65 lines
		
	
	
		
			1.7 KiB
		
	
	
	
		
			Plaintext
		
	
	
	
	
	
		
		
			
		
	
	
			65 lines
		
	
	
		
			1.7 KiB
		
	
	
	
		
			Plaintext
		
	
	
	
	
	
|  | # 配置各节点的IP地址和主机名映射 | ||
|  | k8s-master: 192.168.31.11/24 | ||
|  | k8s-node-01: 192.168.31.12/24 | ||
|  | k8s-node-02: 192.168.31.13/24 | ||
|  | # 设置主机名为 k8s-master | ||
|  | hostnamectl set-hostname k8s-master | ||
|  | hostnamectl set-hostname k8s-node-01 | ||
|  | hostnamectl set-hostname k8s-node-02 | ||
|  | 
 | ||
|  | # 修改host文件 | ||
|  | echo "192.168.31.11 k8s-master km" >> /etc/hosts | ||
|  | echo "192.168.31.12 k8s-node-01 kn1" >> /etc/hosts | ||
|  | echo "192.168.31.13 k8s-node-02 kn2" >> /etc/hosts | ||
|  | 
 | ||
|  | # 关闭防火墙 | ||
|  | systemctl disable firewalld --now | ||
|  | 
 | ||
|  | # 关闭SELinux | ||
|  | setenforce 0 | ||
|  | sed -i 's/^SELINUX=enforcing$/SELINUX=disabled/' /etc/selinux/config | ||
|  | 
 | ||
|  | # 关闭交换分区 | ||
|  | swapoff -a | ||
|  | sed -i '/swap/d' /etc/fstab # 永久关闭交换分区 | ||
|  | 
 | ||
|  | ## 配置内核参数,开启 IP 转发和网桥过滤 | ||
|  | # 创建配置文件 | ||
|  | sudo tee /etc/modules-load.d/k8s.conf <<EOF | ||
|  | overlay | ||
|  | br_netfilter | ||
|  | EOF | ||
|  | # 加载模块 | ||
|  | sudo modprobe overlay | ||
|  | sudo modprobe br_netfilter | ||
|  | # 设置内核参数 | ||
|  | sudo tee /etc/sysctl.d/k8s.conf <<EOF | ||
|  | net.bridge.bridge-nf-call-iptables  = 1 | ||
|  | net.bridge.bridge-nf-call-ip6tables = 1 | ||
|  | net.ipv4.ip_forward                 = 1 | ||
|  | EOF | ||
|  | # 应用内核参数 | ||
|  | sudo sysctl --system | ||
|  | # 查看内核参数 | ||
|  | sysctl net.bridge.bridge-nf-call-iptables | ||
|  | 
 | ||
|  | ## 配置时间同步 | ||
|  | # 安装 chrony 时间同步服务 | ||
|  | dnf install -y chrony | ||
|  | # 启动并设置 chrony 开机自启 | ||
|  | systemctl enable --now chronyd | ||
|  | # 查看时间同步状态,确保有 NTP 源并且时间已同步 | ||
|  | chronyc sources | ||
|  | 
 | ||
|  | # 配置 SSH 免密登录 | ||
|  | # 在 master 节点上生成 SSH 密钥对 | ||
|  | ssh-keygen -t rsa -N "" -f ~/.ssh/id_rsa | ||
|  | # 将公钥复制到所有节点,包括 master 自己 | ||
|  | ssh-copy-id -i ~/.ssh/id_rsa.pub root@k8s-master | ||
|  | ssh-copy-id -i ~/.ssh/id_rsa.pub root@k8s-node-01 | ||
|  | ssh-copy-id -i ~/.ssh/id_rsa.pub root@k8s-node-02 | ||
|  | 
 | ||
|  | # 重启服务器 | ||
|  | reboot | ||
|  | 
 |