二进制安装k8s集群-前期准备工作(一)

k8s已经是趋势,我们来学习下二进制搭建k8s，主要是了解各组件的相互通讯机制，
了解k8s原理，实际在生产中还是推荐比较成熟的安装方式。主要是学习了某机构的视频，下面是笔记，感谢牛逼的老师们！

准备5台2c/2g/50g虚拟机，使用10.4.7.0/24 网络

主机名	角色	ip	部署服务与组件	硬件配置
hdss7-11.host.com	k8s proxy 主	10.4.7.11	bind9、nginx（L4）、keepalived、supervisor	2C 2G 50G
hdss7-12.host.com	k8s proxy 备	10.4.7.12	etcd、nginx（L4）、keepalived、supervisor	2C 2G 50G
hdss7-21.host.com	k8s 运算节点1	10.4.7.21	etcd、kube-apiserver、kube-controller-manager、kube-scheduler kube-kubelet、kube-proxy，supervisor	4C 8G 50G
hdss7-22.host.com	k8s 运算节点2	10.4.7.22	etcd、kube-apiserver、kube-controller-manager、kube-scheduler、kube-kubelet、kube-proxy，supervisor	4C 8G 50G
hdss7-200.host.com	k8s 运维节点，docker仓库	10.4.7.200	docker 私有仓库、资源配置清单仓库、提供共享存储（NFS）、签发证书	2C 2G 50G

虚拟机网络设置
vm-network

然后是windows的网卡设置
win-network-images

虚拟机安装结果如图

机器初始化命令如下，参考自己的机器即可

#关闭防火墙

systemctl stop firewalld.service
systemctl disable firewalld.service

#关闭selinux
sed -i 's/SELINUX=enforcing/SELINUX=disabled/' /etc/selinux/config 
setenforce 0 

#关闭虚拟内存
sed -ri 's/.*swap.*/#&/' /etc/fstab


#优化limits等
grep "^export HISTTIMEFORMAT" /etc/profile >/dev/null || echo -e "export HISTTIMEFORMAT='%F %T '" >> /etc/profile
grep "^export HISTSIZE" /etc/profile >/dev/null || echo -e "export HISTSIZE=2000" >> /etc/profile
source /etc/profile
# 优化文件打开数
echo -e "* soft   nofile  65535" >>/etc/security/limits.conf
echo -e "* hard   nofile  65535" >>/etc/security/limits.conf
echo -e "root soft   nofile  655350" >>/etc/security/limits.conf
echo -e "root hard   nofile  655350" >>/etc/security/limits.conf
sed -i 's#4096#655350#g' /etc/security/limits.d/20-nproc.conf

#安装epel源
yum install epel-release -y 


#优化内核
cat >>/etc/sysctl.conf<<EOF
net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.default.disable_ipv6 = 1
net.ipv6.conf.lo.disable_ipv6 = 1
vm.swappiness = 0
net.ipv4.ip_forward = 1
net.ipv4.neigh.default.gc_stale_time=120
net.ipv4.conf.all.rp_filter=0
net.ipv4.conf.default.rp_filter=0
net.ipv4.conf.default.arp_announce = 2
net.ipv4.conf.lo.arp_announce=2
net.ipv4.conf.all.arp_announce=2
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_max_syn_backlog = 1024
net.ipv4.tcp_synack_retries = 2
net.ipv4.tcp_max_tw_buckets = 20000
net.ipv4.tcp_fin_timeout=60
EOF

sysctl -p

#使用阿里云源
mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.backup
curl -o /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-7.repo
yum makecache

mv /etc/yum.repos.d/epel.repo /etc/yum.repos.d/epel.repo.backup
mv /etc/yum.repos.d/epel-testing.repo /etc/yum.repos.d/epel-testing.repo.backup
wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo


#网卡设置

TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=static
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=ens33
UUID=5a6fc398-3a24-4b55-8011-d01ee5ef32a4
DEVICE=ens33
ONBOOT=yes
IPADDR=10.4.7.11
NETMASK=255.255.255.0
GATEWAY=10.4.7.254
DNS1=114.114.114.114
DNS2=8.8.8.8


#修改对应机器的主机名
hostnamectl set-hostname hdss7-11  
hostnamectl set-hostname hdss7-12
hostnamectl set-hostname hdss7-21
hostnamectl set-hostname hdss7-22
hostnamectl set-hostname hdss7-200

#安装必要的软件
yum install -y wget net-tools telnet tree nmap sysstat lrzsz dos2unix bind-utils 


#vm虚拟机有一个问题关机后时间会对不上，解决时间问题方式如下其他的server注释，使用阿里云ntp
yum -y install chrony
[root@hdss7-21 ~]# vim /etc/chrony.conf       
server ntp.aliyun.com iburst
[root@hdss7-21 ~]# systemctl start chronyd.service
[root@hdss7-21 ~]# systemctl enable chronyd.service

以上就是我们的虚拟机的设置以及系统的初始化，下一教程会涉及到dns的服务的部署！

二进制安装k8s集群-前期准备工作(一)