生产级K8S基础环境部署-20210917
(img-HW3Xv8E9-1721194682933)](img-DyIIXgWj-1721194682934)](img-CbVgfsbc-1721194682934)](img-f9bRBhPO-1721194682935)]ssh-copy-id -i .ssh/id_rsa.pub 其他主机。配置免密登录(从主master向其他节点分发)🐕。
cat /etc/fstab
/dev/mapper/centos-swap swap swap defaults 0 0
- 关闭NetworkManager 🐏
systemctl disable --now NetworkManager
- 进行时间同步(有自己的时间服务器更好)🐒
安装
rpm -ivh http://mirrors.wlnmp.com/centos/wlnmp-release-centos.noarch.rpm
yum -y install ntpdate
同步
ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
echo ‘Asia/Shanghai’ >/etc/timezone
ntpdate ntp.aliyun.com
crontab -e
crontab -l
*/5 * * * * ntpdate ntp.aliyun.com
- 配置ulimit 🐓
ulimit -SHn 65535
vim /etc/security/limits.conf
-
soft nofile 655360
-
hard nofile 131072
-
soft nproc 655350
-
hard nproc 655350
-
seft memlock unlimited
-
hard memlock unlimitedd
-
配置免密登录(从主master向其他节点分发)🐕
ssh-keygen -t rsa
ssh-copy-id -i .ssh/id_rsa.pub 其他主机
- 升级系统到最新(跳过内核)🐖
yum update -y --exclude=kernel*
- 升级内核至4.18版本以上 o(=•ェ•=)m🐱
cd /root/
wget http://193.49.22.109/elrepo/kernel/el7/x86_64/RPMS/kernel-ml-4.19.12-1.el7.elrepo.x86_64.rpm
wget http://193.49.22.109/elrepo/kernel/el7/x86_64/RPMS/kernel-ml-devel-4.19.12-1.el7.elrepo.x86_64.rpm
yum -y localinstall kernel-ml*
grub2-set-default 0 && grub2-mkconfig -o /etc/grub2.cfg && grubby --args=“user_namespace.enable=1” --update-kernel=“$(grubby --default-kernel)”
reboot
uname -r
- 安装ipvsadm 🦊
yum install ipvsadm ipset sysstat conntrack libseccomp –y
vim /etc/modules-load.d/ipvs.conf
cat /etc/modules-load.d/ipvs.conf
ip_vs
ip_vs_rr
ip_vs_wrr
ip_vs_sh
nf_conntrack
ip_tables
ip_set
xt_set
ipt_set
ipt_rpfilter
ipt_REJECT
ipip
systemctl enable --now systemd-modules-load.service
lsmod | grep -e ip_vs -e nf_conntrack_ipv4
ip_vs_sh 16384 0
ip_vs_wrr 16384 0
ip_vs_rr 16384 0
ip_vs 151552 6 ip_vs_rr,ip_vs_sh,ip_vs_wrr
nf_conntrack 143360 1 ip_vs
libcrc32c 16384 3 nf_conntrack,xfs,ip_vs
- 修改内核参数 🐻
cat < /etc/sysctl.d/k8s.conf
net.ipv4.ip_forward = 1
net.bridge.bridge-nf-call-iptables = 1
fs.may_detach_mounts = 1
vm.overcommit_memory=1
vm.panic_on_oom=0
fs.inotify.max_user_watches=89100
fs.file-max=52706963
fs.nr_open=52706963
net.netfilter.nf_conntrack_max=2310720
net.ipv4.tcp_keepalive_time = 600
net.ipv4.tcp_keepalive_probes = 3
net.ipv4.tcp_keepalive_intvl =15
net.ipv4.tcp_max_tw_buckets = 36000
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_max_orphans = 327680
net.ipv4.tcp_orphan_retries = 3
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_max_syn_backlog = 16384
net.ipv4.ip_conntrack_max = 65536
net.ipv4.tcp_max_syn_backlog = 16384
net.ipv4.tcp_timestamps = 0
net.core.somaxconn = 16384
EOF
读者福利
由于篇幅过长,就不展示所有面试题了,感兴趣的小伙伴
更多笔记分享
net.core.somaxconn = 16384
EOF
读者福利
由于篇幅过长,就不展示所有面试题了,感兴趣的小伙伴
[外链图片转存中…(img-HW3Xv8E9-1721194682933)]
[外链图片转存中…(img-DyIIXgWj-1721194682934)]
[外链图片转存中…(img-CbVgfsbc-1721194682934)]
更多笔记分享
[外链图片转存中…(img-f9bRBhPO-1721194682935)]
更多推荐
所有评论(0)