目录
1.修改主机名
hostnamectl set-hostname k8s-master01
hostnamectl set-hostname k8s-master02
hostnamectl set-hostname k8s-master03
hostnamectl set-hostname k8s-worker01
hostnamectl set-hostname k8s-worker02
###
2.添加 主机名与IP地址解析
cat > /etc/hosts <<EOF
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.0.2 k8s-master01
192.168.0.3 k8s-master02
192.168.0.4 k8s-master03
192.168.0.5 k8s-worker01
192.168.0.6 k8s-worker02
EOF
3.升级服务器内核,时间同步,关闭防火墙,重启服务器
#sudo hostnamectl set-hostname k8s-m01
#添加访问互联路由
cat > /etc/resolv.conf <<EOF
nameserver 8.8.8.8
nameserver 114.114.114.114
nameserver 223.5.5.5
EOF
cat /etc/resolv.conf
# ssh连接Linux比较慢
#sed -i "s|#UseDNS yes|UseDNS no|" /etc/ssh/sshd_config
#sed -i "s|GSSAPIAuthentication yes|GSSAPIAuthentication no|" /etc/ssh/sshd_config
#设置为阿里云yum源
rm -rf /etc/yum.repos.d/bak && mkdir -p /etc/yum.repos.d/bak && mv /etc/yum.repos.d/* /etc/yum.repos.d/bak
curl -o /etc/yum.repos.d/CentOS-7.repo http://mirrors.aliyun.com/repo/Centos-7.repo
yum clean all && yum makecache
cd /etc/yum.repos.d
#安装依赖包
yum -y install sshpass wget conntrack ntpdate ntp ipvsadm ipset jq iptables curl sysstat libseccomp wget vim net-tools git lrzsz unzip gcc telnet
echo '*/5 * * * * /usr/sbin/ntpdate ntp1.aliyun.com >/dev/null 2>&1'>/var/spool/cron/root && crontab -l
#设置防火墙为 Iptables 并设置空规则
systemctl stop firewalld && systemctl disable firewalld
yum -y install iptables-services && systemctl start iptables && systemctl enable iptables && iptables -F && service iptables save
#关闭 SELINUX
swapoff -a && sed -i '/ swap / s/^\(.*\)$/#\1/g' /etc/fstab
setenforce 0 && sed -i 's/^SELINUX=.*/SELINUX=disabled/' /etc/selinux/config
#调整内核参数,对于 K8S
cat > /etc/sysctl.d/kubernetes.conf <<EOF
net.bridge.bridge-nf-call-iptables=1
net.bridge.bridge-nf-call-ip6tables=1
net.ipv4.ip_forward=1
#net.ipv4.tcp_tw_recycle=0
vm.swappiness=0 # 禁止使用 swap 空间,只有当系统 OOM 时才允许使用它
vm.overcommit_memory=1 # 不检查物理内存是否够用
vm.panic_on_oom=0 # 开启 OOM
fs.inotify.max_user_instances=8192
fs.inotify.max_user_watches=1048576
fs.file-max=52706963
fs.nr_open=52706963
net.ipv6.conf.all.disable_ipv6=1
net.netfilter.nf_conntrack_max=2310720
EOF
modprobe ip_vs_rr && modprobe br_netfilter && sysctl -p /etc/sysctl.d/kubernetes.conf
#关闭系统不需要服务
systemctl stop postfix && systemctl disable postfix
#升级内核
rpm --import https://www.elrepo.org/RPM-GPG-KEY-elrepo.org
yum -y install https://www.elrepo.org/elrepo-release-7.0-4.el7.elrepo.noarch.rpm
yum --enablerepo="elrepo-kernel" -y install kernel-lt.x86_64
awk -F \' '$1=="menuentry " {print i++ " : " $2}' /etc/grub2.cfg
grub2-set-default "CentOS Linux (5.4.204-1.el7.elrepo.x86_64) 7 (Core)"
#grub2-set-default 'CentOS Linux (4.4.222-1.el7.elrepo.x86_64) 7 (Core)'
#重启服务器
reboot
################################
4.sealos 安装
#添加访问互联路由
cat > /etc/resolv.conf <<EOF
nameserver 8.8.8.8
nameserver 114.114.114.114
nameserver 223.5.5.5
EOF
cat /etc/resolv.conf
#时间同步
ntpdate ntp1.aliyun.com
wget -c https://github.com/fanux/sealos/releases/download/v3.3.8/sealos && tar zxvf sealos*.tar.gz sealos && chmod +x sealos && mv sealos /usr/bin
5.离线环境安装,离线环境只需要提前导入镜像
5.1 加载离线包部署,并部署
链接:https://pan.baidu.com/s/1DPfGQWGv_MTgnHXYCjZ51Q?pwd=lh3f
提取码:lh3f
#时间同步
ntpdate ntp1.aliyun.com
#安装
sealos init --passwd xxxxxx \
--master 192.168.0.2 \
--master 192.168.0.3 \
--master 192.168.0.4 \
--node 192.168.0.5 \
--node 192.168.0.6 \
--pkg-url /root/kube1.19.16.tar.gz \
--version v1.19.16
6.kubernetes集群可用性验证
kubectl get nodes
kubectl get pod -A
#配置kubectl自动补全
yum install -y bash-completion
source /usr/share/bash-completion/bash_completion
source <(kubectl completion bash)
echo "source <(kubectl completion bash)" >> /etc/profile
#去主节点 污点,看情况,自己选择
[root@k8s-m01 ~]# kubectl get node
NAME STATUS ROLES AGE VERSION
k8s-m01 Ready control-plane,master 97m v1.20.0
k8s-m02 Ready control-plane,master 89m v1.20.0
k8s-m03 Ready control-plane,master 82m v1.20.0
[root@k8s-m01 ~]# kubectl describe node |grep -i taints
Taints: node-role.kubernetes.io/master:NoSchedule
Taints: node-role.kubernetes.io/master:NoSchedule
Taints: node-role.kubernetes.io/master:NoSchedule
[root@k8s-m01 ~]# kubectl taint node k8s-m03 node-role.kubernetes.io/master:NoSchedule-
7.扩展安装
参数说明:
参数名 | 参数值示例 | 参数说明 |
---|---|---|
--masters | 192.168.0.2 | kubernetes master 节点地址列表 |
--nodes | 192.168.0.3 | kubernetes node 节点地址列表 |
--ssh-passwd | [your-ssh-passwd] | ssh 登录密码 |
kubernetes | labring/kubernetes:v1.19.0 | kubernetes 镜像 |
8. sealos 版本3.3-基本命令
#添加 node 节点:
sealos join --node 192.168.1.63
#添加master
sealos join -master 192.168.1.61
#删除 node 节点:
sealos clean --node 192.168.64.21,192.168.64.19
#删除 master 节点:
sealos clean --master 192.168.1.61,192.168.1.62
#重置集群
sealos clean --all -f