| 失效链接处理 |
|
搭建一个完整的K8S集群部署文档 PDF 下载
本站整理下载:
相关截图:
主要内容:
关闭防火墙:
# systemctl stop firewalld
# systemctl disable firewalld
关闭selinux:
# setenforce 0 # 临时
# sed -i 's/enforcing/disabled/' /etc/selinux/config # 永久
关闭swap:
# swapoff -a # 临时
# vim /etc/fstab # 永久
同步系统时间:
# ntpdate time.windows.com
添加hosts:
# vim /etc/hosts
192.168.31.63 k8s-master1
192.168.31.64 k8s-master2
192.168.31.65 k8s-node1
192.168.31.66 k8s-node2
修改主机名:
hostnamectl set-hostname k8s-master1
2.Etcd集群
可在任意节点完成以下操作。
2.1 生成etcd证书
# cd TLS/etcd
安装cfssl工具:
# ./cfssl.sh
修改请求文件中hosts字段包含所有etcd节点IP:
# vi server-csr.json
{
"CN": "etcd",
"hosts": [
"192.168.31.63",
"192.168.31.64",
"192.168.31.65"
],
"key": {
"algo": "rsa",
"size": 2048
},
"names": [
{
"C": "CN",
"L": "BeiJing",
"ST": "BeiJing"
}
]
}
# ./generate_etcd_cert.sh
# ls *pem
ca-key.pem ca.pem server-key.pem server.pem
2.2 部署三个Etcd节点
# tar zxvf etcd.tar.gz
# cd etcd
# cp TLS/etcd/ssl/{ca,server,server-key}.pem ssl
分别拷贝到Etcd三个节点:
# scp –r etcd root@192.168.31.63:/opt
# scp etcd.service root@192.168.31.63:/usr/lib/systemd/system/
登录三个节点修改配置文件 名称和IP:
# vi /opt/etcd/cfg/etcd.conf
#[Member]
ETCD_NAME="etcd-1" 名称一定要替换
ETCD_DATA_DIR="/var/lib/etcd/default.etcd"
ETCD_LISTEN_PEER_URLS="https://192.168.31.63:2380" 内网ip
ETCD_LISTEN_CLIENT_URLS="https://192.168.31.63:2379"
#[Clustering]
ETCD_INITIAL_ADVERTISE_PEER_URLS="https://192.168.31.63:2380"
ETCD_ADVERTISE_CLIENT_URLS="https://192.168.31.63:2379"
ETCD_INITIAL_CLUSTER="etcd-1=https://192.168.31.63:2380,etcd-2=https://192.168.31.64:2380,etcd-3=https://192.168.31.65:2380"
ETCD_INITIAL_CLUSTER_TOKEN="etcd-cluster"
ETCD_INITIAL_CLUSTER_STATE="new"
# systemctl daemon-reload
# systemctl start etcd
# ps -ef|grep etcd 查看etcd进程
# systemctl enable etcd 设置开机启动
# tail /var/log/messages -f 查看系统日志
|
| Java1234官方群25: | 
|
| Java1234官方群25: | 838462530 |
苏公网安备 32061202001004号
