安装k8s要注意注意哦事项
1,swapoff -a
2,setenforce 0
3,systemctl stop firewalld
4,固定 IP 地址
cd /etc/sysconfig/network-scripts
vi ifcfg-ens33
DEVICE=ens33
BOOTPROTO=static
IPADDR=192.168.1.9
NETMASK=255.255.255.0
GATEWAY=192.168.1.1
NETWORK=192.168.1.0
ONBOOT=yes
5, 修改docker 镜像加速
cat /etc/docker/daemon.json
{
"registry-mirrors": ["https://3iv1aqw6.mirror.aliyuncs.com"]
}
6,调整 系统参数
cat /root/kubernetes.conf
net.bridge.bridge-nf-call-iptables=1
net.bridge.bridge-nf-call-ip6tables=1
net.ipv4.ip_forward=1
net.ipv4.tcp_tw_recycle=0
vm.swappiness=0
vm.overcommit_memory=1
vm.panic_on_oom=0
fs.inotify.max_user_watches=89100
fs.file-max=52706963
fs.nr_open=52706963
net.ipv6.conf.all.disable_ipv6=1
net.netfilter.nf_conntrack_max=2310720
sysctl -p /root/kubernetes.conf
7,yum 源
yum install -y ebtables socat
cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
yum install -y kubelet kubeadm kubectl
7,安装 flannel
cat subnet.env
FLANNEL_NETWORK=10.233.0.0/16
FLANNEL_SUBNET=10.233.65.1/24
FLANNEL_MTU=1450
FLANNEL_IPMASQ=true
[root@worker1 flannel]# pwd
/run/flannel
要修改 cat /usr/lib/systemd/system/docker.service
添加 --bip=10.233.65.1/24 --ip-masq=true --mtu=1450 (否则会造成 pod 跟 worknode 不通)
完整的文件
cat /usr/lib/systemd/system/docker.service
[Unit]
Description=Docker Application Container Engine
Documentation=https://docs.docker.com
BindsTo=containerd.service
After=network-online.target firewalld.service containerd.service
Wants=network-online.target
Requires=docker.socket
[Service]
Type=notify
# the default is not to use systemd for cgroups because the delegate issues still
# exists and systemd currently does not support the cgroup feature set required
# for containers run by docker
ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock --bip=10.233.65.1/24 --ip-masq=true --mtu=1450
ExecReload=/bin/kill -s HUP $MAINPID
TimeoutSec=0
RestartSec=2
Restart=always
# Note that StartLimit* options were moved from "Service" to "Unit" in systemd 229.
# Both the old, and new location are accepted by systemd 229 and up, so using the old location
# to make them work for either version of systemd.
StartLimitBurst=3
# Note that StartLimitInterval was renamed to StartLimitIntervalSec in systemd 230.
# Both the old, and new name are accepted by systemd 230 and up, so using the old name to make
# this option work for either version of systemd.
StartLimitInterval=60s
# Having non-zero Limit*s causes performance problems due to accounting overhead
# in the kernel. We recommend using cgroups to do container-local accounting.
LimitNOFILE=infinity
LimitNPROC=infinity
LimitCORE=infinity
# Comment TasksMax if your systemd version does not support it.
# Only systemd 226 and above support this option.
TasksMax=infinity
# set delegate yes so that systemd does not reset the cgroups of docker containers
Delegate=yes
# kill only the docker process, not all processes in the cgroup
KillMode=process
[Install]
WantedBy=multi-user.target
8,使用rancher 的时候, 要使用
docker run -d --privileged --restart=unless-stopped -p 80:80 -p 443:443 -v /root/var/log/auditlog:/var/log/auditlog -e AUDIT_LEVEL=3 registry.cn-hangzhou.aliyuncs.com/rancher/rancher:v2.5.1
- 点赞
- 收藏
- 关注作者
评论(0)