高可用Kubernetes集群实战(一)-摩杜云开发者社区

集群配置

角色	IP	配置软件
k8smaster1	192.168.1.180
k8smaster2	192.168.1.181
k8smaster3	192.168.1.182
k8snode1	192.168.1.183
k8snode2	192.168.1.184

初始化服务器

安装基础软件包

yum install -y wget net-tools nfs-utils lrzsz gcc gcc-c++ make cmake libxml2-devel openssl-devel curl curl-devel unzip sudo ntp libaio-devel wget vim ncurses-devel autoconf automake zlib-devel python-devel epel-release openssh-server socat ipvsadm conntrack yum-utils vim

关闭selinux

sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config 

[root@localhost ~]# getenforce
Disabled

修改hostname

[root@localhost ~]# hostnamectl set-hostname k8sm1 && bash
...
[root@localhost ~]# hostnamectl set-hostname k8sn1 && bash

修改host 文件，实现别名互访

[root@k8sm1 etc]# cat /etc/hosts
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6

192.168.1.180   k8sm1
192.168.1.181   k8sm2
192.168.1.182   k8sm3
192.168.1.183   k8sn1
[root@k8sm1 etc]#

配置免密登陆

[root@k8sm1 etc]# ssh-keygen
[root@k8sm1 etc]# ssh-copy-id k8sm2
...
[root@k8sn1 etc]# ssh-keygen
[root@k8sn1 etc]# ssh-copy-id k8sm1

关闭swap

[root@k8sm1 ~]# vi /etc/fstab 


#
# /etc/fstab
# Created by anaconda on Wed Jul 19 23:38:23 2023
#
# Accessible filesystems, by reference, are maintained under '/dev/disk'
# See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info
#
/dev/mapper/centos-root /                       xfs     defaults        0 0
UUID=92d1d053-5916-49e2-8522-913ef1e69021 /boot                   xfs     defaults        0 0
#/dev/mapper/centos-swap swap                    swap    defaults        0 0
~                                                                                                                                                                                                                                                                          
~

核对swap 关闭结果

[root@k8sm1 ~]# free -m
              total        used        free      shared  buff/cache   available
Mem:           3741         264        3312           8         164        3273
Swap:             0           0           0
[root@k8sm1 ~]#

修改内核参数

vi /etc/sysctl.d/k8s.conf 
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1

手动加载新增内核参数

[root@k8sm1 ~]# sysctl -p /etc/sysctl.d/k8s.conf 
sysctl: cannot stat /proc/sys/net/bridge/bridge-nf-call-ip6tables: No such file or directory
sysctl: cannot stat /proc/sys/net/bridge/bridge-nf-call-iptables: No such file or directory
net.ipv4.ip_forward = 1
[root@k8sm1 ~]#

加载模块

[root@k8sm1 ~]# modprobe br_netfilter

关闭防火墙(测试环境)

systemctl stop firewalld && systemctl disable firewalld

配置阿里云repo 源

[root@k8sm2 ~]# yum install yum-utils -y 
[root@k8sm1 ~]# yum-config-manager  --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo

配置安装k8s组件repo 源

[root@k8sm2 ~]# vi /etc/yum.repos.d/kubernetes.repo
[root@k8sm2 ~]# cat /etc/yum.repos.d/kubernetes.repo 
[root@k8sm1 ~]# cat /etc/yum.repos.d/kubernetes.repo 
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=0

配置时间同步

[root@k8sm1 ~]# yum install -y ntpdate
[root@k8sm1 ~]# ntpdate cn.pool.ntp.org

配置时间同步定时任务

[root@k8sm1 ~]# crontab -e
no crontab for root - using an empty one

* */1 * * * /usr/sbin/ntpdate  cn.pool.ntp.org