一、基本环境配置1 IP修改机器克隆后,进行IP修改连接Xshell。
[root @ localhost ~]# VI/etc/sys config/network -scripts/ifcfg -ens 160 type = " Ethernet " proxy _ method = " none " browser _ only = " no " boot proto = " static " #配置静态IP, 防止修改def route = " yes " IP v4 _ failure _ fatal = " no " IPv6 init = " yes " IPv6 _ autoconf = " yes " IPv6 _ def route = " yes " IPv6 _ failure _ fatal = " no " IPv6 _ addr _ gen _ mode = " stable -privacy " NAME = " ens 160 " UUID = " d 20 C4 F2 e -c 799-46e 6-9a7a -0579 c 1791 c 27 " DEVICE = " ens 160 " on boot = " yes " IPA
[root@localhost软件]# NMC Li c reload ens 160[root @ localhost软件]# NMC Li c up ens 160连接成功激活(D-bus active path:/org/free desktop/network manager/active connection/5)[root @ localhost软件]# Test [root @ localhost软件]# ping 114.114.114.114 ping 114.114.114.114(114.114.114.114)56(84)字节数据. 64字节来自114 . 114 . 114 . 114:icmp _ seq = 1 TTL = 128 time = 30 5已接收,0%丢包,时间14 msrtt min/avg/max/mdev = 28.999/30.978/34.430/1.841 MS2设置主机名主机名CTL set-主机名kube-master01主机名CTL set-主机名kube-node01主机名ctlset-node02主机名CTL set-主机名kube-vip3配置主机本地解析cat >:/etc/hosts & lt; & lteof 127 . 0 . 0 . 1 localhost localhost . local domain localhost 4 localhost 4 . local domain 4::1 localhost localhost . local domain localhost 6 localhost 6 . loca l 6192 . 168 . 192 . 10 kube -master 01192 . 168 . 192 . 20 kube -node 01192 . 168 . 192 . 30 kube -node 02192 . 168 . 192 . 40 kube -vipeo
#关闭防火墙[root @ localhost ~]# systemctlstopfirewall d[root @ localhost ~]# systemctldisable firewall removed/etc/systemd/system/-user . target . wants/firewalld . service . removed/etc/systemd/system/dbus -org . fedora project . firewall D1 . service . # Close Selinux #永久关闭[root @ localhost ~]# Sed+I " s # Selinux =。* # selinux = disabled # g "/etc/selinux/config #临时关闭[root @ localhost ~]# set enforce 0 # Check[root @ localhost ~]#/usr/sbin/sessus -VSE Linux状态:enabled #检查Swap是否有[root @ localhost ~]# free -m total used free shared buff/Cache Available Mem:1800 1208 122 15 469 417 Swap:2047 15 2032 #关闭交换分区,交换将影响Sysctl-w VM。交换度= 0VM。swappiness = 0[root @ localhost ~]# se D-ri '/[#]* swap/s @ @ # '/etc/fstab #确认后[检查交换行中的所有零是正确的][root @ localhost free -m total used free shared buff/cache available mem:1800 1210 110 25 479 406 swap:0 0 0[root @ localh ost ~]# cat/etc/hosts 127 . 0 . 0 . 1 localhost localhost . local domain localhost 4/etc/hosts[root @ localhost ~]# cat/etc/hosts 127 . 0 . 0 . 1 localhost localhost . local domain localhost 4 localhost 4 . local domain 4::1 localhost localhost localhost . local domain localhost 6 . lo cal 6127 . 0 . 0 . 1 localhost . local domain 5 YUM源配置本地和自建服务器都需要配置YUM源。如果是云服务器,不需要配置,因为有对应的云YUM源。
#备份旧yum源CD/etc/yum . repos . d/mkdirbackup -$(date+% f)MV * repo Backup -$(date+% f)#以上无法读取,有简单的[root @ localhostyum . repos . d]# mkdir/etc/yum . repos . d . bak[root @ localhostyum . repos . d]# CP/etc/yum . repos . d/*/etc/yum . repos . d/[root @ localhostyum . bak
# Install epel source[root @ localhostyum . repos . d]# yum -y Install EPEL -release[root @ localhostyum . repos . d]# yum clean全部删除33个文件[root @ localhost yum . repos . d]# yum make cache #常见的安装依赖项有yum -y Install gcc glibc gcc -c++ make cmake net -tools screen vim lrz SZ tree dos 2 UNIX lsof \ tcpdump bash -completion wget OpenSSL OpenSSL -devel bind -uti M2 git device -mapper -persistent -databridge -utils container -selinux binutils -devel \ n courses ncurses -devel elf utils -libel F-devel ack #升级服务器yum -y更新注意:yum安装错误,请查看最后一个错误头。
7配置时间同步本地或自建服务器需要配置时间同步。如果是云服务器,因为有对应云的时间同步机制,所以不需要配置。
Echo "# Internet时间同步" >:& gt/var/spool/cron/root echo " */5 * * * */usr/sbin/NTP date time2.aliyun.com & gt;/dev/null 2 & gt;& amp1 " >;& gt/var/spool/cron/root8相互保密主节点执行以下操作
Ssh-keygen -t rsa# #定义主列表MASTER _ LIST =(192 . 168 . 192 . 10192 . 168 . 192 . 30)#在${MASTER_LIST[@]}中为I配置免密登录;dosh-copy -ID-I/root/。ssh/ID _ rsa.pubroot @ $ idone # yes #输入密码9。内核在Kubernetes的Github存储库中升级:
https://github . com/kubernetes/kubernetes/blob/master/changelog/changelog -1.25 . MD已经提到了关于内核版本的问题:
使用openat2加快了linux内核5.1小编的挂载检测,从而提高了pod流失率。在低于5.10的内核版本中,将回退到使用最初的方式来检测挂载点,即通过解析/proc/mounts。这意味着内核在5.10版之后会使用openat2进行更快的挂载检测,所以你可以在5.10版之后升级内核,但是没必要更新。这里用的是5.11.16版本,2021年4月更新。如果你想安装其他版本,可以从下面的网站下载:http://193.49.22.109/elrepo/kernel/el7/x86_64/RPMS/创建安装包存储并下载。
mkdir -p/opt/software/kernel CD/opt/software/kernel wget http://193.49.22.109/elrepo/kernel/el7/x86_64/RPMS/ kernel -ML-1 . el7 . El repo . x86 _ 64 . rpm wget http://193.49.22.109/elrepo/kernel/el7/x86 _ 64/rpms/kernel -ML-devel
Yum localinstall -y kernel-ml*#设置内核启动顺序grub 2-Set -默认0 & & ampgrub 2-mkconfig -o/etc/grub 2 . CFG #检查默认内核grub by --default -内核注意:CentOS 8.2需要安装以上内核升级的各种依赖项。
CentOS 7.9升级kernel-ml-5.6.14版本:https://www.jb51.net/article/265146.htm
Centos 8.2通过elrepo升级内核来源:https://www.jb51.net/article/265151.htm
10系统优化修改系统中打开文件的数量以提高性能。
cat & gt& gt/etc/security/limits . conf & lt;& ltEOF#打开文件以优化配置* soft nofile 655360 * hardnofile 655350 * soft nproc 655350 * hardnproc 655350 * softmemlock unlimited * hardmemlock unlimited deofcat/etc/security/limits . conf 1加载模块ipvs模块配置
kube -代理打开ipv的前提条件
原文:https://github . com/Kubernetes/Kubernetes/blob/master/pkg/proxy/ipvs/readme . MD参考:https://www . qikqiak . com/post/how -to-use -ipv S-in-Kubernetes
内核版本4.19+ nf_conntrack_ipv4已改为nf_conntrack,4.18以下可以使用nf_conntrack_ipv4。
要安装ipvsadm,节点通信需要LVS,所以需要安装ipvsadm。Ipset和ipvsadm(很容易查看ipv的代理规则)
Yum+y安装IP vsadm ipset sysstat conntrack libseccomp配置ipvs模块(内核4.19版之前用的是nf_conntrack_ipv4,后面会用nf_conntrack)
modprobe --IP _ vsmodprobe --IP _ vs _ rrmodprobe --IP _ vs _ wrrmodprobe --IP _ vs _ shmodprobe --nf _ conntrackcat & gt;/etc/modules -load . d/ipvs . conf & lt;& ltEOIP _ VSIP _ LCIP _ VS _ wlc IP _ VS _ RRIP _ VS _ WRRIP _ VS _ LBLCIP _ VS _ DHIP _ VS _ Ship _ VS _ FOIP _ VS _ NQIP _ VS _ SEDIP _ VS _ FTP IP _ VS _
#加载内核配置警告:忽略systemctlenable --now system -modules -load . service进行检查和确认。
[root @ localhost etc]# lsmod | grep --color = auto -e Ip _ vs -e nf _ conntrackip _ vs _ FTP 16384 0ip _ vs _ sed 16384 0ip _ vs _ NQ 16384 0ip _ vs _ fo 16384 0ip _ vs _ DH 16384 0ip _ vs _ LBL Cr 16384 0ip _ vs _ lblc 16384 0ip _ vs _ wlc 16384
cat & gt& gt/etc/sysctl . d/user . conf & lt;& ltEOF#内核调优net . IP v4 . IP _ forward = 1 net . bridge . bridge -NF-call -iptables = 1 net . bridge . bridge -NF-call -IP 6 tables = 1fs . may _ detach _ mounts = 1vm . overcommit _ me mory = 1vm . panic _ on _ oom = 0fs . inotify . max _ user _ watches = 89100 fs . file -max = 52706963 fs . NR _ open = 52706963 net . net filterIP v4 . TCP _ timestamps = 0 net . core . somaxconn = 16384 of两种方式:1分别指定配置文件加载sysctl -p/etc/sysctl . d/user . conf 2手动加载所有配置文件[root @ localhost etc]# sysctl --system * Applying/usr/lib/sysctl . d/10-default -yama -scope . conf...kernel . yama . ptrace _ scope = 0 * Applying/usr/lib/sysctl . d/50-coredump . conf...kernel . core _ pattern = |/usr/lib/systemd/systemd -core dump % P % u % g % s % t % c % h % e * Applying/usr/lib/sysctl . d/50-default . conf...kernel . sysrq = 16 kernel . core _ uses _ PID = 1 kernel . kptr _ restrict = 1 net . IP v4 . conf . all . RP _ filter = 1 net . IP v4 . conf . all . accept _ source _ rou te = 0 net . IP v4 . conf . all . promote _ secondaries = 1 net . core . default _ qdisc = FQ _ code lfs . protected _ hard links = 1fs . protected _ symlinks = 1 * Applying/usr/lib/sysctl . d/50-libkcapi-opt...net . core . opt mem _ max = 81920 * Applying/usr/lib/sysctl . d/50-PID -max . conf...kernel . PID _ max = 4194304 * Applying/usr/lib/sysctl . d/60-libvirtd . conf...fs . AIO -max -NR = 1048576 * Applying/etc/sysctl . d/99-sysctl . conf...*应用/etc/sysctl.d/ user.conf...net . IP v4 . IP _ forward = 1vm . overcommit _ memory = 1vm . panic _ on _ oom = 0fs . inotify . max _ user _ watches = 89100 fs . file -max = 52706963 fs . NR _ open = 5 2706963 net . net filter . nf _ conn track _ max = 2310720 net . IP v4 . TCP _ keepalive _ time = 600 net . IP v4 . TCP _ keepalive _ probes = 3 net . IPTCP _ MAX _ SYN _ backlog = 16384NET。IPv4。TCP _ timestamps = 0NET。核心。SomaxConn = 16384 *正在应用/etc/sysctl.conf...完成后,您可以重新启动服务器。
重启完成后,检查ipv的配置效果。
lsmod | grep --color = auto -e IP _ vs-e nf _ conntrack II。错误1:无法解析域名ping: baidu.com:名称或服务未知
0curl: (6)无法解析主机:mirrors.aliyun.com
解决
[root @ localhost ~]# VI/etc/sys config/network -scripts/if CFG -ens 160...gateway = "192.168.192.2" #修改网关地址IPV6_PRIVACY="no"#域名解析,网关也要使DNS 1 = 114.111。
[root @ localhost software]# NMC Li c reload ens 160[root @ localhost software]# NMC Li c up ens 160[root @ localhost yum . repos . d]# ping Baidu . comping Baidu.com(110.242.68.66)56(84)字节数据. 64字节来自110.242.68.66(110.242.68.66):icmp _ seq = 1 TTL = 128 time = 24.0 ms64字节来自110.242.68.66(110.242.68.66):icmp _ seq = 2 TTL = 128 time = 26.5 ms^c--- Baidu.com ping统计-4
如果还需要运行旧的CentOS 8,可以更新/etc/yum.repos中的repos.d,用vault.centos.org代替mirror.centos.org。
修改以下两个文件
CD/etc/yum . repos . dvivecentos -base . repo viccentos -app stream . repo centos -baseos . repo的内容修改为
[BaseOS]name = CentOS Linux $ release ver -BaseOS # mirror list = http://mirror list . CentOS . org/?release = $ releasever & amparch = $ basearch & amp回购= BaseOS & ampinfra = $ infra # base URL = http://mirror . CentOS . org/$ contentdir/$ release ver/BaseOS/$ basearch/OS/base URL = https://vault . CentOS . org/CentOS/$ release ver/BaseOS/$ basearch/OS/gpg check = 1 enabled = 1 gpg key = file://etc/PKI/RP M-GPG/RP M-gp G-key -cento official CentOS -appstream . repo的内容修改为
[AppStream]name = CentOS Linux $ release ver -AppStream # mirror list = http://mirror list . CentOS . org/?release = $ releasever & amparch = $ basearch & ampAppStream & ampinfra = $ infra # base URL = http://mirror . centos . org/$ contentdir/$ release ver/app stream/$ base arch/OS/base URL = https://vault . centos . org/centos/$ release ver/EP stream/$ base arch/OS/gpg check = 1 enabled = 1 gpg key = file://etc/PKI/rpm -gpg/rpm -gp G-key -centos official,然后执行yum -y install epel-release命令,发现它
三。安装k8scentos系统安装Kubernetes集群步骤:https://www.jb51.net/article/233987.htm
关于CentOS 8.2 k8s基础环境配置的这篇文章到此为止。关于k8s基础环境配置的更多信息,请搜索主机频道zhujipindao之前的文章。或者继续浏览下面的相关文章。希望大家支持主机频道zhujipindao。以后多来com!
评论前必须登录!
注册