#初始化服务器
echo 'export LC_ALL="en_US.UTF-8"' >> /etc/profile
source /etc/profile
#!/bin/bash #1. 新服务器建议把一些软件通过yum安装上,因为只是占用很小的磁盘空间,但是比较常用 yum -y install wget net-tools nfs-utils lrzsz gcc gcc-c++ make cmake libxml2-devel openssl-devel curl curl-devel unzip sudo ntp libaio-devel wget vim ncurses-devel autoconf automake zlib-devel python-devel epel-release lrzsz openssh-server socat ipvsadm conntrack bind-utils epel-release libffi-devel #2. 关闭firewalld防火墙,禁止开机启动,安装iptables,并且禁用开机启动,如有需要请另行设置iptables规则 systemctl stop firewalld && systemctl disable firewalld yum install iptables-services -y iptables -F && service iptables save service iptables stop && systemctl disable iptables #3. 修改时区,时间同步 mv -f /etc/localtime /etc/localtime.bak /bin/cp -rf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime echo 'ZONE="CST"' > /etc/sysconfig/clock ntpdate cn.pool.ntp.org #计划任务,crontab -e #* */1 * * * /usr/sbin/ntpdate cn.pool.ntp.org #4.关闭selinux sed -i 's/SELINUX=enforcing/SELINUX=disabled/' /etc/sysconfig/selinux sed -i "s/SELINUX=enforcing/SELINUX=disabled/g" /etc/selinux/config setenforce 0 #新服务器建议reboot让永久生效 #5. 放开文件描述符的最大值限制,默认是1024 echo "ulimit -n 65536" >> /etc/profile
echo "root soft nofile 65536" >> /etc/security/limits.conf echo "root hard nofile 65536" >> /etc/security/limits.conf echo "* soft nofile 65536" >> /etc/security/limits.conf echo "* hard nofile 65536" >> /etc/security/limits.conf source /etc/profile #6. 如果没有swap,建议设置个swap #请根据自己的内存,调节swap的大小,例如调大count的值 #dd if=/dev/zero of=/swapfile bs=1k count=2048000 #mkswap /swapfile #chmod 0600 /swapfile #swapon /swapfile #echo "/swapfile swap swap defaults 0 0" >> /etc/fstab #如果安装k8s等特殊场景,需要禁用swap请 #swapoff -a #sed -i 's/.*swap.*/#&/' /etc/fstab #7. centos 7 修改主机名 #请根据自己的情况,修改自己的主机名 #hostnamectl set-hostname localhost #根据自己的情况,修改/etc/hosts中旧的主机名 #8. 修改内核参数 #请根据具体场景修改内核参数,暂时没有很好的建议 #如果是k8s请先作如下配置 cat <<EOF > /etc/sysctl.d/k8s.conf net.bridge.bridge-nf-call-ip6tables = 1 net.bridge.bridge-nf-call-iptables = 1 EOF sysctl -p #9. 设置免密登陆的密钥 #一直回车 #默认相关内容放在/root/.ssh/下面 #如果/root/.ssh/下面没有authorized_keys文件,请touch #/root/.ssh/authorized_keys && chmod 600 #/root/.ssh/authorized_keys #ssh-keygen -t rsa # 10. 修改yum源 #备份原来的yum源 mv -f /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.backup #下载阿里的yum源 wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
#配置k8s 的yum源
cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
EOF
#配置docker 的yum源,及查看支持的docker版本
yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo yum list docker-ce --showduplicates |sort -r
#下载18.09版本的docker
yum clean all yum makecache fast yum install -y docker-ce-18.09.9-3.el7 systemctl enable docker && systemctl start docker systemctl status docker
# 安装k8s 1.16.4
#在k8s-master和k8s-node上安装kubeadm和kubelet
#kubelet设置开机启动 yum install -y kubeadm-1.16.4-0.x86_64 kubelet-1.16.4-0.x86_64 systemctl enable kubelet
#手动上传docker镜像到k8s_master和k8s_node节点
#正式环境一般都是配置docker harbor 镜像仓库
cd /usr/local/src/ wget http://download.zhufunin.com/k8s_1.16/addon.tar.gz wget http://download.zhufunin.com/k8s_1.16/apiserver_1_16.tar.gz wget http://download.zhufunin.com/k8s_1.16/cordns_1_6_2.tar.gz wget http://download.zhufunin.com/k8s_1.16/etcd_3_3_15.tar.gz wget http://download.zhufunin.com/k8s_1.16/kube-controller-manager_1_16.tar.gz wget http://download.zhufunin.com/k8s_1.16/kube-proxy_1_16.tar.gz wget http://download.zhufunin.com/k8s_1.16/kube-scheduler_1_16.tar.gz wget http://download.zhufunin.com/k8s_1.16/kubernetes-dashboard_1_10.tar.gz wget http://download.zhufunin.com/k8s_1.16/metrics-server-amd64_0_3_1.tar.gz wget http://download.zhufunin.com/k8s_1.16/pause_3_1.tar.gz wget http://download.zhufunin.com/k8s_1.16/traefik_1_7_9.tar.gz
#手动解压镜像 docker load -i apiserver_1_16.tar.gz docker load -i cordns_1_6_2.tar.gz docker load -i etcd_3_3_15.tar.gz docker load -i kube-controller-manager_1_16.tar.gz docker load -i kube-proxy_1_16.tar.gz docker load -i kubernetes-dashboard_1_10.tar.gz docker load -i kube-scheduler_1_16.tar.gz docker load -i metrics-server-amd64_0_3_1.tar.gz docker load -i pause_3_1.tar.gz docker load -i traefik_1_7_9.tar.gz docker load -i addon.tar.gz
#在k8s_master节点初始化k8s集群
#192.168.1.202为master的IP地址,请根据自己的情况修改
kubeadm init --apiserver-advertise-address 192.168.1.202 --kubernetes-version=v1.16.4 --pod-network-cidr=10.244.0.0/16
#在k8s-master节点执行如下,这样才能有权限操作k8s资源
mkdir -p $HOME/.kube sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config sudo chown $(id -u):$(id -g) $HOME/.kube/config
#把k8s-node节点加入到k8s集群,在node节点操作
#在slave服务器上,跑如下命令 #192.168.1.202为master的IP #token请根据自己的情况做相应的修改 kubeadm join 192.168.1.202:6443 --token fegy3d.0c2ovmf4unkpbssk --discovery-token-ca-cert-hash sha256:fde13ccab75a1da4a0bedaa9a66c6ed82eacae63c98f22961f4cea12f3b8c589
#在k8s-master节点查看k8s的组员,都是notready
kubectl get nodes
#在k8s-master节点安装calico网络插件
wget http://download.zhufunin.com/k8s_1.16/calico.yaml
kubectl apply -f calico.yaml
#在k8s-master节点查看STATUS状态, 应该都是ready状态
kubectl get nodes
#在k8s-master节点安装dashboard界面
wget http://download.zhufunin.com/k8s_1.16/kubernetes-dashboard.yaml
kubectl apply -f kubernetes-dashboard.yaml
#在k8s-master节点安装metrics监控插件
wget http://download.zhufunin.com/k8s_1.16/metrics.yaml
kubectl apply -f metrics.yaml
#上面组件都安装之后,kubectl get pods -n kube-system,查看组件安装是否正常,STATUS状态是Running,说明组件正常
kubectl get pods -n kube-system
原文链接: https://www.cnblogs.com/faberbeta/p/13341070.html
欢迎关注
微信关注下方公众号,第一时间获取干货硬货;公众号内回复【pdf】免费获取数百本计算机经典书籍;
也有高质量的技术群,里面有嵌入式、搜广推等BAT大佬
原创文章受到原创版权保护。转载请注明出处:https://www.ccppcoding.com/archives/368595
非原创文章文中已经注明原地址,如有侵权,联系删除
关注公众号【高性能架构探索】,第一时间获取最新文章
转载文章受原作者版权保护。转载请注明原作者出处!
