centos7配置为kubernetes节点准备工作 

# 修改主机名,设置后注销重新登录即可
hostnamectl set-hostname nodexxx.localdomain.local && logout
 
# 同步公网时间(无法访问公网需要配置指向内网ntp服务器)
yum install chrony
systemctl start chronyd
systemctl enable chronyd
chronyc tracking  # 校准时间
timedatectl set-ntp yes  # 启用NTP时间同步
chronyc sources -v # 查看时间同步源状态
chronyc sourcestats -v # 查看时间同步源状态
 
# 关闭selinux
sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config
setenforce 0
 
# 修改系统参数,退出再登录生效
# 查看当前值
ulimit -a
## 当前open files=1024 max user processes=7273

# 调整默认文件句柄
cat >> /etc/security/limits.conf << EOF
* soft nofile 65536
* hard nofile 65536
EOF
logout

# 查看系统最大文件句柄数
## sysctl -a|grep fs.file-max
 
# 使用阿里repo源
mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.backup
curl -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
yum clean all && yum repolist
 
# 关闭无用的服务和防火墙
systemctl disable postfix.service  #邮件服务 占用25端口
systemctl stop postfix.service
systemctl stop firewalld    #防火墙
systemctl mask firewalld    #注销服务 将服务文件指向/dev/null 服务将不再可用 
# 反注销 systemctl unmask firewalld
 
# 调整内核参数
cat >> /etc/sysctl.conf << EOF
net.ipv4.ip_forward=1
watchdog_thresh=30
net.bridge.bridge-nf-call-iptables=1
net.ipv4.neigh.default.gc_thresh1=4096
net.ipv4.neigh.default.gc_thresh2=6144
net.ipv4.neigh.default.gc_thresh3=8192
EOF
modprobe br_netfilter
sysctl -p

# docker-ce安装
# step 1: 安装必要的一些系统工具
yum install -y yum-utils device-mapper-persistent-data lvm2
# Step 2: 添加软件源信息
yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
# Step 3: 更新并安装Docker-CE
yum makecache fast
yum -y install docker-ce
# Step 4: 配置Docker服务
touch /etc/docker/daemon.json
cat > /etc/docker/daemon.json <<EOF
{
    "oom-score-adjust": -1000,
    "log-driver": "json-file",
    "log-opts": {
    "max-size": "100m",
    "max-file": "3"
    },
    "max-concurrent-downloads": 10,
    "max-concurrent-uploads": 10,
    "bip": "172.17.199.0/24",
    "registry-mirrors": ["https://7bezldxe.mirror.aliyuncs.com"],
    "storage-driver": "overlay2",
    "storage-opts": [
    "overlay2.override_kernel_check=true"
    ]
}
EOF

# 启动docker服务
systemctl daemon-reload && systemctl restart docker
posted @ 2020-10-19 19:56  longtds  阅读(104)  评论(0编辑  收藏  举报