一、Anolis os release 8.6-kubeadm 部署 k8s1.27.4-基础环境准备
Anolis os release 8.6-kubeadm 部署 k8s1.27.4-基础环境准备
一、服务器分布
二、关闭防火墙
三、关闭selinux
四、关闭swap
五、设置主机名
六、在master上添加hosts
七、将桥接的ipv4流量传递到iptables的连接
八、时间同步
九、设置ip转发
一、服务器分布
主机名 Ip 配置 角色 系统
ct-linux-k8s-master-66 192.168.6.6 8核16G 200G ct-linux-k8s-master-66 Anolis OS release 8.6
ct-linux-k8s-node67 192.168.6.7 8核32G 200G ct-linux-k8s-node67 Anolis OS release 8.6
ct-linux-k8s-node68 192.168.6.8 8核32G 200G ct-linux-k8s-node68 Anolis OS release 8.6
二、关闭防火墙
# yum update ipatables firewalld -y
# systemctl stop firewalld
# systemctl disable firewalld
# iptables -vnL
# iptables -F&&iptables -t nat -F&& iptables -t mangle -F && iptables -X
三、关闭selinux
# sed -i 's/enforcing/disabled/' /etc/selinux/config
# setenforce 0
四、关闭swap
# swapoff -a
五、设置主机名
# hostname set-hostname XXXXXX
六、在master上添加hosts
# cat >> /etc/hosts <<EOF
192.168.6.8 ct-linux-k8s-node68
192.168.6.7 ct-linux-k8s-node67
192.168.6.6 ct-linux-k8s-master-66
EOF
七、将桥接的ipv4流量传递到iptables的连接
# cat > /etc/sysctl.d/k8s.conf << EOF
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
EOF
修改后的:
net.ipv4.ip_forward=1
net.bridge.bridge-nf-call-iptables=1
net.bridge.bridge-nf-call-ip6tables=1
fs.inotify.max_user_watches=525000
fs.may_detach_mounts = 1
net.ipv4.conf.all.route_localnet = 1
vm.overcommit_memory=1
vm.panic_on_oom=0
fs.file-max=52706963
fs.nr_open=52706963
net.netfilter.nf_conntrack_max=2310720
net.ipv4.tcp_keepalive_time = 600
net.ipv4.tcp_keepalive_probes = 3
net.ipv4.tcp_keepalive_intvl =15
net.ipv4.tcp_max_tw_buckets = 36000
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_max_orphans = 327680
net.ipv4.tcp_orphan_retries = 3
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_max_syn_backlog = 16384
net.ipv4.ip_conntrack_max = 65536
net.ipv4.tcp_max_syn_backlog = 16384
net.ipv4.tcp_timestamps = 0
net.core.somaxconn = 16384# sysctl --system
八、时间同步,默认已经安装
##配置文件
# egrep -v "^$|^#|^ *#" /etc/chrony.conf
server ntp.aliyun.com iburst
server 0.centos.pool.ntp.org iburst
server 1.centos.pool.ntp.org iburst
server 2.centos.pool.ntp.org iburst
driftfile /var/lib/chrony/drift
makestep 1.0 3
rtcsync
logdir /var/log/chrony
##重启
# systemctl restart chronyd
## 开机启动
# systemctl enable chronyd
九、加载ip_vs内核模块
## 手动加载
# cat /etc/sysconfig/modules/ipvs.modules
#!/bin/bash
modprobe -- ip_vs
modprobe -- ip_vs_lc
modprobe -- ip_vs_wlc
modprobe -- ip_vs_rr
modprobe -- ip_vs_wrr
modprobe -- ip_vs_lblc
modprobe -- ip_vs_lblcr
modprobe -- ip_vs_dh
modprobe -- ip_vs_sh
modprobe -- ip_vs_fo
modprobe -- ip_vs_nq
modprobe -- ip_vs_sed
modprobe -- ip_vs_ftp
modprobe -- ip_vs_sh
modprobe -- nf_conntrack
modprobe -- ip_tables
modprobe -- ip_set
modprobe -- xt_set
modprobe -- ipt_set
modprobe -- ipt_rpfilter
modprobe -- ipt_REJECT
modprobe -- ipip
# chmod 755 /etc/sysconfig/modules/ipvs.modules && bash /etc/sysconfig/modules/ipvs.modules && lsmod | grep ip_vs
#设置下次开机启动
cat > /etc/modules-load.d/ip_vs.conf << EOF
ip_vs
ip_vs_rr
ip_vs_wrr
ip_vs_sh
nf_conntrack
EOF
模块不存在可安装下面的包:
# yum install ipset ipvsadm -y修改后的;
ip_vs
ip_vs_lc
ip_vs_wlc
ip_vs_rr
ip_vs_wrr
ip_vs_lblc
ip_vs_lblcr
ip_vs_dh
ip_vs_sh
ip_vs_fo
ip_vs_nq
ip_vs_sed
ip_vs_ftp
ip_vs_sh
nf_conntrack
ip_tables
ip_set
xt_set
ipt_set
ipt_rpfilter
ipt_REJECT
ipip
K8S/Kubernetes社区为您提供最前沿的新闻资讯和知识内容
更多推荐
7
0- 0
已为社区贡献16条内容
所有评论(0)