赞
踩
最新的版本不一定好,但相对于旧版本,核心功能稳定,但新增功能、接口相对不稳
学会一个版本的 高可用部署,其他版本操作都差不多
不要使用带中文的服务器
宿主机尽量不要使用克隆(可能在后期calico网络部署时,pod网络不同的问题),使用全新的机器
宿主机尽量升级到CentOS 7.9
内核kernel升级到 4.19+ 这种稳定的内核
部署k8s版本时,尽量找 1.xx.5 这种大于5的小版本(这种一般是比较稳定的版本)
k8s版本在一年之内进行更新一次
master在测试环境 为 2核3G
node节点在测试环境为 2核2G
二进制部署
kubeadm部署
Sys-Version | hostname | IP地址 | 性能 |
---|---|---|---|
CentOS7.9 | k8s-master1 | 192.168.178.51 | 2核3G |
CentOS7.9 | k8s-master2 | 192.168.178.52 | 2核3G |
CentOS7.9 | k8s-master3 | 192.168.178.53 | 2核3G |
CentOS7.9 | k8s-node1 | 192.168.178.54 | 2核2G |
CentOS7.9 | k8s-node2 | 192.168.178.55 | 2核2G |
Sys-Version | APP |
---|---|
v1.20.12 | Kubernetes |
v20.10.10 | Docker |
v3.15.3 | Calico |
v2.0.4 | Dashboard |
# hostnamectl set-hostname k8s-master1
# hostnamectl set-hostname k8s-master2
# hostnamectl set-hostname k8s-master3
# hostnamectl set-hostname k8s-node1
# hostnamectl set-hostname k8s-node2
# vi /etc/hosts
192.168.178.51 k8s-master1
192.168.178.52 k8s-master2
192.168.178.53 k8s-master3
192.168.178.200 k8s-master-lb #此为VIP的地址
192.168.178.54 k8s-node1
192.168.178.55 k8s-node2
# systemctl disable --now firewalld
# setenforce 0
# sed -i '/^SELINUX=/cSELINUX=disabled' /etc/selinux/config
#没有该目录就直接跳过
# systemctl disable --now dnsmasq
# systemctl disable --now NetworkManager
# swapoff -a && sysctl -w vm.swappiness=0
# sed -ri '/^[^#]*swap/s@^@#@' /etc/fstab
# ip link
# cat /sys/class/dmi/id/product_uuid
# curl -o /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-7.repo
# yum install -y yum-utils device-mapper-persistent-data lvm2
# yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
# sed -i -e '/mirrors.cloud.aliyuncs.com/d' -e '/mirrors.aliyuncs.com/d' /etc/yum.repos.d/CentOS-Base.repo
# yum install wget jq psmisc vim net-tools telnet yum-utils device-mapper-persistent-data lvm2 git bash-completion lrzsz -y
# rpm -ivh http://mirrors.wlnmp.com/centos/wlnmp-release-centos.noarch.rpm
# yum install ntpdate -y
# ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
# echo 'Asia/Shanghai' >/etc/timezone
# ntpdate time2.aliyun.com
# systemctl enable --now crond
# crontab -e
添加并保存退出,每隔5秒进行时间同步
*/5 * * * * /usr/sbin/ntpdate time2.aliyun.com
# crontab -l
*/5 * * * * /usr/sbin/ntpdate time2.aliyun.com
# ulimit -SHn 65535
# vim /etc/security/limits.conf
#在末尾进行追加,保存退出
* soft nofile 65536
* hard nofile 131072
* soft nproc 65535
* hard nproc 655350
* soft memlock unlimited
* hard memlock unlimited
生成公钥
# ssh-keygen -t rsa
公钥推送
# for i in k8s-master1 k8s-master2 k8s-master3 k8s-node1 k8s-node2;do ssh-copy-id -i .ssh/id_rsa.pub $i;done
# yum update -y --exclude=kernel*
# reboot
[root@k8s-master1 ~]# wget http://193.49.22.109/elrepo/kernel/el7/x86_64/RPMS/kernel-ml-devel-4.19.12-1.el7.elrepo.x86_64.rpm
[root@k8s-master1 ~]# wget http://193.49.22.109/elrepo/kernel/el7/x86_64/RPMS/kernel-ml-4.19.12-1.el7.elrepo.x86_64.rpm
# for i in k8s-master2 k8s-master3 k8s-node1 k8s-node2;do scp kernel-ml-4.19.12-1.el7.elrepo.x86_64.rpm kernel-ml-devel-4.19.12-1.el7.elrepo.x86_64.rpm $i:/root/ ; done
# cd /root/
# yum localinstall -y kernel-ml*
# grub2-set-default 0 && grub2-mkconfig -o /etc/grub2.cfg
# grubby --args="user_namespace.enable=1" --update-kernel="$(grubby --default-kernel)"
# grubby --default-kernel
#reboot
# yum install ipvsadm ipset sysstat conntrack libseccomp -y
Copyright © 2003-2013 www.wpsshop.cn 版权所有,并保留所有权利。