关闭防火墙
1
2
| systemctl stop firewalld
systemctl disable firewalld
|
关闭Swap
1
2
| swapoff -a
sed -i 's/.*swap.*/#&/' /etc/fstab
|
关闭Selinux
1
2
3
4
5
6
7
8
9
10
11
12
13
| setenforce 0
sed -i "s/^SELINUX=enforcing/SELINUX=disabled/g" /etc/sysconfig/selinux
sed -i "s/^SELINUX=enforcing/SELINUX=disabled/g" /etc/selinux/config
sed -i "s/^SELINUX=permissive/SELINUX=disabled/g" /etc/sysconfig/selinux
sed -i "s/^SELINUX=permissive/SELINUX=disabled/g" /etc/selinux/config
modprobe br_netfilter
cat <<EOF > /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
sysctl -p /etc/sysctl.d/k8s.conf
ls /proc/sys/net/bridge
|
设置内核、K8S的yum源
1
2
3
4
5
6
7
8
9
| cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
|
下载kubelet、 kubectl、 kubeadm、 docker、 kubernetes-cni
1
| yum install -y kubeadm kubelet kubectl kubernetes-cni docker
|
1
| systemctl enable kubelet & systemctl start kubelet
|
设置docker加速器
1
2
3
4
5
6
| sudo mkdir -p /etc/docker
sudo tee /etc/docker/daemon.json <<-'EOF'
{
"registry-mirrors": ["https://registry.docker-cn.com"]
}
EOF
|
docker代理设置 & cgroupfs设置
vi /usr/lib/systemd/system/docker.service
修改cgroup driver:native.cgroupdriver=systemd修改为native.cgroupdriver=cgroupfs
启动docker并设置开启自启
systemctl enable docker & systemctl daemon-reload & systemctl restart docker