Versions Compared

Old Version 2

changes.mady.by.user 郑禹

Saved on

compared with

New Version 3

changes.mady.by.user 郑禹

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

yum -y install ipvsadm ipset sysstat conntrack libseccomp

yum -y install perl
rpm --import https://www.elrepo.org/RPM-GPG-KEY-elrepo.org
yum -y install https://www.elrepo.org/elrepo-release-7.0-4.el7.elrepo.noarch.rpm
yum  --enablerepo="elrepo-kernel"  -y install kernel-ml.x86_64
grub2-set-default 0
grub2-mkconfig -o /boot/grub2/grub.cfg

#!/bin/bash
ipvs_mods_dir="/usr/lib/modules/$(uname -r)/kernel/net/netfilter/ipvs"
echo ''>  
cat <<EOF >>/etc/modules-load.d/ipvsmodules.conf
for i in $(ls $ipvs_mods_dir|grep -o "^[^.]*")
do
  echo $i >>/etc/modules-load.d/ipvs.conf
  /sbin/modinfo -F filename $i &>/dev/null
  if [ $? -eq 0 ];then
    /sbin/modprobe $i
  fi
done
ip_vs
ip_vs_lc
ip_vs_lblc
ip_vs_lblcr
ip_vs_rr
ip_vs_wrr
ip_vs_sh
ip_vs_dh
ip_vs_fo
ip_vs_nq
ip_vs_sed
ip_vs_ftp
ip_vs_sh
ip_tables
ip_set
ipt_set
ipt_rpfilter
ipt_REJECT
ipip
xt_set
br_netfilter
nf_conntrack
overlay
EOF
systemctl enable --now systemd-modules-load.service

echo
 echo never > /sys/kernel/mm/transparent_hugepage/defrag
 echo never > /sys/kernel/mm/transparent_hugepage/enabled
 echo 'echo never > /sys/kernel/mm/transparent_hugepage/defrag'  >> /etc/rc.local
 echo 'echo never > /sys/kernel/mm/transparent_hugepage/enabled'  >> /etc/rc.local

 cat <<-EOF >> /etc/sysctl.conf
 vm.swappiness=0
 EOF
 sysctl -p 

modprobe overlay
 modprobe br_netfilter
 cat <<EOF > /etc/sysctl.d/k8s.conf
 net.ipv4.ip_forward = 1
 net.bridge.bridge-nf-call-iptables = 1
 net.bridge.bridge-nf-call-ip6tables = 1
 fs.may_detach_mounts = 1
 vm.overcommit_memory=1
 vm.panic_on_oom=0
 fs.inotify.max_user_watches=89100
 fs.file-max=52706963
 fs.nr_open=52706963
 net.netfilter.nf_conntrack_max=2310720
 net.ipv4.tcp_keepalive_time = 600
 net.ipv4.tcp_keepalive_probes = 3
 net.ipv4.tcp_keepalive_intvl =15
 net.ipv4.tcp_max_tw_buckets = 36000
 net.ipv4.tcp_tw_reuse = 1
 net.ipv4.tcp_max_orphans = 327680
 net.ipv4.tcp_orphan_retries = 3
 net.ipv4.tcp_syncookies = 1
 net.ipv4.tcp_max_syn_backlog = 16384
 net.ipv4.ip_conntrack_max = 131072
 net.ipv4.tcp_max_syn_backlog = 16384
 net.ipv4.tcp_timestamps = 0
 net.core.somaxconn = 16384
 EOF
 sysctl -p
 sysctl -p /etc/sysctl.d/k8s.conf

 yum install wget jq psmisc vim net-tools telnet yum-utils unzip zip device-mapper-persistent-data lvm2 git lrzsz -y
 cat <<EOF > /etc/yum.repos.d/kubernetes.repo
 [kubernetes]
 name=Kubernetes
 baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
 enabled=1
 gpgcheck=1
 repo_gpgcheck=1
 gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
 EOF

yum install -y kubelet-1.26* kubectl-1.26* kubeadm-1.26* containerd.io

前面都是安装
这里注意
vim /etc/containerd/config.toml
注释掉这行
#disabled_plugins : ["cri"]
systemctl restart containerd && systemctl enable containerd
初始化
kubeadm init --apiserver-advertise-address=172.28.239.71 --image-repository registry.aliyuncs.com/google_containers --kubernetes-version v1.26.3 --service-cidr=10.96.0.0/16 --pod-network-cidr=10.244.0.0/16