1 禁用防火墙

sudo ufw disable

2 安装Selinux

sudo apt install selinux-utils

3 关闭selinux防火墙(临时)

sudo setenforce 0

4 永久关闭selinux防火墙

sudo bash -c 'echo 'SELINUX=disabled' > /etc/selinux/conifg'

5 启用Iptable转发

sudo bash -c 'echo '/usr/sbin/iptables -P FORWARD ACCEPT' >> /etc/rc.local'
sudo iptables -P FORWARD ACCEPT

6 临时关闭swap分区

sudo swapoff -a

7 永久关闭swap分区

sudo sed -i 's/.*swap.*/#&/' /etc/fstab

8 设置所需的 sysctl 参数，参数在重新启动后保持不变

sudo tee /etc/sysctl.d/k8s.conf <<-'EOF' 
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
EOF

9 应用 sysctl 参数而不重新启动

sudo sysctl --system

10 br_netfilter模块开机自启动

sudo modprobe br_netfilter

11 安装docker依赖的模块

sudo apt install -y apt-transport-https ca-certificates curl software-properties-common

12 添加Aliyun docker社区版的软件包密钥

sudo curl -fsSL https://mirrors.aliyun.com/docker-ce/linux/ubuntu/gpg | sudo apt-key add - 

13 安装docker社区版

sudo apt install -y docker.io 
sudo apt install -y docker-ce 
sudo mkdir -p /etc/docker
curl -o daemon.json https://raw.githubusercontent.com/fofcn/go-devops/main/release/pipeline/docker/daemon.json
sudo mv daemon.json /etc/docker
sudo systemctl restart docker
sudo systemctl enable docker
sudo add-apt-repository "deb [arch=amd64] https://mirrors.aliyun.com/docker-ce/linux/ubuntu $(lsb_release -cs) stable" 
sudo apt update 

14 添加Aliyun Kubernetes软件包密钥

sudo curl https://mirrors.aliyun.com/kubernetes/apt/doc/apt-key.gpg | sudo apt-key add -
sudo curl -o kubernetes.list https://raw.githubusercontent.com/fofcn/go-devops/main/release/pipeline/k8s/aliyun-kubernetes.list
sudo mv kubernetes.list /etc/apt/sources.list.d/kubernetes.list 
sudo apt update 

15 查询kubernetes软件版本

sudo apt-cache madison kubelet
sudo apt-cache madison kubectl | grep 1.18.4-00

16 安装kubernetes

sudo apt install -y kubelet=1.18.4-00 kubeadm=1.18.4-00 kubectl=1.18.4-00

17 设置kubelet开机自启动

sudo systemctl enable kubelet 

18 启动kubelet

sudo systemctl start kubelet