标签:mirrors containerd 集群 registry https yum docker k8s 搭建
搭建k8s集群完整版
基础设置
设置主机ip
nmcli con add ifname ens33 con-name ens33 autoconnect yes type ethernet
nmcli con modify ens33 ipv4.method manual ipv4.dns 114.114.114.114 ipv4.addresses 192.168.109.102/24 ipv4.gateway 192.168.109.2
修改主机名
hostnamectl set-hostname master
关闭防火墙
systemctl stop firewalld
关闭selinux
vim /etc/selinux/config
SELINUX=disabled
关闭swap
swapoff -a //临时关闭
vim /etc/fstab
#注释掉swap的挂载条目
修改内核参数
cat <<EOF | sudo tee /etc/modules-load.d/containerd.conf
overlay
br_netfilter
EOF
# 将 overlay 和 br_netfilter 这两行文本写入
# 到 /etc/modules-load.d/containerd.conf 文件中
# 这两个模块是 Docker 或 containerd 这类容器运行时经常需要的
# 用于提供 overlay 文件系统支持和网络桥接功能
modprobe overlay
modprobe br_netfilter
# 手动加载内核模块
# modprobe 命令用于添加或移除内核模块
cat /etc/sysctl.d/99-kubernetes-cri.conf
net.bridge.bridge-nf-call-iptables = 1 # 这个设置允许 iptables 规则应用于桥接流量
net.ipv4.ip_forward = 1 # 这个设置允许 IP 转发。在 Kubernetes 集群中,节点(Node)之间以及节点与 Pod 之间的网络流量可能需要通过 IP 转发来路由
net.bridge.bridge-nf-call-ip6tables = 1 # 与 bridge-nf-call-iptables 类似,但这个设置是针对 IPv6 流量的。它允许 ip6tables 规则应用于桥接流量。
chmod 755 /etc/sysconfig/modules/ipvs.modules && bash /etc/sysconfig/modules/ipvs.modules && lsmod | grep -e ip_vs -e nf_conntrack
sysctl --system
安装docker
yum install -y yum-utils
yum-config-manager --add-repo https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/centos/docker-ce.repo
sed -i 's+https://download.docker.com+https://mirrors.tuna.tsinghua.edu.cn/docker-ce+' /etc/yum.repos.d/docker-ce.repo
yum install docker-ce -y
systemctl enable docker --now
containerd config default > /etc/containerd/config.toml
containerd config default | \
sed -e 's|registry\.k8s\.io/pause:[0-9.]\+|registry\.aliyuncs\.com/google_containers/pause:3.9|g' \
-e 's,SystemdCgroup = .*,SystemdCgroup = true,' \
-e 's/\[plugins."io.containerd.grpc.v1.cri".registry.mirrors\]/&\n \[plugins."io.containerd.grpc.v1.cri".registry.mirrors."docker.io"]\n endpoint = \["https:\/\/mirror.ccs.tencentyun.com"]\n/' \
-e 's/\[plugins."io.containerd.grpc.v1.cri".registry.mirrors\]/&\n \[plugins."io.containerd.grpc.v1.cri".registry.mirrors."registry.k8s.io"]\n endpoint = \["https:\/\/registry\.aliyuncs\.com\/google_containers"]/' \
-e '/^\s*$/d' |
tee /etc/containerd/config.toml
vim /etc/containerd/config.toml
sandbox_image = "registry.aliyuncs.com/google_containers/pause:3.9"
[plugins."io.containerd.grpc.v1.cri".registry.mirrors."docker.io"]
endpoint = ["https://mirror.ccs.tencentyun.com"]
[root@node1 ~]# vim /etc/docker/daemon.json
{
"registry-mirrors":["https://mirror.ccs.tencentyun.com"],
"exec-opts": ["native.cgroupdriver=systemd"]
}
安装k8s
cat /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=kubernetes
baseurl=http://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
gpgcheck=0
yum install -y kubelet kubectl kubeadm
systemctl enable kubelet
crictl config runtime-endpoint /var/run/containerd/containerd.sock
crictl config image-endpoint /var/run/containerd/containerd.sock
systemctl restart containerd
升级内核
rpm --import https://www.elrepo.org/RPM-GPG-KEY-elrepo.org
yum install https://www.elrepo.org/elrepo-release-7.el7.elrepo.noarch.rpm -y
sed -i "s#http://elrepo.org/linux#https://mirrors.tuna.tsinghua.edu.cn/elrepo#g" /etc/yum.repos.d/elrepo.repo
yum --enablerepo="elrepo-kernel" -y install kernel-lt.x86_64
grub2-set-default 0
grub2-mkconfig -o /boot/grub2/grub.cfg
reboot
初始化
wget https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
kubectl apply -f kube-flannel.yml
(kubectl delete -f kube-flannel.yml 删除)
标签:mirrors,
containerd,
集群,
registry,
https,
yum,
docker,
k8s,
搭建
From: https://www.cnblogs.com/humlogs/p/18194504