k8s 1.23版本centos7安装教程
指定主机执行 192.168.0.151# 指定主机执行 192.168.0.152# 指定主机执行 192.168.0.153# 所有主机执行EOD。
·
centos7
配置主机hosts映射
# 指定主机执行 192.168.0.151 hostnamectl set-hostname k8s01 # 指定主机执行 192.168.0.152 hostnamectl set-hostname k8s02 # 指定主机执行 192.168.0.153 hostnamectl set-hostname k8s03
# 所有主机执行 cat << EOD >> /etc/hosts 192.168.0.151 k8s01 192.168.0.152 k8s02 192.168.0.153 k8s03 EOD
配置华为yum源,可以提升些许安装速度
curl https://repo.huaweicloud.com/repository/conf/CentOS-7-reg.repo >/etc/yum.repos.d/CentOS-Base.repo
关闭交换内存
swapoff -a sed -i '/ swap / s/^\(.*\)$/#\1/g' /etc/fstab
关闭selinux
setenforce 0 sed -i 's/SELINUX=.*/SELINUX=disable/g' /etc/selinux/config
配置内核参数
cat > kubernetes.conf <<EOF # 开启iptables和ip6tables对桥接的网络包进行处理 net.bridge.bridge-nf-call-iptables=1 net.bridge.bridge-nf-call-ip6tables=1 # 开启IPv4的IP转发 net.ipv4.ip_forward=1 # 禁用CP TIME_WAIT回收机制 net.ipv4.tcp_tw_recycle=0 # 禁止使用 swap 空间,只有当系统 OOM 时才允许使用它 vm.swappiness=0 # 不检查物理内存是否够用 vm.overcommit_memory=1 # 开启 OOM vm.panic_on_oom=0 fs.inotify.max_user_instances=8192 fs.inotify.max_user_watches=1048576 # 最大打开文件数量 fs.file-max=52706963 fs.nr_open=52706963 # 该参数禁用了IPv6协议 net.ipv6.conf.all.disable_ipv6=1 # 设置网络连接跟踪表的最大条目数 net.netfilter.nf_conntrack_max=2310720 EOF cp kubernetes.conf /etc/sysctl.d/kubernetes.conf sysctl -p /etc/sysctl.d/kubernetes.conf
设置系统时间
# 设置系统时区为 中国/上海 timedatectl set-timezone Asia/Shanghai # 将当前的 UTC 时间写入硬件时钟 timedatectl set-local-rtc 0 # 重启依赖于系统时间的服务 systemctl restart rsyslog systemctl restart crond
关闭邮箱服务
systemctl stop postfix && systemctl disable postfix
设置 rsyslogd 和 systemd journald
mkdir /var/log/journal # 持久化保存日志的目录 mkdir /etc/systemd/journald.conf.d cat > /etc/systemd/journald.conf.d/99-prophet.conf <<EOF [Journal] # 持久化保存到磁盘 Storage=persistent # 压缩历史日志 Compress=yes SyncIntervalSec=5m RateLimitInterval=30s RateLimitBurst=1000 # 最大占用空间 10G SystemMaxUse=10G # 单日志文件最大 200M SystemMaxFileSize=200M # 日志保存时间 2 周 MaxRetentionSec=2week # 不将日志转发到 syslog ForwardToSyslog=no EOF systemctl restart systemd-journald
升级系统内核
配置到 /etc/yum.repos.d/elrepo.repo
### Name: ELRepo.org Community Enterprise Linux Repository for el7 ### URL: https://elrepo.org/ [elrepo] name=ELRepo.org Community Enterprise Linux Repository - el7 baseurl=http://mirrors.aliyun.com/elrepo/elrepo/el7/$basearch/ http://mirrors.coreix.net/elrepo/elrepo/el7/$basearch/ http://mirror.rackspace.com/elrepo/elrepo/el7/$basearch/ http://linux-mirrors.fnal.gov/linux/elrepo/elrepo/el7/$basearch/ #mirrorlist=http://mirrors.elrepo.org/mirrors-elrepo.el7 enabled=1 gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-elrepo.org protect=0 [elrepo-testing] name=ELRepo.org Community Enterprise Linux Testing Repository - el7 baseurl=http://mirrors.aliyun.com/elrepo/testing/el7/$basearch/ http://mirrors.coreix.net/elrepo/testing/el7/$basearch/ http://mirror.rackspace.com/elrepo/testing/el7/$basearch/ http://linux-mirrors.fnal.gov/linux/elrepo/testing/el7/$basearch/ #mirrorlist=http://mirrors.elrepo.org/mirrors-elrepo-testing.el7 enabled=0 gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-elrepo.org protect=0 [elrepo-kernel] name=ELRepo.org Community Enterprise Linux Kernel Repository - el7 baseurl=http://mirrors.aliyun.com/elrepo/kernel/el7/$basearch/ http://mirrors.coreix.net/elrepo/kernel/el7/$basearch/ http://mirror.rackspace.com/elrepo/kernel/el7/$basearch/ http://linux-mirrors.fnal.gov/linux/elrepo/kernel/el7/$basearch/ #mirrorlist=http://mirrors.elrepo.org/mirrors-elrepo-kernel.el7 enabled=0 gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-elrepo.org protect=0 [elrepo-extras] name=ELRepo.org Community Enterprise Linux Extras Repository - el7 baseurl=http://mirrors.aliyun.com/elrepo/extras/el7/$basearch/ http://mirrors.coreix.net/elrepo/extras/el7/$basearch/ http://mirror.rackspace.com/elrepo/extras/el7/$basearch/ http://linux-mirrors.fnal.gov/linux/elrepo/extras/el7/$basearch/ #mirrorlist=http://mirrors.elrepo.org/mirrors-elrepo-extras.el7 enabled=0 gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-elrepo.org protect=0
安装并设置内核
yum --enablerepo=elrepo-kernel install -y kernel-lt grub2-set-default 'CentOS Linux (4.4.189-1.el7.elrepo.x86_64) 7 (Core)' reboot
开启ipvs
modprobe br_netfilter cat > /etc/sysconfig/modules/ipvs.modules <<EOF #!/bin/bash modprobe -- ip_vs modprobe -- ip_vs_rr modprobe -- ip_vs_wrr modprobe -- ip_vs_sh modprobe -- nf_conntrack EOF chmod 755 /etc/sysconfig/modules/ipvs.modules && bash /etc/sysconfig/modules/ipvs.modules && lsmod | grep -e ip_vs -e nf_conntrack_ipv4
docker 镜像 /etc/yum.repos.d/docker-ce.repo
[docker-ce-stable] name=Docker CE Stable - $basearch baseurl=https://repo.huaweicloud.com/docker-ce/linux/centos/$releasever/$basearch/stable enabled=1 gpgcheck=1 gpgkey=https://repo.huaweicloud.com/docker-ce/linux/centos/gpg [docker-ce-stable-debuginfo] name=Docker CE Stable - Debuginfo $basearch baseurl=https://repo.huaweicloud.com/docker-ce/linux/centos/$releasever/debug-$basearch/stable enabled=0 gpgcheck=1 gpgkey=https://repo.huaweicloud.com/docker-ce/linux/centos/gpg [docker-ce-stable-source] name=Docker CE Stable - Sources baseurl=https://repo.huaweicloud.com/docker-ce/linux/centos/$releasever/source/stable enabled=0 gpgcheck=1 gpgkey=https://repo.huaweicloud.com/docker-ce/linux/centos/gpg [docker-ce-test] name=Docker CE Test - $basearch baseurl=https://repo.huaweicloud.com/docker-ce/linux/centos/$releasever/$basearch/test enabled=0 gpgcheck=1 gpgkey=https://repo.huaweicloud.com/docker-ce/linux/centos/gpg [docker-ce-test-debuginfo] name=Docker CE Test - Debuginfo $basearch baseurl=https://repo.huaweicloud.com/docker-ce/linux/centos/$releasever/debug-$basearch/test enabled=0 gpgcheck=1 gpgkey=https://repo.huaweicloud.com/docker-ce/linux/centos/gpg [docker-ce-test-source] name=Docker CE Test - Sources baseurl=https://repo.huaweicloud.com/docker-ce/linux/centos/$releasever/source/test enabled=0 gpgcheck=1 gpgkey=https://repo.huaweicloud.com/docker-ce/linux/centos/gpg [docker-ce-nightly] name=Docker CE Nightly - $basearch baseurl=https://repo.huaweicloud.com/docker-ce/linux/centos/$releasever/$basearch/nightly enabled=0 gpgcheck=1 gpgkey=https://repo.huaweicloud.com/docker-ce/linux/centos/gpg [docker-ce-nightly-debuginfo] name=Docker CE Nightly - Debuginfo $basearch baseurl=https://repo.huaweicloud.com/docker-ce/linux/centos/$releasever/debug-$basearch/nightly enabled=0 gpgcheck=1 gpgkey=https://repo.huaweicloud.com/docker-ce/linux/centos/gpg [docker-ce-nightly-source] name=Docker CE Nightly - Sources baseurl=https://repo.huaweicloud.com/docker-ce/linux/centos/$releasever/source/nightly enabled=0 gpgcheck=1 gpgkey=https://repo.huaweicloud.com/docker-ce/linux/centos/gpg
kube镜像源 /etc/yum.repos.d/kubernetes.repo
[kubernetes] name=Kubernetes baseurl=https://repo.huaweicloud.com/kubernetes/yum/repos/kubernetes-el7-$basearch enabled=1 gpgcheck=1 repo_gpgcheck=0 gpgkey=https://repo.huaweicloud.com/kubernetes/yum/doc/yum-key.gpg https://repo.huaweicloud.com/kubernetes/yum/doc/rpm-package-key.gpg
docker安装命令
yum install -y docker-ce-24.0.5-1.el7 docker-compose-plugin-2.20.2-1.el7 docker-buildx-plugin-0.11.2-1.el7 docker-ce-cli-24.0.5-1.el7 docker-ce-rootless-extras-24.0.5-1.el7
docker daemon参数配置
mkdir /etc/docker/
cat << EOF >/etc/docker/daemon.json
{"exec-opts": ["native.cgroupdriver=systemd"],"log-driver": "json-file","log-opts":{"max-size": "100m"}}
EOF
systemctl daemon-reload && systemctl restart docker && systemctl enable docker
kube安装命令
yum install -y kubectl-1.23.1-0 kubelet-1.23.1-0 kubeadm-1.23.1-0 kubernetes-cni-0.8.7-0
systemctl enable --now kubelet
初始化集群 主节点执行
kubeadm init \ --apiserver-advertise-address=192.168.0.151 \ --image-repository swr.cn-north-4.myhuaweicloud.com/mygule \ --kubernetes-version v1.23.1 \ --service-cidr=10.96.0.0/12 \ --pod-network-cidr=10.244.0.0/16
初始化网络插件
kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube- flannel.yml
替换到私有仓库
sed -i 's#docker.io/#swr.cn-north-4.myhuaweicloud.com/mygule/#g' kube-flannel.yml
K8S/Kubernetes社区为您提供最前沿的新闻资讯和知识内容
更多推荐
25
0- 0
已为社区贡献1条内容
所有评论(0)