\u4e00\u3001Master\u8282\u70b9\u3001Node\u8282\u70b9\u51c6\u5907\u5de5\u4f5c<\/p>\n\n\n\n
1.\u5173\u95edfirewalld\u3001selinux<\/p>\n\n\n\n
systemctl stop firewalld<\/p>\n\n\n\n
systemctl disable firewalld<\/p>\n\n\n\n
setenforce 0<\/p>\n\n\n\n
sed -i ‘s\/^SELINUX=.*\/SELINUX=disabled\/’ \/etc\/selinux\/config<\/p>\n\n\n\n
2.\u8bbe\u7f6e\u7cfb\u7edf\u65f6\u533a\uff0c\u540c\u6b65\u7cfb\u7edf\u65f6\u95f4<\/p>\n\n\n\n
timedatectl set-timezone Asia\/Shanghai<\/p>\n\n\n\n
systemctl enable –now chronyd<\/p>\n\n\n\n
chronyc makestep<\/p>\n\n\n\n
3.\u914d\u7f6e\u4e3b\u673a\u4e92\u4fe1<\/p>\n\n\n\n
ssh-keygen<\/p>\n\n\n\n
ssh-copy-id<\/p>\n\n\n\n
\u4e8c\u3001\u7981\u7528swap<\/p>\n\n\n\n
swapoff -a<\/p>\n\n\n\n
sed -i ‘\/swap\/s\/^\/#\/g’ \/etc\/fstab<\/p>\n\n\n\n
\u4e09\u3001\u90e8\u7f72docker<\/p>\n\n\n\n
yum install -y yum-utils device-mapper-persistent-data lvm2<\/p>\n\n\n\n
yum-config-manager –add-repohttp:\/\/mirrors.aliyun.com\/docker-ce\/linux\/centos\/docker-ce.repo<\/a><\/p>\n\n\n\n yum list docker-ce –showduplicates | sort -r|tail -1<\/p>\n\n\n\n yum install docker-ce-19.03.13-3.el8 docker-ce-cli-19.03.13-3.el8 containerd.io<\/p>\n\n\n\n systemctlenable –nowdocker<\/p>\n\n\n\n docker info<\/p>\n\n\n\n curl -L “https:\/\/github.com\/docker\/compose\/releases\/download\/1.29.2\/docker-compose-$(uname -s)-$(uname -m)<\/a>” -o \/usr\/local\/bin\/docker-compose<\/p>\n\n\n\n chmod +x \/usr\/local\/bin\/docker-compose<\/p>\n\n\n\n ln -s \/usr\/local\/bin\/docker-compose \/usr\/bin\/docker-compose<\/p>\n\n\n\n docker-compose –version<\/p>\n\n\n\n \u56db\u3001\u914d\u7f6e\u5bb9\u5668\u8fd0\u884c\u65f6<\/p>\n\n\n\n \u8fd0\u884c\u65f6\uff1a\u4e3a\u4e86\u5728 Pod \u4e2d\u8fd0\u884c\u5bb9\u5668\uff0cKubernetes \u4f7f\u7528 \u5bb9\u5668\u8fd0\u884c\u65f6\uff08Container Runtime\uff09\u3002\u9ed8\u8ba4\u60c5\u51b5\u4e0b\uff0cKubernetes \u4f7f\u7528 \u5bb9\u5668\u8fd0\u884c\u65f6\u63a5\u53e3\uff08Container Runtime Interface\uff0cCRI\uff09 \u6765\u4e0e\u4f60\u6240\u9009\u62e9\u7684\u5bb9\u5668\u8fd0\u884c\u65f6\u4ea4\u4e92\u3002\u9700\u8981\u5728\u96c6\u7fa4\u5185\u6bcf\u4e2a\u8282\u70b9\u4e0a\u5b89\u88c5\u4e00\u4e2a \u5bb9\u5668\u8fd0\u884c\u65f6 \u4ee5\u4f7f Pod \u53ef\u4ee5\u8fd0\u884c\u5728\u4e0a\u9762\uff0c\u5982\u679c\u540c\u65f6\u68c0\u6d4b\u5230 Docker \u548c containerd\uff0c\u5219\u4f18\u5148\u9009\u62e9 Docker\u3002<\/p>\n\n\n\n \u914d\u7f6e\u7684\u5148\u51b3\u6761\u4ef6\uff1a<\/p>\n\n\n\n cat <<EOF | tee \/etc\/modules-load.d\/docker.conf<\/p>\n\n\n\n overlay<\/p>\n\n\n\n br_netfilter<\/p>\n\n\n\n EOF<\/p>\n\n\n\n modprobe overlay<\/p>\n\n\n\n modprobe br_netfilter<\/p>\n\n\n\n # \u8bbe\u7f6e\u5fc5\u9700\u7684 sysctl \u53c2\u6570\uff0c\u8fd9\u4e9b\u53c2\u6570\u5728\u91cd\u65b0\u542f\u52a8\u540e\u4ecd\u7136\u5b58\u5728\u3002<\/p>\n\n\n\n cat <<EOF | sudo tee \/etc\/sysctl.d\/99-kubernetes-cri.conf<\/p>\n\n\n\n net.bridge.bridge-nf-call-iptables = 1<\/p>\n\n\n\n net.ipv4.ip_forward = 1<\/p>\n\n\n\n net.bridge.bridge-nf-call-ip6tables = 1<\/p>\n\n\n\n EOF<\/p>\n\n\n\n # \u5e94\u7528 sysctl \u53c2\u6570\u800c\u65e0\u9700\u91cd\u65b0\u542f\u52a8<\/p>\n\n\n\n sudo sysctl –system<\/p>\n\n\n\n \u4e94\u3001\u914d\u7f6e Docker \u5b88\u62a4\u7a0b\u5e8f\uff0c\u5c24\u5176\u662f\u4f7f\u7528 systemd \u6765\u7ba1\u7406\u5bb9\u5668\u7684 cgroup\uff0c<\/p>\n\n\n\n \uff08Cgroup \u9a71\u52a8\u7a0b\u5e8f\uff1a\u9ed8\u8ba4\u60c5\u51b5\u4e0b\uff0cCRI-O \u4f7f\u7528 systemd cgroup \u9a71\u52a8\u7a0b\u5e8f\uff0c\u63a7\u5236\u7ec4\u7528\u6765\u7ea6\u675f\u5206\u914d\u7ed9\u8fdb\u7a0b\u7684\u8d44\u6e90\uff09\u3002<\/p>\n\n\n\n mkdir \/etc\/docker<\/p>\n\n\n\n cat <<EOF |tee\/etc\/docker\/daemon.json<\/p>\n\n\n\n {<\/p>\n\n\n\n “exec-opts”: [“native.cgroupdriver=systemd<\/em><\/strong>“],<\/p>\n\n\n\n “log-driver”: “json-file”,<\/p>\n\n\n\n “log-opts”: {<\/p>\n\n\n\n “max-size”: “100m”<\/p>\n\n\n\n },<\/p>\n\n\n\n “storage-driver”: “overlay2<\/em><\/strong>“,<\/p>\n\n\n\n “storage-opts”: [<\/p>\n\n\n\n “overlay2.override_kernel_check=true”<\/p>\n\n\n\n ],<\/p>\n\n\n\n “registry-mirrors”: [“https:\/\/7uuu3esz.mirror.aliyuncs.com<\/a>“],<\/p>\n\n\n\n “insecure-registries” : [“myregistrydomain.com:5000<\/a>“]<\/p>\n\n\n\n }<\/p>\n\n\n\n EOF<\/p>\n\n\n\n systemctl daemon-reload<\/p>\n\n\n\n systemctl restart docker<\/p>\n\n\n\n #\u5bf9\u4e8e\u8fd0\u884c Linux \u5185\u6838\u7248\u672c 4.0 \u6216\u66f4\u9ad8\u7248\u672c\uff0c\u6216\u4f7f\u7528 3.10.0-51 \u53ca\u66f4\u9ad8\u7248\u672c\u7684 RHEL \u6216 CentOS \u7684\u7cfb\u7edf\uff0coverlay2\u662f\u9996\u9009\u7684\u5b58\u50a8\u9a71\u52a8\u7a0b\u5e8f\u3002<\/p>\n\n\n\n \u516d\u3001\u5b89\u88c5 kubeadm\u3001kubelet \u548c kubectl<\/p>\n\n\n\n \u9700\u8981\u5728\u6bcf\u53f0\u673a\u5668\u4e0a\u5b89\u88c5\u4ee5\u4e0b\u7684\u8f6f\u4ef6\u5305\uff1a<\/p>\n\n\n\n kubeadm\uff1a\u7528\u6765\u521d\u59cb\u5316\u96c6\u7fa4\u7684\u6307\u4ee4\u3002<\/p>\n\n\n\n kubelet\uff1a\u5728\u96c6\u7fa4\u4e2d\u7684\u6bcf\u4e2a\u8282\u70b9\u4e0a\u7528\u6765\u542f\u52a8 Pod \u548c\u5bb9\u5668\u7b49\u3002<\/p>\n\n\n\n kubectl\uff1a\u7528\u6765\u4e0e\u96c6\u7fa4\u901a\u4fe1\u7684\u547d\u4ee4\u884c\u5de5\u5177\u3002<\/p>\n\n\n\n cat <<EOF | tee \/etc\/yum.repos.d\/kubernetes.repo<\/p>\n\n\n\n [kubernetes]<\/p>\n\n\n\n name=Kubernetes<\/p>\n\n\n\n baseurl=https:\/\/mirrors.aliyun.com\/kubernetes\/yum\/repos\/kubernetes-el7-x86_64\/<\/a><\/p>\n\n\n\n enable=1<\/p>\n\n\n\n gpgcheck=0<\/p>\n\n\n\n exclude=kubelet kubeadm kubectl<\/p>\n\n\n\n EOF<\/p>\n\n\n\n yum -y install kubeadm-1.19.0 kubectl-1.19.0 kubelet-1.19.0 –disableexcludes=kubernetes<\/p>\n\n\n\n systemctl enable –now kubelet<\/p>\n\n\n\n kubelet \u73b0\u5728\u6bcf\u9694\u51e0\u79d2\u5c31\u4f1a\u91cd\u542f\uff0c\u56e0\u4e3a\u5b83\u9677\u5165\u4e86\u4e00\u4e2a\u7b49\u5f85 kubeadm \u6307\u4ee4\u7684\u6b7b\u5faa\u73af\u3002<\/p>\n\n\n\n \u4e03\u3001\u914d\u7f6e\u81ea\u52a8\u8865\u5168\u547d\u4ee4<\/p>\n\n\n\n # \u5b89\u88c5bash\u81ea\u52a8\u8865\u5168\u63d2\u4ef6<\/p>\n\n\n\n yum install bash-completion -y<\/p>\n\n\n\n # \u8bbe\u7f6ekubectl\u4e0ekubeadm\u547d\u4ee4\u8865\u5168\uff0c\u4e0b\u6b21login\u751f\u6548<\/p>\n\n\n\n kubectl completion bash >\/etc\/bash_completion.d\/kubectl<\/p>\n\n\n\n kubeadm completion bash > \/etc\/bash_completion.d\/kubeadm <\/p>\n\n\n\n \u516b\u3001\u9884\u62c9\u53d6kubernetes\u955c\u50cf<\/p>\n\n\n\n \u7531\u4e8e\u56fd\u5185\u7f51\u7edc\u56e0\u7d20\uff0ckubernetes\u955c\u50cf\u9700\u8981\u4ecemirrors\u7ad9\u70b9\u6216\u901a\u8fc7dockerhub\u7528\u6237\u63a8\u9001\u7684\u955c\u50cf\u62c9\u53d6\u3002<\/p>\n\n\n\n kubeadm config images list –kubernetes-version v1.19.0<\/p>\n\n\n\n \u811a\u672c\uff1apull.sh<\/p>\n\n\n\n #!\/bin\/bash<\/p>\n\n\n\n # Script For Quick Pull K8S Docker Images<\/p>\n\n\n\n KUBE_VERSION=v1.19.0<\/p>\n\n\n\n PAUSE_VERSION=3.2<\/p>\n\n\n\n CORE_DNS_VERSION=1.7.0<\/p>\n\n\n\n ETCD_VERSION=3.4.9-1<\/p>\n\n\n\n # pull kubernetes images from hub.docker.com<\/a><\/p>\n\n\n\n docker pull kubeimage\/kube-proxy-amd64:$KUBE_VERSION<\/p>\n\n\n\n docker pull kubeimage\/kube-controller-manager-amd64:$KUBE_VERSION<\/p>\n\n\n\n docker pull kubeimage\/kube-apiserver-amd64:$KUBE_VERSION<\/p>\n\n\n\n docker pull kubeimage\/kube-scheduler-amd64:$KUBE_VERSION<\/p>\n\n\n\n # pull aliyuncs mirror docker images<\/p>\n\n\n\n docker pull registry.cn-hangzhou.aliyuncs.com\/google_containers\/pause:$PAUSE_VERSION<\/a><\/p>\n\n\n\n docker pull registry.cn-hangzhou.aliyuncs.com\/google_containers\/coredns:$CORE_DNS_VERSION<\/a><\/p>\n\n\n\n docker pull registry.cn-hangzhou.aliyuncs.com\/google_containers\/etcd:$ETCD_VERSION<\/a><\/p>\n\n\n\n # retag to k8s.gcr.io prefix<\/p>\n\n\n\n docker tag kubeimage\/kube-proxy-amd64:$KUBE_VERSION k8s.gcr.io\/kube-proxy:$KUBE_VERSION<\/p>\n\n\n\n docker tag kubeimage\/kube-controller-manager-amd64:$KUBE_VERSION k8s.gcr.io\/kube-controller-manager:$KUBE_VERSION<\/p>\n\n\n\n docker tag kubeimage\/kube-apiserver-amd64:$KUBE_VERSION k8s.gcr.io\/kube-apiserver:$KUBE_VERSION<\/p>\n\n\n\n docker tag kubeimage\/kube-scheduler-amd64:$KUBE_VERSION k8s.gcr.io\/kube-scheduler:$KUBE_VERSION<\/p>\n\n\n\n docker tagregistry.cn-hangzhou.aliyuncs.com\/google_containers\/pause:$PAUSE_VERSION<\/a>k8s.gcr.io\/pause:$PAUSE_VERSION<\/p>\n\n\n\n docker tagregistry.cn-hangzhou.aliyuncs.com\/google_containers\/coredns:$CORE_DNS_VERSION<\/a>k8s.gcr.io\/coredns:$CORE_DNS_VERSION<\/p>\n\n\n\n docker tagregistry.cn-hangzhou.aliyuncs.com\/google_containers\/etcd:$ETCD_VERSION<\/a>k8s.gcr.io\/etcd:$ETCD_VERSION<\/p>\n\n\n\n # untag origin tag, the images won’t be delete.<\/p>\n\n\n\n docker rmi kubeimage\/kube-proxy-amd64:$KUBE_VERSION<\/p>\n\n\n\n docker rmi kubeimage\/kube-controller-manager-amd64:$KUBE_VERSION<\/p>\n\n\n\n docker rmi kubeimage\/kube-apiserver-amd64:$KUBE_VERSION<\/p>\n\n\n\n docker rmi kubeimage\/kube-scheduler-amd64:$KUBE_VERSION<\/p>\n\n\n\n docker rmi registry.cn-hangzhou.aliyuncs.com\/google_containers\/pause:$PAUSE_VERSION<\/a><\/p>\n\n\n\n docker rmi registry.cn-hangzhou.aliyuncs.com\/google_containers\/coredns:$CORE_DNS_VERSION<\/a><\/p>\n\n\n\n