1、基础设置
1.1 关闭防火墙
systemctl stop firewalld systemctl disable firewalld
1.2 关闭selinux
setenforce 0 # 这个是临时关闭
1.3 关闭swap
swapoff -a # 这个是临时关闭
2、安装docker
2.1 卸载旧版本
sudo yum remove docker docker-client docker-client-latest docker-common docker-latest docker-latest-logrotate docker-logrotate docker-engine
2.2 安装yum-utils
sudo yum install -y yum-utils
2.3 设置阿里云镜像仓库
sudo yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
2.4 安装docker engine-community
sudo yum install docker-ce docker-ce-cli containerd.io docker-compose-plugin
2.5 启动docker
systemctl start docker
2.6 将docker设置为自启动
systemctl enable docker
3、配置 containerd
3.1 配置并启用containerd.conf
cat <<EOF | sudo tee /etc/modules-load.d/containerd.conf overlay br_netfilter EOF modprobe -- overlay modprobe -- br_netfilter
3.2 设置网络参数,开启iptable桥接模式与ip_forward
cat <<EOF | sudo tee /etc/sysctl.d/99-kubernetes-cri.conf net.bridge.bridge-nf-call-iptables = 1 net.ipv4.ip_forward = 1 net.bridge.bridge-nf-call-ip6tables = 1 EOF
3.3 系统配置生效
sysctl --system
3.4 生成containerd 的默认配置文件路径
mkdir -p /etc/containerd containerd config default | tee /etc/containerd/config.toml
3.5 修改config.xml文件
vim /etc/containerd/config.toml
# 1、使用 / 搜索 containerd.runtimes.runc.options 将该内容下发的 SystemdCgroup 改为 true
# 2、使用 / 搜索 sandbox_image 将值改为 registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.6
3.6 重新加载配置文件,并设置containerd 自启动
systemctl daemon-reload systemctl enable --now containerd
3.7 添加对外暴露的sock端口
cat > /etc/crictl.yaml <<EOF runtime-endpoint: unix:///run/containerd/containerd.sock image-endpoint: unix:///run/containerd/containerd.sock timeout: 10 debug: false EOF
4、安装k8s
4.1 配置k8s镜像仓库
vi /etc/yum.repos.d/kubernetes.repo [kubernetes] name=Kubernetes baseurl=http://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64 enabled=1 gpgcheck=1 gpgkey=http://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg http://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
4.2 安装k8s 1.26版本
yum install kubeadm-1.26* kubelet-1.26* kubectl-1.26* -y
4.3 配置LOCAL_IP和kubeadm-config.yaml文件
export LOCAL_IP=192.168.110.30 # 我的ip地址 192.168.110.30
echo $LOCAL_IP
mkdir /etc/k8s
cd /etc/k8s
rm -f kubeadm-config.yaml
wget http://manongbiji.oss-cn-beijing.aliyuncs.com/ittailkshow/k8s/downloa
d/kubeadm-config.yaml
sed -i 's/{LOCAL_IP}/'$LOCAL_IP'/' kubeadm-config.yaml
kubeadm config migrate --old-config kubeadm-config.yaml --new-config new.yaml
4.4 启动并配置自启动
systemctl start kubelet systemctl enable kubelet
4.5 启动 containerd
systemctl restart containerd
4.6 配置daemon.json
vim /etc/docker/daemon.json
{
"registry-mirrors": ["https://82m9ar63.mirror.aliyuncs.com"],
"exec-opts": ["native.cgroupdriver=systemd"]
}
systemctl daemon-reload
systemctl restart docker
4.7 初始化kubeadm
kubeadm init --config /etc/k8s/new.yaml --upload-certs
4.8 根据k8s的提示,执行如下脚本
mkdir -p $HOME/.kube sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config sudo chown $(id -u):$(id -g) $HOME/.kube/config export KUBECONFIG=/etc/kubernetes/admin.conf
cat >> /etc/profile <<-'EOF' export KUBECONFIG=/etc/kubernetes/admin.conf EOF
4.9 在从节点上执行如下脚本( k8s 日志中的配置)->从节点只需要执行到4.6就可以执行下方命令
kubeadm join 192.168.110.30:6443 --token 7t2weq.bjbawausm0jaxury \
--discovery-token-ca-cert-hash sha256:0c656039a96c0aea3d88289649f5eda98cbc8c4cceaa3b1be38e059fae5565bb \
--control-plane --certificate-key 71a99f892cc1c1b6658e8476dd0238eb109077d8773b2d90be4269aabf91a54b
标签:安装,etc,systemctl,yum,containerd,docker,K8S,config From: https://www.cnblogs.com/caixiaozi/p/18154003