k8s-部署-01-环境准备

k8s-部署-01-环境准备

1、服务主机规划：

IP地址	主机名	主机角色
10..4.7.11	hdss7-11.host.com
10.4.7.12	hdss7-12.host.com
10.4.7.21	hdss7-21.host.com
10.4.7.22	hdss7-22.host.com
10.4.7.200	hdss7-200.host.com
10.4.7.10		nginx VIP

 

 

 

 

 

2、架构图

3、服务器基础环境初始化

3.1、主机名修改

hostnamectl set-hostname hdss7-11.host.com

 

 3.2、主机IP修改

# 刚开始初始化主机时，DNS1应该设置为：114.114.114.114 或者8.8.8.8。等自建DNS配置好之后再设置为：10.7.4.11

[root@hdss7-11 network-scripts]# cat /etc/sysconfig/network-scripts/ifcfg-ens33 
TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=static
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=ens33
UUID=d2971a9a-8e22-455c-8197-3c4ce4ed70f9
DEVICE=ens33
ONBOOT=yes
IPADDR=10.4.7.11
NETMASK=255.255.255.0
GATEWAY=10.4.7.254
DNS1=10.4.7.11

 

3.3、配置yum源

# 建议配置阿里云的yum源
wget -O /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-7.repo

wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo

 

3.4、安装所需的安装包

yum install -y wget net-tools telnet tree nmap sysstat lrzsz dos2uninx bind-utils

 

3.5、关闭防火墙

systemctl stop firewalld

systemctl disable firewalld

systemctl status firewalld

 

 3.6、关闭selinux

[root@hdss7-11 network-scripts]# cat /etc/selinux/config 

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#     enforcing - SELinux security policy is enforced.
#     permissive - SELinux prints warnings instead of enforcing.
#     disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of three values:
#     targeted - Targeted processes are protected,
#     minimum - Modification of targeted policy. Only selected processes are protected. 
#     mls - Multi Level Security protection.
SELINUXTYPE=targeted 


[root@hdss7-11 network-scripts]# getenforce 
Disabled
[root@hdss7-11 network-scripts]# 

 

3.7、对时

yum -y install ntpdate ntp chrond

ntpdate asia.pool.ntp.org

ntpdate ntp3.aliyun.com

systemctl enable ntpd

systemctl status ntpd

 3.8、内核参数的优化

[root@hdss7-11 network-scripts]$ cat /etc/sysctl.conf
# sysctl settings are defined through files in
# /usr/lib/sysctl.d/, /run/sysctl.d/, and /etc/sysctl.d/.
#
# Vendors settings live in /usr/lib/sysctl.d/.
# To override a whole file, create a new file with the same in
# /etc/sysctl.d/ and put new settings there. To override
# only specific settings, add a file with a lexically later
# name in /etc/sysctl.d/ and put new settings there.
#
# For more information, see sysctl.conf(5) and sysctl.d(5).
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_max_tw_buckets = 5000 
net.ipv4.ip_local_port_range = 32768 65535
net.ipv4.conf.all.arp_ignore=2
net.ipv4.conf.default.arp_ignore=2
net.ipv4.conf.default.send_redirects=0
net.ipv4.conf.all.send_redirects=0
net.ipv4.conf.default.accept_redirects=0
net.ipv4.conf.all.accept_redirects=0
net.ipv4.conf.all.accept_source_route=0
net.ipv4.conf.default.accept_source_route=0
net.ipv4.tcp_syncookies=1
net.ipv4.tcp_tw_recycle=1
net.core.rmem_max=26214400
net.core.rmem_default=26214400
net.core.wmem_max=655360
net.core.wmem_default=655360

 

 3.9、关闭NetworkManager

systemctl stop NetworkManager

systemctl disable NetworkManager

systemctl status NetworkManager