查看操作系统信息

uname -a  # 查看所有操作系统信息
uname -s  # 查看内核名称
uname -r  # 查看内核版本号
uname -m  # 查看机器硬件名称

cat /etc/os-release  # 查看所有操作系统信息

配置hosts
cat >> /etc/hosts << EOF
172.171.16.147 crawler-k8s-master
172.171.16.148 crawler-k8s-node1
172.171.16.149 crawler-k8s-node2
EOF

关闭防火墙
systemctl stop firewalld
systemctl disable firewalld

关闭selinux
sed -i 's/enforcing/disabled/' /etc/selinux/config  #永久
setenforce 0  #临时

关闭swap
sed -ri 's/.*swap.*/#&/' /etc/fstab #永久
swapoff -a #临时

关闭dnsmasq
service dnsmasq stop 
systemctl disable dnsmaq

系统参数设置

mkdir /etc/sysctl.d

vim /etc/sysctl.d/kubernetes.conf

net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
vm.swappiness=0
vm.overcommit_memory = 1
vm.panic_on_oom = 0
fs.inotify.max_user_watches = 89100

sysctl -p /etc/sysctl.d/kubernetes.conf
/加载网桥过滤模块
modprobe  br_netfilter
然后再次  
sysctl -p /etc/sysctl.d/kubernetes.conf

配置ipvs功能(所有节点)
在kubernetes中service有两种代理模型，一种是基于iptables的，一种是基于ipvs的
两者比较的话，ipvs的性能明显要高一些，但是如果要使用它，需要手动载入ipvs模块

//添加需要加载的模块写入脚本文件

vim /etc/sysconfig/modules/ipvs.modules

#!/bin/bash
modprobe -- ip_vs
modprobe -- ip_vs_rr
modprobe -- ip_vs_wrr
modprobe -- ip_vs_sh
modprobe -- nf_conntrack_ipv4

//为脚本文件添加执行权限

chmod +x /etc/sysconfig/modules/ipvs.modules

//执行脚本文件

/bin/bash /etc/sysconfig/modules/ipvs.modules
备注：如果报错可能是需要将 modprobe -- nf_conntrack_ipv4  改为modprobe -- nf_conntrack

安装docker

卸载原有的
yum remove docker docker-client  docker-client-latest  docker-common docker-latest  docker-latest-logrotate docker-logrotate docker-engine

tar xf docker-20.10.9.tgz
mv docker/* /usr/bin/

vim /usr/lib/systemd/system/docker.service

[Unit]
 
Description=Docker Application Container Engine
 
Documentation=https://docs.docker.com
 
After=network-online.target firewalld.service
 
Wants=network-online.target
 
[Service]
 
Type=notify
 
ExecStart=/usr/bin/dockerd
 
ExecReload=/bin/kill -s HUP $MAINPID
 
LimitNOFILE=infinity
 
LimitNPROC=infinity
 
TimeoutStartSec=0
 
Delegate=yes
 
KillMode=process
 
Restart=on-failure
 
StartLimitBurst=3
 
StartLimitInterval=60s
 
[Install]
 
WantedBy=multi-user.target

启动
systemctl start docker & systemctl enable docker

 配置cgroupd
vim /etc/docker/daemon.json

{
          "exec-opts": ["native.cgroupdriver=systemd"]
}

//设置开机启动
 
systemctl start docker
 
systemctl enable docker
 
//重启docker
 
systemctl daemon-reload
 
systemctl restart docker

安装k8s

安装k8s相关包
rpm -ivh *.rpm

启动
systemctl start kubelet && systemctl enable kubelet

load所有镜像文件
find /home/k8s-images -name "*.tar" -exec docker load -i {} \;

安装master
kubeadm init --apiserver-advertise-address=172.171.16.88 --image-repository registry.aliyuncs.com/google_containers --kubernetes-version v1.23.7 --service-cidr=10.96.0.0/16 --pod-network-cidr=10.244.0.0/16

mkdir -p $HOME/.kube
cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
chown $(id -u):$(id -g) $HOME/.kube/config

安装node

kubeadm join 172.171.16.147:6443 --token i4dp7i.7t1j8ezmgwkj1gio \
    --discovery-token-ca-cert-hash sha256:9fb74686ff3bea5769e5ed466dbb2c32ed3fc920374ff2175b39b8162ac27f8f

配置calico
grep image calico.yaml
 
sed -i 's#docker.io/##g' calico.yaml

kubectl apply -f calico.yaml