常见的K8S安装部署方式:
? Minikube 单节点微型K8S (仅供学习、预览使用)
? 二进制安装部署(生产首选,新手推荐)
? 使用kubeadmin进行部署, K8S的部署工具,跑在K8S里(相对简单,熟手推荐)
一、准备环境
| 系统版本 | 主机名称 | IPv4地址 | Dock版本 | SElinux状态 | 防火墙状态 | 安装程序 |
| CentOS Linux release 7.4.1708 | hdss7-11.host.com | 10.4.7.11/24 | 关闭 | 关闭 | ||
| CentOS Linux release 7.4.1708 | hdss7-12.host.com | 10.4.7.12/24 | 关闭 | 关闭 | ||
| CentOS Linux release 7.4.1708 | hdss7-21.host.com | 10.4.7.21/24 | 关闭 | 关闭 | ||
| CentOS Linux release 7.4.1708 | hdss7-22.host.com | 10.4.7.22/24 | 关闭 | 关闭 | ||
| CentOS Linux release 7.4.1708 | hdss7-200.host.com | 10.4.7.200/24 | 关闭 | 关闭 |
1. 宿主机配置
针对所有的虚拟机全部选择网络为NAT模型,编辑NAT类型的网段为10.4.7.0/24
2. 设置网络NAT模型的网关为10.4.7.254
3. 设置虚拟NAT的虚拟网卡的地址为10.4.7.1/24,并设置DNS为10.4.7.11,并自动跃点数为10
4. 将所有的虚拟机配置如下:
[root@localhost ~]# systemctl stop firewalld
[root@localhost ~]# systemctl disable firewalld
Removed symlink /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
[root@localhost ~]# sed -i ‘s#SELINUX=enforcing#SELINUX=disabled#g‘ /etc/selinux/config
[root@localhost ~]# setenforce 0
[root@localhost ~]# yum install epel-release -y
[root@localhost ~]# hostnamectl set-hostname hdss7-11.host.com
[root@localhost ~]# cat /etc/sysconfig/network-scripts/ifcfg-ens33
TYPE=Ethernet
PROXY_METHOD=none
NAME=ens33
DEVICE=ens33
ONBOOT=yes
IPADDR=10.4.7.11
NETMASK=255.255.255.0
GATEWAY=10.4.7.254
DNS1=10.4.7.254
[root@localhost ~]# # ping -c 4 baidu.com
PING baidu.com (39.156.69.79) 56(84) bytes of data.
64 bytes from 39.156.69.79 (39.156.69.79): icmp_seq=1 ttl=128 time=83.6 ms
64 bytes from 39.156.69.79 (39.156.69.79): icmp_seq=2 ttl=128 time=85.0 ms
64 bytes from 39.156.69.79 (39.156.69.79): icmp_seq=3 ttl=128 time=86.7 ms
64 bytes from 39.156.69.79 (39.156.69.79): icmp_seq=4 ttl=128 time=80.5 ms
--- baidu.com ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 4138ms
rtt min/avg/max/mdev = 80.542/83.972/86.705/2.260 ms
[root@localhost ~]# crontab -e
[root@localhost ~]# crontab -l
#ntp
00 * * * * /usr/sbin/ntpdate ntp6.aliyun.com
[root@localhost ~]#
[root@localhost ~]# reboot
5. 在 [10.4.7.11] 配置DNS服务器
[root@hdss7-11 ~]# yum install wget net-tool telnet tree nmap sysstat lrzsz dos2unix bind-utils -y [root@hdss7-11 ~]# nslookup www.qq.com Server: 10.4.7.254 Address: 10.4.7.254#53 Non-authoritative answer: www.qq.com canonical name = ins-r23tsuuf.ias.tencent-cloud.net. Name: ins-r23tsuuf.ias.tencent-cloud.net Address: 112.53.42.52 Name: ins-r23tsuuf.ias.tencent-cloud.net Address: 112.53.42.114 Name: ins-r23tsuuf.ias.tencent-cloud.net Address: 2402:4e00:1020:1404:0:9227:71ab:2b74 Name: ins-r23tsuuf.ias.tencent-cloud.net Address: 2402:4e00:1020:1404:0:9227:71a3:83d2 [root@hdss7-11 ~]# yum install bind -y [root@hdss7-11 ~]# rpm -qa bind bind-9.11.4-26.P2.el7_9.4.x86_64 [root@hdss7-11 ~]# cp -af /etc/named.conf /etc/named.conf.bak [root@hdss7-11 ~]# vim /etc/named.conf [root@hdss7-11 ~]# named-checkconf [root@hdss7-11 ~]# vim /etc/named.rfc1912.zones [root@hdss7-11 ~]# egrep ‘port|forwarders|allow|dnssec‘ /etc/named.conf listen-on port 53 { 10.4.7.11; }; listen-on-v6 port 53 { ::1; }; allow-query { any; }; forwarders { 10.4.7.254; }; dnssec-enable no; dnssec-validation no; [root@hdss7-11 ~]# named-checkconf [root@hdss7-11 ~]# tail -12 /etc/named.rfc1912.zones zone "host.com" IN { type master; file "host.com.zone"; allow-update { 10.4.7.11; }; }; zone "od.com" IN { type master; file "od.com.zone"; allow-update { 10.4.7.11; }; }; [root@hdss7-11 ~]#