快速部署k8s_[root@node1 ~]# kubeadm join 192.168.88.200:6443 -

快速部署k8s

环境

准备工作

设置主机名 关闭防火墙和selinux、swap分区空间

//设置主机名
[root@master ~]# hostnamectl set-hostname master.example.com
[root@master ~]# bash
[root@master ~]# hostname
master.example.com

[root@node1 ~]# hostnamectl set-hostname node1.example.com
[root@node1 ~]# bash
[root@node1 ~]# hostname
node1.example.com

[root@node2 ~]# hostnamectl set-hostname node2.example.com
[root@node2 ~]# bash
[root@node2 ~]# hostname
node2.example.com


以下操作在三台机器都要进行
//关闭防火墙
[root@master ~]# systemctl disable --now firewalld.service 
Removed /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.

//关闭selinux
[root@master ~]# vim /etc/selinux/config 

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#     enforcing - SELinux security policy is enforced.
#     permissive - SELinux prints warnings instead of enforcing.
#     disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of these three values:
#     targeted - Targeted processes are protected,
#     minimum - Modification of targeted policy. Only selected processes are protected. 
#     mls - Multi Level Security protection.
SELINUXTYPE=targeted

[root@master ~]# setenforce 0



//关闭swap分区空间
[root@master ~]# vim /etc/fstab 
# 
# /etc/fstab
# Created by anaconda on Fri Nov 12 08:04:53 2021
#
# Accessible filesystems, by reference, are maintained under '/dev/disk/'.
# See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info.
#
# After editing this file, run 'systemctl daemon-reload' to update systemd
# units generated from this file.
#
/dev/mapper/cs-root     /                       xfs     defaults        0 0
UUID=b63f82a7-55fa-4e7c-b94e-71f1a1e3cb74 /boot                   xfs     defaults        0 0

# 把下面一行删除掉或注释即可
# 把下面一行删除掉或注释即可
/dev/mapper/cs-swap     none                    swap    defaults        0 0

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61

在master节点配置DNS域名解析 IPv4流量传递到iptables

[root@master ~]# vim /etc/hosts 
[root@master ~]# cat /etc/hosts 
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
添加以下类容
192.168.136.132 master master.example.com
192.168.136.138 node1 node1.example.com
192.168.136.140 node2 node2.example.com


//master上配置流量传递
[root@master ~]# vim /etc/sysctl.d/k8s.conf 
[root@master ~]# cat /etc/sysctl.d/
99-sysctl.conf  k8s.conf        
[root@master ~]# cat /etc/sysctl.d//k8s.conf 
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1

//让配置生效
[root@master ~]# sysctl --system
* Applying /usr/lib/sysctl.d/10-default-yama-scope.conf ...
kernel.yama.ptrace_scope = 0
* Applying /usr/lib/sysctl.d/50-coredump.conf ...
kernel.core_pattern = |/usr/lib/systemd/systemd-coredump %P %u %g %s %t %c %h %e
* Applying /usr/lib/sysctl.d/50-default.conf ...
kernel.sysrq = 16
kernel.core_uses_pid = 1
kernel.kptr_restrict = 1
net.ipv4.conf.all.rp_filter = 1
net.ipv4.conf.all.accept_source_route = 0
net.ipv4.conf.all.promote_secondaries = 1
net.core.default_qdisc = fq_codel
fs.protected_hardlinks = 1
fs.protected_symlinks = 1
* Applying /usr/lib/sysctl.d/50-libkcapi-optmem_max.conf ...
net.core.optmem_m
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35