CentOS series of tutorials (8)

Enterprise 2020-04-15 22:41:55 views: null

This article is the preparation operation before the experimental deployment of kubernets cluster.

The following is the operation process:

Set host name and configure hosts

[root@localhost master]# hostnamectl set-hostname kubernetes-master
[root@localhost master]# hostnamectl status
Static hostname: kubernetes-master
Icon name: computer-vm
Chassis: vm
Machine ID: 6191eb7683f84b63a36c1c4d8a68fcfb
Boot ID: 92e6aa3941f048f8a5ef99d86b30e990
Virtualization: vmware
Operating System: CentOS Linux 7 (Core)
CPE OS Name: cpe:/o:centos:centos:7
Kernel: Linux 3.10.0-862.el7.x86_64
Architecture: x86-64
[root@localhost master]# cat >> /etc/hosts << EOF

192.168.20.195 kubernetes-master
192.168.20.196 kubernetes-node00
192.168.20.197 kubernetes-node01
EOF
[root @ localhost master] # cat -n / etc / hosts
1 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
2 :: 1 local localhost.localdomain localhost6 localhost6.localdomain6
3 192.168.20.195 kubernetes-master
4 192.168.20.196 kubernetes-node00
5 192.168.20.197 kubernetes-node01
[root @ localhost master] #

[root@localhost work0]# hostnamectl set-hostname kubernetes-node00
[root@localhost work0]# hostnamectl status
Static hostname: kubernetes-node00
Icon name: computer-vm
Chassis: vm
Machine ID: 6bfc0a20ffc345c0b9a6e8f183b41ab5
Boot ID: 6312a3bd740e4718b6e102120957769f
Virtualization: vmware
Operating System: CentOS Linux 7 (Core)
CPE OS Name: cpe:/o:centos:centos:7
Kernel: Linux 3.10.0-862.el7.x86_64
Architecture: x86-64
[root@localhost work0]# cat >> /etc/hosts << EOF
192.168.20.195 kubernetes-master
192.168.20.196 kubernetes-node00
192.168.20.197 kubernetes-node01
EOF
[root@localhost work0]# cat -n /etc/hosts
1 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
2 :: 1 localhost localhost.localdomain localhost6 localhost6.localdomain6
3 192.168.20.195 kubernetes-master
4 192.168.20.196 kubernetes-node00
5 192.168.20.1 kubernetes-
node00 ] #

[root@localhost work1]# hostnamectl set-hostname kubernetes-node01
[root@localhost work1]# hostnamectl status
Static hostname: kubernetes-node01
Icon name: computer-vm
Chassis: vm
Machine ID: 8a968f63778d447587873c082ee483d1
Boot ID: b33f693a1d8149238a5e8fabd263b383
Virtualization: vmware
Operating System: CentOS Linux 7 (Core)
CPE OS Name: cpe:/o:centos:centos:7
Kernel: Linux 3.10.0-862.el7.x86_64
Architecture: x86-64
[root@localhost work1]# cat >> /etc/hosts << EOF
192.168.20.195 kubernetes-master
192.168.20.196 kubernetes-node00
192.168.20.197 kubernetes-node01
EOF
[root@localhost work1]# cat -n /etc/hosts
1 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
2 :: 1 localhost localhost.localdomain localhost6 localhost6.localdomain6
3 192.168.20.195 kubernetes-master
4 192.168.20.196 kubernetes-node00
5 192.168.20.1
k ] #
######################################### ############

Password-free login between master and nodes

[Note: This operation only needs to be performed on the master machine, the two work machines do not need to do anything]
[root @ localhost master] # ssh-keygen -t rsa
Generating public / private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256: XpMV6NEsm + 8MCpqpxgMWkf6 / UuAH9zmB8E10uzirkf8 root @ kubernetes-master
The key's randomart image is:
+ --- [RSA 2048]- -+
|.... +. |
| o. .. = o. |
| .. o + o =. |
| oo + o. = o |
| + + .oS. +. |
|.. o oo=o.... |
|.o +* oo. + |
| +.+.+ . o |
| ..o.o...E |
+----[SHA256]-----+
[root@localhost master]# ssh-copy-id -i /root/.ssh/id_rsa.pub [email protected]
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host '192.168.20.196 (192.168.20.196)' can't be established.
ECDSA key fingerprint is SHA256:aDoeqgH+fD1Ur/WdpYlNjuIY0t5iH5PuT0ewPkQ64PQ.
ECDSA key fingerprint is MD5:8f:3a:d5:e2:ee:d5:60:3c:9c:f7:28:1e:70:0d:64:5f.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
[email protected]'s password:

Number of key(s) added: 1

Now try logging into the machine, with: "ssh '[email protected]'"
and check to make sure that only the key(s) you wanted were added.

[root@localhost master]# ssh-copy-id -i /root/.ssh/id_rsa.pub [email protected]
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host '192.168.20.197 (192.168.20.197)' can't be established.
ECDSA key fingerprint is SHA256:a6PG3JgmZaDRZXGwMq5C1MamuiAbXah+/72QDqp02lA.
ECDSA key fingerprint is MD5:52:f9:b9:17:83:75:d0:26:15:48:88:09:89:dc:73:ce.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
[email protected]'s password:

Number of key(s) added: 1

Now try logging into the machine, with: "ssh '[email protected]'"
and check to make sure that only the key(s) you wanted were added.

[root@localhost master]# ssh [email protected]
Last login: Tue Apr 14 19:45:04 2020
[root@kubernetes-node00 ~]# ls
anaconda-ks.cfg initial-setup-ks.cfg
[root@kubernetes-node00 ~]# exit
logout
Connection to 192.168.20.196 closed.
[root@localhost master]# ssh [email protected]
Last login: Tue Apr 14 19:47:14 2020
[root@kubernetes-node01 ~]# ls
anaconda-ks.cfg initial-setup-ks.cfg
[root@kubernetes-node01 ~]# exit
logout
Connection to 192.168.20.197 closed.
[root@localhost master]#
##########################################################

Chain of bridged IPv4 traffic to iptables

[root@localhost master]# modprobe br_netfilter
[root@localhost master]# sysctl -p
[root@localhost master]# sysctl --system

  • Applying /usr/lib/sysctl.d/00-system.conf ...
    net.bridge.bridge-nf-call-ip6tables = 0
    net.bridge.bridge-nf-call-iptables = 0
    net.bridge.bridge-nf-call-arptables = 0
  • Applying /usr/lib/sysctl.d/10-default-yama-scope.conf ...
    kernel.yama.ptrace_scope = 0
  • Applying /usr/lib/sysctl.d/50-default.conf ...
    kernel.sysrq = 16
    kernel.core_uses_pid = 1
    net.ipv4.conf.default.rp_filter = 1
    net.ipv4.conf.all.rp_filter = 1
    net.ipv4.conf.default.accept_source_route = 0
    net.ipv4.conf.all.accept_source_route = 0
    net.ipv4.conf.default.promote_secondaries = 1
    net.ipv4.conf.all.promote_secondaries = 1
    fs.protected_hardlinks = 1
    fs.protected_symlinks = 1
  • Applying /usr/lib/sysctl.d/60-libvirtd.conf ...
    fs.aio-max-nr = 1048576
  • Applying /etc/sysctl.d/99-sysctl.conf ...
  • Applying /etc/sysctl.d/k8s.conf ...
    net.bridge.bridge-nf-call-ip6tables = 1
    net.bridge.bridge-nf-call-iptables = 1
  • Applying /etc/sysctl.conf ...
    [root@localhost master]#

    [root@localhost work0]# cat > /etc/sysctl.d/k8s.conf << EOF

    net.bridge.bridge-nf-call-ip6tables = 1
    net.bridge.bridge-nf-call-iptables = 1
    EOF
    [root@localhost work0]# modprobe br_netfilter
    [root@localhost work0]# sysctl -p
    [root@localhost work0]# sysctl --system

  • Applying /usr/lib/sysctl.d/00-system.conf ...
    net.bridge.bridge-nf-call-ip6tables = 0
    net.bridge.bridge-nf-call-iptables = 0
    net.bridge.bridge-nf-call-arptables = 0
  • Applying /usr/lib/sysctl.d/10-default-yama-scope.conf ...
    kernel.yama.ptrace_scope = 0
  • Applying /usr/lib/sysctl.d/50-default.conf ...
    kernel.sysrq = 16
    kernel.core_uses_pid = 1
    net.ipv4.conf.default.rp_filter = 1
    net.ipv4.conf.all.rp_filter = 1
    net.ipv4.conf.default.accept_source_route = 0
    net.ipv4.conf.all.accept_source_route = 0
    net.ipv4.conf.default.promote_secondaries = 1
    net.ipv4.conf.all.promote_secondaries = 1
    fs.protected_hardlinks = 1
    fs.protected_symlinks = 1
  • Applying /usr/lib/sysctl.d/60-libvirtd.conf ...
    fs.aio-max-nr = 1048576
  • Applying /etc/sysctl.d/99-sysctl.conf ...
  • Applying /etc/sysctl.d/k8s.conf ...
    net.bridge.bridge-nf-call-ip6tables = 1
    net.bridge.bridge-nf-call-iptables = 1
  • Applying /etc/sysctl.conf ...
    [root@localhost work0]#

    [root@localhost work1]# cat > /etc/sysctl.d/k8s.conf << EOF

    net.bridge.bridge-nf-call-ip6tables = 1
    net.bridge.bridge-nf-call-iptables = 1
    EOF
    [root@localhost work1]# modprobe br_netfilter
    [root@localhost work1]# sysctl -p
    [root@localhost work1]# sysctl --system

  • Applying /usr/lib/sysctl.d/00-system.conf ...
    net.bridge.bridge-nf-call-ip6tables = 0
    net.bridge.bridge-nf-call-iptables = 0
    net.bridge.bridge-nf-call-arptables = 0
  • Applying /usr/lib/sysctl.d/10-default-yama-scope.conf ...
    kernel.yama.ptrace_scope = 0
  • Applying /usr/lib/sysctl.d/50-default.conf ...
    kernel.sysrq = 16
    kernel.core_uses_pid = 1
    net.ipv4.conf.default.rp_filter = 1
    net.ipv4.conf.all.rp_filter = 1
    net.ipv4.conf.default.accept_source_route = 0
    net.ipv4.conf.all.accept_source_route = 0
    net.ipv4.conf.default.promote_secondaries = 1
    net.ipv4.conf.all.promote_secondaries = 1
    fs.protected_hardlinks = 1
    fs.protected_symlinks = 1
  • Applying /usr/lib/sysctl.d/60-libvirtd.conf ...
    fs.aio-max-nr = 1048576
  • Applying /etc/sysctl.d/99-sysctl.conf ...
  • Applying /etc/sysctl.d/k8s.conf ...
    net.bridge.bridge-nf-call-ip6tables = 1
    net.bridge.bridge-nf-call-iptables = 1
  • Applying /etc/sysctl.conf ...
    [root@localhost work1]#
    ########################################################

    Configure docker and kubernetes YUM software source

    [root@localhost master]# wget -O /etc/yum.repos.d/docker-ce.repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
    --2020-04-14 21:59:42-- https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
    Resolving mirrors.aliyun.com (mirrors.aliyun.com)... 111.6.206.244, 111.6.206.243, 111.6.206.242, ...
    Connecting to mirrors.aliyun.com (mirrors.aliyun.com)|111.6.206.244|:443... connected.
    HTTP request sent, awaiting response... 200 OK
    Length: 2640 (2.6K) [application/octet-stream]
    Saving to: ‘/etc/yum.repos.d/docker-ce.repo’

100%[=============================================>] 2,640 --.-K/s in 0s

2020-04-14 21:59:42 (846 MB/s) - ‘/etc/yum.repos.d/docker-ce.repo’ saved [2640/2640]

[root@localhost master]# cat > /etc/yum.repos.d/kubernetes.repo << EOF

[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
[root@localhost master]# ls -F /etc/yum.repos.d/
CentOS-Base.repo CentOS-fasttrack.repo docker-ce.repo
CentOS-Base.repo.original0 CentOS-Media.repo kubernetes.repo
CentOS-CR.repo CentOS-Sources.repo
CentOS-Debuginfo.repo CentOS-Vault.repo
[root@localhost master]#

[root@localhost work0]# wget -O /etc/yum.repos.d/docker-ce.repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
--2020-04-14 22:01:53-- https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
Resolving mirrors.aliyun.com (mirrors.aliyun.com)... 111.6.206.245, 111.6.206.246, 111.6.206.244, ...
Connecting to mirrors.aliyun.com (mirrors.aliyun.com)|111.6.206.245|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 2640 (2.6K) [application/octet-stream]
Saving to: ‘/etc/yum.repos.d/docker-ce.repo’

100%[=============================================>] 2,640 --.-K/s in 0s

2020-04-14 22:01:53 (970 MB/s) - ‘/etc/yum.repos.d/docker-ce.repo’ saved [2640/2640]

[root@localhost work0]# cat > /etc/yum.repos.d/kubernetes.repo << EOF

[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
[root@localhost work0]# ls -F /etc/yum.repos.d/
CentOS-Base.repo CentOS-fasttrack.repo docker-ce.repo
CentOS-Base.repo.original0 CentOS-Media.repo kubernetes.repo
CentOS-CR.repo CentOS-Sources.repo
CentOS-Debuginfo.repo CentOS-Vault.repo
[root@localhost work0]#

[root@localhost work1]# wget -O /etc/yum.repos.d/docker-ce.repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
--2020-04-14 22:02:06-- https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
Resolving mirrors.aliyun.com (mirrors.aliyun.com)... 111.6.206.245, 111.6.206.246, 111.6.206.244, ...
Connecting to mirrors.aliyun.com (mirrors.aliyun.com)|111.6.206.245|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 2640 (2.6K) [application/octet-stream]
Saving to: ‘/etc/yum.repos.d/docker-ce.repo’

100%[=========================================================================================================>] 2,640 --.-K/s in 0s

2020-04-14 22:02:06 (1.33 GB/s) - ‘/etc/yum.repos.d/docker-ce.repo’ saved [2640/2640]

[root@localhost work1]# cat > /etc/yum.repos.d/kubernetes.repo << EOF

[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
[root@localhost work1]# ls -F /etc/yum.repos.d/
CentOS-Base.repo CentOS-CR.repo CentOS-fasttrack.repo CentOS-Sources.repo docker-ce.repo
CentOS-Base.repo.original0 CentOS-Debuginfo.repo CentOS-Media.repo CentOS-Vault.repo kubernetes.repo
[root@localhost work1]#

Meng Bo, 20200411

Communication and contact: WeChat 1807479153, QQ 1807479153

Guess you like

Origin blog.51cto.com/6286393/2487609
Recommended
Face Wall Intelligence releases the Eurux-8x22B open source large model - it can be called the "science champion"
Kaiyuan Daily | Google supports Hongmeng to take over; open source Rabbit R1; Android phones supported by Docker; Microsoft’s anxiety and ambition; Haier Electric shuts down the open platform
Ranking
Jianzhi offer interview questions 68-II. The nearest common ancestor of a binary tree (recursive)
jQuery Mobile development 1-UI components
Summary of Kotlin function knowledge
[ZZ] The Naked Truth About Anisotropic Filtering
Diagnosis: record a recovery of abnormal CRASH storage caused the database to be unable to be opened normally
Redis introduction and Linux installation Redis
Experiment 2 Introduction to switches
glances open source command-line system monitoring tools introduced
Use of selector
vue3 handwriting a carousel picture
Daily
More
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)
2024-05-03(8)
2024-05-02(0)
2024-05-01(4)
2024-04-30(36)
2024-04-29(5)
2024-04-28(12)
2024-04-27(29)

Code World

© 2018 codetd.com