K8S服务器节点配置


配置时区
sudo mv /etc/localtime /etc/localtime.utc
sudo ln -s /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
date
-----------------------
配置/etc/hosts
注释掉::1这一行
注释掉ipv6
增加其他节点的ip hostname配置
sudo sed -i 's/:/#&/' /etc/hosts
sudo sed -i 's/f/#&/' /etc/hosts
看情况增加
192.168.2.201 master01
192.168.2.202 master02
192.168.2.203 master03
192.168.2.207 master04
192.168.2.204 node01
192.168.2.205 node02
192.168.2.208 node03
192.168.2.209 node04
192.168.2.206 node05
-----------------------
配置内存交换
sudo vim /etc/default/grub
#GRUB_CMDLINE_LINUX=""
GRUB_CMDLINE_LINUX="cgroup_enable=memory swapaccount=1"
sudo update-grub
-----------------------
禁用防火墙
禁用SeLinux
禁用ufw
sudo ufw disable
sudo ufw status
-----------------------
sudo vim /etc/sysctl.conf
配置系统优化参数
net.ipv4.ip_forward = 1
net.ipv4.tcp_syn_retries = 5
net.ipv4.tcp_synack_retries = 3
net.ipv4.tcp_keepalive_time = 600
net.ipv4.tcp_keepalive_probes = 3
net.ipv4.tcp_keepalive_intvl = 15
net.ipv4.tcp_retries2 = 5
net.ipv4.tcp_fin_timeout = 2
net.ipv4.tcp_max_tw_buckets = 180000
net.ipv4.tcp_syncookies = 1
net.ipv4.ip_local_port_range = 10000 65535
net.core.somaxconn = 16384
net.core.netdev_max_backlog = 16384
vm.max_map_count = 262144
net.ipv4.tcp_tw_reuse = 1
vm.swappiness = 0

-----------------------
配置免密
sudo vi /etc/sudoers
lapis   ALL=(ALL) NOPASSWD:ALL
增加到sudo用户组
sudo usermod -a -G sudo lapis
sudo usermod -a -G root lapis
-----------------------
重启(一定要重启)
sudo reboot
-----------------------
修改系统镜像
cp /etc/apt/sources.list /etc/apt/sources.list.old
sudo vim sources.list 
输入ggdG删除所有内容,
按i键进入插入模式,
鼠标右键粘贴如下内容:
deb http://mirrors.aliyun.com/ubuntu/ bionic main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ bionic main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ bionic-security main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ bionic-security main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ bionic-updates main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ bionic-updates main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ bionic-backports main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ bionic-backports main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ bionic-proposed main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ bionic-proposed main restricted universe multiverse

更新镜像源:
sudo apt-get update
或者 sudo apt-get upgrade
-----------------------
安装docker
1.卸载
sudo apt-get remove docker docker-engine docker.io containerd runc
2.安装依赖和镜像库
sudo apt-get update
# 安装依赖包
sudo apt-get -y install apt-transport-https ca-certificates curl software-properties-common -y
# 添加 Docker 的官方 GPG 密钥
curl -fsSL https://mirrors.aliyun.com/docker-ce/linux/ubuntu/gpg | sudo apt-key add -
# 设置稳定版仓库
sudo add-apt-repository "deb [arch=amd64] https://mirrors.aliyun.com/docker-ce/linux/ubuntu $(lsb_release -cs) stable"
删除版本库用:sudo add-apt-repository -r "deb [arch=amd64] https://download.docker.com/linux/ubuntu/dist $(lsb_release -cs) stable"
3.安装
# 更新
sudo apt-get update
# 安装最新的Docker-ce 
sudo apt-get install docker-ce -y
# 安装指定版本的Docker-CE:
 # Step 1: 查找Docker-CE的版本: 
# apt-cache madison docker-ce 
#   docker-ce | 17.03.1~ce-0~ubuntu-xenial | https://mirrors.aliyun.com/docker-ce/linux/ubuntu xenial/stable amd64 Packages
#   docker-ce | 17.03.0~ce-0~ubuntu-xenial | https://mirrors.aliyun.com/docker-ce/linux/ubuntu xenial/stable amd64 Packages
# Step 2: 安装指定版本的Docker-CE: (VERSION例如上面的17.03.1~ce-0~ubuntu-xenial)
# sudo apt-get -y install docker-ce=[VERSION]
# 启动
sudo systemctl enable docker
sudo systemctl start docker
4.配置docker镜像
配置镜像
sudo tee /etc/docker/daemon.json <<-'EOF'
{
  "registry-mirrors": ["https://uyah70su.mirror.aliyuncs.com"],
  "exec-opts": ["native.cgroupdriver=systemd"],
  "log-driver": "json-file",
  "log-opts": {
    "max-size": "100m"
  },
 "insecure-registries": [
     "http://harbor.laisontech.com"
  ],
  "storage-driver": "overlay2"
}
EOF
连接harbor仓库
sudo apt install gnupg2 pass
docker login  harbor.laisontech.com -u admin -p Harbor12345
-----------------------
配置网络
sudo vi /lib/systemd/system/docker.service
ExecStartPost=/sbin/iptables -P FORWARD ACCEPT

sudo systemctl daemon-reload
sudo systemctl restart docker
-----------------------
添加当前用户到 docker 用户组
# 列出自己的用户组,确认自己在不在 docker 组中
groups
sudo groupadd docker
sudo gpasswd -a ${USER} docker

sudo systemctl daemon-reload
sudo systemctl restart docker




Logo

K8S/Kubernetes社区为您提供最前沿的新闻资讯和知识内容

更多推荐