版权声明:本文为原创文章,转载请标明出处。 https://blog.csdn.net/zwjzqqb/article/details/83214207
依据《CentOS7实验机模板搭建部署》克隆实验机
# 关闭Selinux/firewalld,模板机部署时已经关闭
# 关闭交换分区
swapoff -a
sed -i 's/^.*swap.*$/# &/g' /etc/fstab
# 设置网桥包经IPTables,core文件生成路径
cat >>/etc/sysctl.conf<<EOF
vm.swappiness = 0
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
EOF
modprobe br_netfilter
sysctl -p
# 同步时间,模板机部署时已经部署周期矫正
# 安装内核组件
rpm -Uvh http://www.elrepo.org/elrepo-release-7.0-2.el7.elrepo.noarch.rpm
yum -y --enablerepo=elrepo-kernel install kernel-ml-devel kernel-ml
# 启用最新的内核
awk -F\' '$1=="menuentry " {print i++ " : " $2}' /etc/grub2.cfg
grub2-set-default 0
grub2-mkconfig -o /boot/grub2/grub.cfg
reboot
uname -a
# 启用最新的内核后,开启IPVS
cat > /etc/sysconfig/modules/ipvs.modules <<EOF
#!/bin/bash
ipvs_modules="ip_vs ip_vs_lc ip_vs_wlc ip_vs_rr ip_vs_wrr ip_vs_lblc ip_vs_lblcr ip_vs_dh ip_vs_sh ip_vs_fo ip_vs_nq ip_vs_sed ip_vs_ftp nf_conntrack_ipv4"
for kernel_module in \${ipvs_modules}; do
/sbin/modinfo -F filename \${kernel_module} > /dev/null 2>&1
if [ $? -eq 0 ]; then
/sbin/modprobe \${kernel_module}
fi
done
EOF
chmod 755 /etc/sysconfig/modules/ipvs.modules
bash /etc/sysconfig/modules/ipvs.modules
lsmod | grep ip_vs
# Kubernetes要求集群中所有机器具有不同的Mac地址、产品uuid、Hostname
# 如果有相同,则重新克隆,克隆时重置网卡
# 安装docker
yum install -y yum-utils device-mapper-persistent-data lvm2
yum-config-manager --add-repo \
https://download.docker.com/linux/centos/docker-ce.repo
yum makecache fast
yum -y install docker-ce
# 编辑systemctl的Docker启动文件
cd /usr/lib/systemd/system
sed -i "13i ExecStartPost=/usr/sbin/iptables -P FORWARD ACCEPT" docker.service
# 启动docker
systemctl daemon-reload
systemctl enable docker
systemctl start docker
# 如果拥有已经部署好SS服务的VPS,则依据《CentOS7 使用已有的SS服务器科学上网》
[TOC]