第一篇（二进制部署k8s集群---准备架构篇）

第一篇（二进制部署k8s集群---准备架构篇）

1、本文主要说明kubernetes集群的准备工作和安装的架构图。

2、服务器准备工作

升级内核：

yum -y install kernel-ml-5.7.8-1.el7.elrepo.x86_64.rpm kernel-ml-devel-5.7.8-1.el7.elrepo.x86_64.rpm 调整默认启动内核 cat /boot/grub2/grub.cfg | grep menuentry 查看是否设置成功 grub2-editenv list 重启服务器reboot

3、开启ipvs支持

cat > /etc/sysconfig/modules/ipvs.modules < /dev/null 2>&1 if [ $? -eq 0 ]; then /sbin/modprobe \${kernel_module} fi done EOF chmod 755 /etc/sysconfig/modules/ipvs.modules bash /etc/sysconfig/modules/ipvs.modules lsmod | grep ip_vs

关闭防火墙：

systemctl stop firewalld && systemctl disable firewalld

关闭swap分区：

swapoff -a && sed -i '/ swap / s/^\(.*\)$/#\1/g' /etc/fstab

关闭SELinux

setenforce 0 sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config

修改文件句柄数

vim /etc/security/limits.conf * soft nofile 65536 * hard nofile 65536 * soft nproc 65536 * hard nproc 65536 * soft memlock unlimited * hard memlock unlimited

修改系统参数

vim /etc/sysctl.d/k8s.conf net.ipv4.tcp_keepalive_time = 600 net.ipv4.tcp_keepalive_intvl = 30 net.ipv4.tcp_keepalive_probes = 10 net.ipv6.conf.all.disable_ipv6 = 1 net.ipv6.conf.default.disable_ipv6 = 1 net.ipv6.conf.lo.disable_ipv6 = 1 net.ipv4.neigh.default.gc_stale_time = 120 net.ipv4.conf.all.rp_filter = 0 net.ipv4.conf.default.rp_filter = 0 net.ipv4.conf.default.arp_announce = 2 net.ipv4.conf.lo.arp_announce = 2 net.ipv4.conf.all.arp_announce = 2 net.ipv4.ip_forward = 1 net.ipv4.tcp_max_tw_buckets = 5000 net.ipv4.tcp_syncookies = 1 net.ipv4.tcp_max_syn_backlog = 1024 net.ipv4.tcp_synack_retries = 2 net.bridge.bridge-nf-call-ip6tables = 1 net.bridge.bridge-nf-call-iptables = 1 net.netfilter.nf_conntrack_max = 2310720 fs.inotify.max_user_watches=89100 fs.may_detach_mounts = 1 fs.file-max = 52706963 fs.nr_open = 52706963 net.bridge.bridge-nf-call-arptables = 1 vm.swappiness = 0 vm.overcommit_memory=1 vm.panic_on_oom=0 sysctl --system

在生产环境建议预留内存,避免内存耗尽导致ssh连不上主机：（32G的机器留2G，251的留3G, 500G的留5G）。下面是预留3G

echo 'vm.min_free_kbytes=3000000' >> /etc/sysctl.conf sysctl -p

host文件编写：（后面多的事预留的）

[root@k8s-master1 nginx-web]# cat /etc/hosts 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 local-alhost.localdomain localhost6 localhost6.localdomain6 192.168.206.31 k8s-master1 192.168.206.32 k8s-master2 192.168.206.33 k8s-master3 192.168.206.41 k8s-node1 192.168.206.42 k8s-node2 192.168.206.43 k8s-node3 192.168.206.44 k8s-node4 192.168.206.45 k8s-node5 192.168.206.46 k8s-node6 192.168.206.47 k8s-node7 192.168.206.48 k8s-node8 192.168.206.49 k8s-node9

服务器时间同步：

yum -y install ntp ntpdate ntpdate 0.asia.pool.ntp.org hwclock --systohc systemctl enable ntpd systemctl start ntpd systemctl status ntpd

版权声明：本文内容由网络用户投稿，版权归原作者所有，本站不拥有其著作权，亦不承担相应法律责任。如果您发现本站中有涉嫌抄袭或描述失实的内容，请联系我们jiasou666@gmail.com 处理，核实后本网站将在24小时内删除侵权内容。