Environment initialization
- Check the version of the operating system
This method of installing kubernetes cluster requires centos version 7.5 or above, execute the following command to view
cat /etc/redhat-release
- Host name resolution
In order to facilitate the direct call between the cluster nodes later, and then configure the host name resolution, it is recommended to use the internal DNS server in the enterprise.
Edit the /etc/hosts files of three hosts and add the following content:
192.168.109.100 master
192.168.109.101 node1
192.168.109.102 node2
- Time synchronization
kubernetes requires that the time of each node in the cluster must be consistent. Here, the chronyd service is used to synchronize time from the network. It is recommended to configure an internal time synchronization server in the enterprise.
#启动chronyd服务
systemctl start chronyd
#设置开机启动
systemctl enable chronyd
#chronyd需要等几秒钟,就可以用date命令验证时间了
date
- Disabling iptables and firewalld services
kubernetes and docker will generate a large number of iptables rules during operation. In order not to confuse the system rules with him, directly turn off the system rules
#关闭firewalld服务
systemctl stop firewalld
systemctl disable firewalld
#关闭iptables服务
systemctl stop iptables
systemctl disable iptables
- Disabling selinux
selinux is a security service under the linux system. If you do not turn it off, various problems will occur during the installation of the cluster
#编辑/etc/selinux/config文件,修改SELINUX的值为disabled
#注意修改完之后需要重启linux服务
SELINUX=disabled
- Disabling swap partition The
swap partition refers to the virtual memory partition. Its function is to virtualize the disk space into memory to use the
swap device after the physical memory is used up, which will have a very negative impact on system performance, so kubernetes requires each node Swap settings must be disabled.
However, if the swap partition cannot be closed for some reason, you need to configure the instructions through clear parameters during the cluster installation process.
#编辑分区配置文件/etc/fstab,注释掉swap分区一行
#修改完之后需要重启服务
- Modify linux kernel parameters
#修改linux的内核参数,添加网桥过滤和地址转发功能
#编辑/etc/sysctl.d/kubernetes/conf文件,添加如下配置
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
#重新加载配置
sysctl -p
#加载网桥过滤模块
modprobe br_netfilter
#查看网桥过滤模块是否添加成功
lsmod | grep br_netfilter
- Configuring the ipvs function
There are two proxy modes for service in kubernetes, one is based on iptables, and the other is based on ipvs. Comparing the two, the performance of ipvs is obviously higher, but if you want to use it, you need to load it manually ipvs module
#安装ipset和ipcsadm
yum install ipset ipvsadm -y
#添加需要加载的模块写入脚本文件
cat <<EOF > /etc/sysconfig/modules/ipvs.modules
#!bin/bash
modprobe -- ip_vs
modprobe -- ip_vs_rr
modprobe -- ip_vs_wrr
modprobe -- ip_vs_sh
modprobe -- nf_conntrack_ipv4
EOF
#为脚本添加权限
chmod +x /etc/sysconfig/modules/ipvs.modules
#执行脚本
/bin/bash /etc/sysconfig/modules/ipvs.modules
#查看是否执行成功
lsmod | grep -e ip_vs -e nf_conntrack_ipv4
9. Restart the service
reboot to
check whether the linux security and swap partition settings take effect
》》》Bloggers update their learning experience for a long time, recommend likes and follow! ! !
》》》If there is something wrong, please leave a message in the comment area, thank you! ! !