#设置主机名
hostnamectl hostname=XXX
#配置免密(包括操作机)
ssh-keygen
ssh-copy-id master*/slave*
#传输hosts
cat > /etc/hosts <<EOF
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.178.138 master01
192.168.178.139 master02
192.168.178.140 master03
192.168.178.142 slave01
192.168.178.143 slave02
192.168.178.144 slave03
EOF
scp /etc/hosts master/slave:/etc/
#如果到这都看不懂就放弃吧
### ### 初始化(所有服务器)更新
yum update -y
卸载 firewalld
systemctl stop firewalld
yum remove firewalld -y
卸载 networkmanager
systemctl stop NetworkManager
yum remove NetworkManager -y
同步服务器时间
yum install chrony -y
systemctl enable --now chronyd
chronyc sources
关闭 selinux
setenforce 0
sed -i ‘/^SELINUX=/cSELINUX=disabled’ /etc/selinux/config
getenforce
关闭swap分区
swapoff -a # 临时
sed -i ‘/ swap / s/^/# /g’ /etc/fstab #永久
安装常用工具包
yum install -y net-tools sysstat vim wget lsof unzip zip bind-utils lrzsz telnet bash-completion
安装ipvs
cat > /etc/sysconfig/modules/ipvs.modules <<EOF
#!/bin/bash
modprobe – ip_vs
modprobe – ip_vs_rr
modprobe – ip_vs_wrr
modprobe – ip_vs_sh
modprobe – nf_conntrack_ipv4
EOF
chmod 755 /etc/sysconfig/modules/ipvs.modules
bash /etc/sysconfig/modules/ipvs.modules
lsmod | grep -e ip_vs -e nf_conntrack_ipv4
yum install ipset ipvsadm -y
允许检查桥接流量
cat <<EOF | tee /etc/modules-load.d/k8s.conf
br_netfilter
EOF
sysctl --system
cat <<EOF | tee /etc/sysctl.d/k8s.conf
vm.swappiness = 0
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
EOF
modprobe br_netfilter
lsmod | grep netfilter
sysctl net.bridge.bridge-nf-call-iptables net.bridge.bridge-nf-call-ip6tables net.ipv4.ip_forward
安装containerd
yum install -y yum-utils device-mapper-persistent-data lvm2
yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
yum list containerd.io --showduplicates
yum install -y containerd.io
mkdir -p /etc/containerd
containerd config default | tee /etc/containerd/config.toml
#crictl命令配置
cat <<EOF | tee /etc/crictl.yaml
runtime-endpoint: “unix:///run/containerd/containerd.sock”
image-endpoint: “unix:///run/containerd/containerd.sock”
timeout: 10
debug: false
pull-image-on-create: false
disable-pull-on-run: false
EOF
#使用阿里云镜像下载
sed -i “s#registry.k8s.io#registry.aliyuncs.com/google_containers#g” /etc/containerd/config.toml
#使用如下命令修改cgroup驱动
sed -i ‘s/SystemdCgroup = false/SystemdCgroup = true/’ /etc/containerd/config.toml
systemctl daemon-reload
systemctl enable containerd
systemctl restart containerd
添加kubernetes yum软件源
cat > /etc/yum.repos.d/kubernetes.repo << EOF
[kubernetes]
name=Kubernetes
baseurl=https://pkgs.k8s.io/core:/stable:/v1.29/rpm/
enabled=1
gpgcheck=1
gpgkey=https://pkgs.k8s.io/core:/stable:/v1.29/rpm/repodata/repomd.xml.key
exclude=kubelet kubeadm kubectl cri-tools kubernetes-cni
EOF
安装kubeadm,kubelet和kubectl
yum list kubeadm --showduplicates
yum install -y kubelet kubeadm kubectl --disableexcludes=kubernetes
设置开机自启
systemctl daemon-reload
systemctl enable --now kubelet
kubelet每隔几秒就会重启,陷入等待 kubeadm 指令的死循环
命令自动补全
yum install -y bash-completion
source <(crictl completion bash)
crictl completion bash >/etc/bash_completion.d/crictl
source <(kubectl completion bash)
kubectl completion bash >/etc/bash_completion.d/kubectl
source /usr/share/bash-completion/bash_completion
NFS配置(忽略)
yum install -y nfs-common nfs-utils rpcbind
mkdir /nfs
chown nfsnobody /nfs/
#配置
vim /etc/exports
/nfs *(rw,no_root_squash,sync)
exportfs -r
systemctl start rpcbind && systemctl enable rpcbind
systemctl start nfs && systemctl enable nfs
showmount -e
### API server高可用部署#安装 haproxy
yum -y install haproxy
#配置 haproxy
tee /etc/haproxy/haproxy.cfg <<EOF
global
log 127.0.0.1 local2
chroot /var/lib/haproxy
pidfile /var/run/haproxy.pid
maxconn 4000
user haproxy
group haproxy
daemon
stats socket /var/lib/haproxy/stats
defaults
mode http
log global
option httplog
option dontlognull
option http-server-close
option redispatch
retries 3
timeout http-request 10s
timeout queue 1m
timeout connect 10s
timeout client 1m
timeout server 1m
timeout http-keep-alive 10s
timeout check 10s
maxconn 3000
listen k8s-apiserver
bind *:8443
mode tcp
timeout client 1h
timeout connect 1h
log global
option tcplog
balance roundrobin
server master01 192.168.178.138:6443 check
server master02 192.168.178.139:6443 check
server master03 192.168.178.140:6443 check
acl is_websocket hdr(Upgrade) -i WebSocket
acl is_websocket hdr_beg(Host) -i ws
EOF
#运行 haproxy
systemctl enable --now haproxy
#安装 keepalived
yum -y install keepalived
#配置 keepalived
tee > /etc/keepalived/keepalived.conf <<EOF
global_defs {
router_id 100
vrrp_version 2
vrrp_garp_master_delay 1
vrrp_mcast_group4 224.0.0.18 #后续podSubnet需要一致
}
vrrp_script chk_haproxy {
script “/usr/bin/nc -nvz -w 2 127.0.0.1 8443”
timeout 1
interval 1 # check every 1 second
fall 2 # require 2 failures for KO
rise 2 # require 2 successes for OK
}
vrrp_instance lb-vips {
state MASTER
interface ens33 #VIP网卡名字
virtual_router_id 100
priority 150
advert_int 1
nopreempt
track_script {
chk_haproxy
}
authentication {
auth_type PASS
auth_pass blahblah
}
virtual_ipaddress {
192.168.178.141/24 dev eth0 #VIP的IP
}
}
EOF
#运行 keepalived
自我介绍一下,小编13年上海交大毕业,曾经在小公司待过,也去过华为、OPPO等大厂,18年进入阿里一直到现在。
深知大多数Linux运维工程师,想要提升技能,往往是自己摸索成长或者是报班学习,但对于培训机构动则几千的学费,着实压力不小。自己不成体系的自学效果低效又漫长,而且极易碰到天花板技术停滞不前!
因此收集整理了一份《2024年Linux运维全套学习资料》,初衷也很简单,就是希望能够帮助到想自学提升又不知道该从何学起的朋友,同时减轻大家的负担。
既有适合小白学习的零基础资料,也有适合3年以上经验的小伙伴深入学习提升的进阶课程,基本涵盖了95%以上Linux运维知识点,真正体系化!
由于文件比较大,这里只是将部分目录大纲截图出来,每个节点里面都包含大厂面经、学习笔记、源码讲义、实战项目、讲解视频,并且后续会持续更新
如果你觉得这些内容对你有帮助,可以添加VX:vip1024b (备注Linux运维获取)
最后的话
最近很多小伙伴找我要Linux学习资料,于是我翻箱倒柜,整理了一些优质资源,涵盖视频、电子书、PPT等共享给大家!
资料预览
给大家整理的视频资料:
给大家整理的电子书资料:
如果本文对你有帮助,欢迎点赞、收藏、转发给朋友,让我有持续创作的动力!
一个人可以走的很快,但一群人才能走的更远。不论你是正从事IT行业的老鸟或是对IT行业感兴趣的新人,都欢迎扫码加入我们的的圈子(技术交流、学习资源、职场吐槽、大厂内推、面试辅导),让我们一起学习成长!
片转存中…(img-CMbXWeRa-1712501264818)]
给大家整理的电子书资料:
[外链图片转存中…(img-Jl6Hp8DE-1712501264819)]
如果本文对你有帮助,欢迎点赞、收藏、转发给朋友,让我有持续创作的动力!
一个人可以走的很快,但一群人才能走的更远。不论你是正从事IT行业的老鸟或是对IT行业感兴趣的新人,都欢迎扫码加入我们的的圈子(技术交流、学习资源、职场吐槽、大厂内推、面试辅导),让我们一起学习成长!
[外链图片转存中…(img-LqfW4NUc-1712501264819)]
