⒈ configure the IP address of Linux
vim /etc/sysconfig/network-scripts/ifcfg-ens33v
ifcfg-ens33 is the latest naming the card, it will get its card file name from the BIOS => PCIE channel, if not, then downgrade to eth0 or eth1 naming, if need to close the case, ifnames = 0 on It can be closed. And the previous configuration file similar modifications.
⒉ set the hostname
hostnamectl set-hostname {hostName}
It recommends that everyone in the large cluster environments by way of DNS, so able to resolve each other, of course, can be configured by modifying the host file between host names and IP.
Small environment is not recommended for everyone by way of DNS, if so then hang up DNS cluster environment will hang up.
⒊ modify the host file [non-clustered environment can be omitted]
vim /etc/hosts
** each copy files between Linux
Enter yes # After you have finished entering this command and enter the root password node01 to replicate the success of scp / etc / hosts K8S-root @ node01: / etc / hosts
⒋ yum cloud will modify slightly to 163 [temporarily]
⒌ installation dependencies
yum install -y conntrack ntpdate ntp ipvsadm ipset jq iptables curl sysstat libseccomp wget vim net-tools git
⒍ firewall settings and set the empty rule to lptables
# Close firewalld and canceled since the start systemctl STOP firewalld && systemctl disable firewalld # iptables installation, start iptables, set the boot from Kai, empty iptables rules, save the current rules to the default rules yum -y install iptables-Services && && iptables systemctl Start enable systemctl iptables && iptables-F && service iptables save
⒎ close SELINUX
1. Turn off the swap partition
# Turn off virtual memory swap partition [permanent] and turn off virtual memory. swapoff -a && sed -i '/ swap / s / ^ \ (. * \) $ / # \ 1 / g' / etc / fstab
** initialization procedure when kubeadm Kubernetes will detect swap partition in the end there is not closed, because if virtual memory is turned on, then, kubernetes container [pod] is likely to run on virtual memory, it will greatly reduce the efficiency of the container, Therefore Kubernetes will require forced to close, by the startup parameters kubelet - fail-swap-on=false
to change this limit. Recommended shut down to prevent the vessel appeared to run in a virtual memory is available.
2. Turn off SELinux
setenforce 0 && sed -i 's/^SELINUX=.*/SELINUX=disabled/' /etc/selinux/config
⒏ kernel parameter with respect Kubernetes
CAT > << kubernetes.conf the EOF # open bridge mode Important] net.bridge.bridge -nf-Call-iptables = . 1 # Bridge open mode Important] net.bridge.bridge -nf-Call-the ip6tables = . 1 is named net.ipv4.ip_forward and = . 1 net.ipv4.tcp_tw_recycle = 0 # prohibit the use of swap space, the system OOM only allowed to use it only when vm.swappiness = 0 # does not check whether enough physical memory vm.overcommit_memory = . 1 # open OOM vm.panic_on_oom = 0 fs.inotify.max_user_instances = 8192 fs.inotify.max_user_watches = 1048576 FS. File-max=52706963 fs.nr_open=52706963 #关闭ipv6【重要】 net.ipv6.conf.all.disable_ipv6=1 net.netfilter.nf_conntrack_max=2310720 EOF
# Will be optimized kernel files are copied to /etc/sysctl.d/ folder, so files optimized boot time can be called cp kubernetes.conf /etc/sysctl.d/kubernetes.conf
# Manual refresh, so the optimized file with immediate effect
sysctl -p /etc/sysctl.d/kubernetes.conf
*** non Linux4 kernel will pop up "sysctl: can not stat / proc / sys / net / netfilter / nf_conntrack_max: No such file or directory", can be ignored.
⒐ adjust the system time zone
# Set the time zone for China / Shanghai timedatectl the SET -timezone Asia / on Shanghai # The current UTC time into the hardware clock timedatectl the SET -local-the RTC 0 # reboot the system depends on the time of service systemctl restart rsyslog systemctl restart crond
⒑ system shut down unnecessary services
# Turn off and disable the mail service
systemctl STOP postfix && systemctl disable postfix
⒒ way to preserve log settings
After Centos7, because the boot mode to the system.d, so there are two log system while at work, the default is rsyslogd, and systemd journald
Use systemd journald better, so we change the default systemd journald, retaining only way to save a log.
1. Create a directory to save the log
mkdir /var/log/journal
2. Create a configuration file storage directory
mkdir /etc/systemd/journald.conf.d
3. Create a configuration file
CAT > /etc/systemd/journald.conf.d/ 99 -prophet.conf << EOF [Journal] # persistently saved to disk Storage = persistent # compression history log Compress = yes SyncIntervalSec = 5m RateLimitInterval = 30s RateLimitBurst = 1000 # the maximum space 10G SystemMaxUse = 10G # single log file maximum 200M SystemMaxFileSize = 200M # log save time two weeks MaxRetentionSec = 2week # does not forward logs to syslog ForwardToSyslog = nO EOF
4. Restart configuration systemd journald
systemctl restart systemd-journald
⒓ upgrade the Linux kernel to version 4.44
CentOS 7.x system comes with some kernel 3.10.x Bugs. Docker.Kubernetes run lead to instability.
1. Get the source
rpm -Uvh http://www.elrepo.org/elrepo-release-7.0-3.el7.elrepo.noarch.rpm
2. start the installation, whether to include the corresponding kernel menuentry initrd16 inspection /boot/grub2/grub.cfg configuration after installation, if not, the installation again!
yum --enablerepo=elrepo-kernel install -y kernel-lt
3. Set the boot from the new kernel
grub2-set-default 'CentoS Linux(4.4.189-1.el7.elrepo.×86_64) 7 (Core)'
⒔ restart boot configuration to take effect
reboot