙
# 在所有节点都执行:
systemctl stop firewalld
systemctl disable firewalld2. 禁用SELinux, 允许Docker访问主机文件系统
# 在所有节点都执行:
# 临时禁用
setenforce 0
# 永久禁用
sed -i 's/^SELINUX=enforcing$/SELINUX=permissive/' /etc/selinux/config3. 禁用交换分区
# 在所有节点都执行:
# 临时禁用
swapoff -a
# 永久禁用
sed -ri 's/.*swap.*/#&/' /etc/fstab4. 设置主机名
# 在K8S-Master节点执行:
hostnamectl set-hostname k8s-master
# 在K8S-Node-1节点执行:
hostnamectl set-hostname k8s-node-1
# 在K8S-Node-2节点执行:
hostnamectl set-hostname k8s-node-2
# 在K8S-NFS节点执行:
hostnamectl set-hostname k8s-nfs
# 在所有节点都执行:
cat >> /etc/hosts << EOF
192.168.19.121 k8s-master
192.168.19.122 k8s-node-1
192.168.19.123 k8s-node-2
192.168.19.124 k8s-nfs
EOF5. 将桥接IPV4和IPV6流量转到iptables链路
# 在所有节点都执行:
cat > /etc/sysctl.d/k8s.conf << EOF
net.bridge.bridge-nf-call-iptables = 1
net.bridge.bridge-nf-call-ip6tables = 1
EOF6. 应用配置
# 在所有节点都执行:
sysctl --system7. 时间同步(可选)
# 在所有节点都执行:
yum install ntpdate -y
ntpdate time.windows.com8. 安装Docker
# 在Master节点和所有Node节点都执行:
# 下载Docker-ce
wget https://download.docker.com/linux/static/stable/x86_64/docker-20.10.0.tgz
# 解压安装包
tar -zxvf docker-20.10.0.tgz
# 将解压得到的二进制文件全复制到/usr/bin目录下
cd docker
cp ./* /usr/bin/9. 将Docker注册为系统服务
# 在Master节点和所有Node节点都执行:
vim /etc/systemd/system/docker.service
# 写入内容如下
[Unit]
Description=Docker Application Container Engine
Documentation=https://docs.docker.com
After=network-online.target firewalld.service
Wants=network-online.target
[Service]
Type=notify
ExecStart=/usr/bin/dockerd
ExecReload=/bin/kill -s HUP $MAINPID
LimitNOFILE=infinity
LimitNPROC=infinity
TimeoutStartSec=0
Delegate=yes
KillMode=process
Restart=on-failure
StartLimitBurst=3
StartLimitInterval=60s
[Install]
WantedBy=multi-user.target10. 修改docker镜像源
受网络限制, dockerhub可能网络不通, 无法拉取镜像, 推荐修改为国内镜像源
# 在Master节点和所有Node节点都执行:
vi /etc/docker/daemon.json
# 内容修改为:
{
"registry-mirrors":
[
"https://docker.m.daocloud.io",
"https://b9pmyelo.mirror.aliyuncs.com",
"https://dockerpull.com",
"https://docker.aityp.com/"
],
"dns":
[
"8.8.8.8",
"8.8.4.4"
]
}11. Docker服务开机自启
# 在Master节点和所有Node节点都执行:
chmod +x /etc/systemd/system/docker.service
systemctl daemon-reload
systemctl enable docker.service
systemctl start docker.service12. 添加阿里云的K8S yum源
# 在Master节点和所有Node节点都执行:
cat > /etc/yum.repos.d/kubernetes.repo << EOF
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
# 建立yum 缓存
yum makecache