安装Centos7初始化操作系统
设置静态网络
1、设置静态网络,一是用来不让地址飘忽不定,二来是为了访问外网。
命令如下:
[root@localhost ~]# vim /etc/sysconfig/network-scripts/ifcfg-ens33
修改内容:
TYPE="Ethernet"
BOOTPROTO="static" # 设置为静态网络static。
DEFROUTE="yes"
PEERDNS="yes"
PEERROUTES="yes"
IPV4_FAILURE_FATAL="no"
IPV6INIT="yes"
IPV6_AUTOCONF="yes"
IPV6_DEFROUTE="yes"
IPV6_PEERDNS="yes"
IPV6_PEERROUTES="yes"
IPV6_FAILURE_FATAL="no"
IPV6_ADDR_GEN_MODE="stable-privacy"
NAME="ens33"
UUID="66f9933b-54eb-4156-81f4-8cb3f344124b"
DEVICE="ens33"
ONBOOT="yes"
IPADDR="192.168.43.2" # 配置跟宿主机联网的同网段IP地址
NETMASK="255.255.255.0" # 配置子网掩码
GATEWAY="192.168.43.1" # 配置宿主机的网关
DNS1="8.8.8.8" # 配置DNS解析服务器
2、重启网络服务。
[root@localhost ~]# systemctl restart network
3、查看IP地址是否已经更改。
[root@localhost ~]# ip add
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:b2:e5:54 brd ff:ff:ff:ff:ff:ff
inet 192.168.43.2/24 brd 192.168.43.255 scope global ens33 # 可以查看这里IP地址已经更改
valid_lft forever preferred_lft forever
inet6 2409:890c:39b0:630:1427:b41a:753c:ef8d/64 scope global noprefixroute dynamic
valid_lft 3472sec preferred_lft 3472sec
inet6 fe80::e458:494f:e11c:bbe8/64 scope link
valid_lft forever preferred_lft forever
3: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN qlen 1000
link/ether 52:54:00:cd:f3:96 brd ff:ff:ff:ff:ff:ff
inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0
valid_lft forever preferred_lft forever
4: virbr0-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast master virbr0 state DOWN qlen 1000
link/ether 52:54:00:cd:f3:96 brd ff:ff:ff:ff:ff:ff
4、验证网络是否联通。
[root@localhost ~]# ping www.baidu.com
PING www.a.shifen.com (39.156.66.18) 56(84) bytes of data.
64 bytes from 39.156.66.18 (39.156.66.18): icmp_seq=1 ttl=50 time=51.6 ms
64 bytes from 39.156.66.18 (39.156.66.18): icmp_seq=2 ttl=50 time=69.3 ms
64 bytes from 39.156.66.18 (39.156.66.18): icmp_seq=3 ttl=50 time=57.5 ms
关闭防火墙
1、关闭防火墙,防止以后服务会被防火墙挡掉。
[root@localhost ~]# iptables -F
[root@localhost ~]# systemctl stop firewalld
[root@localhost ~]# systemctl disable firewalld
Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
Removed symlink /etc/systemd/system/basic.target.wants/firewalld.service.
[root@localhost ~]# systemctl status firewalld
● firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled; vendor preset: enabled)
Active: inactive (dead)
Docs: man:firewalld(1)
Mar 16 02:52:21 localhost.localdomain systemd[1]: Starting firewalld - dynami....
Mar 16 02:52:27 localhost.localdomain systemd[1]: Started firewalld - dynamic....
Mar 16 03:45:13 localhost.localdomain systemd[1]: Stopping firewalld - dynami....
Mar 16 03:45:18 localhost.localdomain systemd[1]: Stopped firewalld - dynamic....
Hint: Some lines were ellipsized, use -l to show in full.
关闭selinux
1、临时关闭selinux。
[root@localhost ~]# getenforce
Enforcing
[root@localhost ~]# setenforce 0
[root@localhost ~]# getenforce
Permissive
2、永久关闭selinux。
执行命令:
[root@localhost ~]# vim /etc/selinux/config # 这两种配置文件效果一样,任选其一。
[root@localhost ~]# vim /etc/sysconfig/selinux
修改内容:
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
# SELINUX=enforcing # 注释第一行即可
# SELINUXTYPE= can take one of three two values:
# targeted - Targeted processes are protected,
# minimum - Modification of targeted policy. Only selected processes are protected.
# mls - Multi Level Security protection.
# SELINUXTYPE=targeted # 注释这一行即可
修改主机名
修改命令如下:
[root@localhost ~]# hostnamectl set-hostname K8s-master
[root@localhost ~]# bash
[root@k8s-master ~]#
配置主机和IP地址映射关系
1、修改配置文件。
执行命令:
[root@k8s-master ~]# vim /etc/hosts
添加内容:
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
K8s-master 192.168.43.2 # 前面是主机名,后面是对应IP
K8s-node01 192.168.43.3
K8s-node02 192.168.43.4
2、重载配置文件。
[root@k8s-master ~]# systemctl daemon-reload
配置网络yum源
阿里云Centos7镜像下载地址:Centos7地址
1、安装wget工具。
[root@k8s-master ~]# yum -y install wget
2、备份本地源。
[root@k8s-master ~]# mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.backup
3、下载阿里云镜像源。
[root@k8s-master ~]# wget -O /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-7.repo
4、生成缓存。
[root@k8s-master ~]# yum makecache
5、安装epel扩展源(可以搜到更多的包)。
[root@k8s-master ~]# yum install -y epel-release
设置免密登录
1、先生成公钥。
[root@k8s-master ~]# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
f5:21:e0:89:44:97:1f:e5:df:71:4f:b0:3a:ec:70:31 root@k8s-master
The key's randomart image is:
+--[ RSA 2048]----+
| .o o. .. . |
| . +.o.. o |
| . o.o.E ..o|
| ..+ * o+|
| S . * . o|
| + . |
| . |
| |
| |
+-----------------+
2、传输公钥到另一台机器。
[root@k8s-master ~]# ssh-copy-id 192.168.43.3 # 另一台服务的IP地址
The authenticity of host '192.168.43.3 (192.168.43.3)' can't be established.
ECDSA key fingerprint is e9:b9:0c:d9:13:ef:c7:12:ee:2a:cf:06:16:3d:da:26.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@192.168.43.3's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh '192.168.43.3'"
and check to make sure that only the key(s) you wanted were added.
3、进行登录,然后退出。
[root@k8s-master ~]# ssh 192.168.43.3
Last login: Fri Mar 17 00:28:31 2023 from 192.168.43.2
[root@k8s-node01 ~]# exit
logout
Connection to 192.168.43.3 closed.