在部署kubernetes之前,对系统的一些基础优化和准备。
1.docker的一些处理
Cgroup驱动改为 systemd
/etc/docker/daemon.json
"exec-opts": [
"native.cgroupdriver=systemd"
]
docker镜像代理
cat <<EOF > /etc/systemd/system/docker.service.d/http-proxy.conf
[Service]
Environment="HTTP_PROXY=http://192.168.0.99:10001" "HTTPS_PROXY=http://192.168.0.99:10001" "NO_PROXY=localhost,127.0.0.1,docker.sklinux.com"
EOF
重启生效
systemctl daemon-reload && systemctl restart docker
2.关闭swap
临时关闭
swapoff -a
长期生效修改fstab
3.ntp时间同步
apt install ntp -y
systemctl enable ntp
4.优化文件描述符/etc/security/limits.conf
* hardnofile 65536
* softnofile 65536
* hardnproc 65536
* softnproc 65536
5.修改内核参数/etc/sysctl.conf
net.ipv4.tcp_tw_reuse = 1
net.ipv4.ip_local_port_range = 10240 65535
net.ipv4.tcp_fin_timeout = 30
net.ipv4.tcp_max_syn_backlog = 8192
net.ipv4.tcp_max_tw_buckets = 36000
net.ipv4.tcp_keepalive_time = 1200
net.core.rmem_max = 16777216
net.core.wmem_max = 16777216
net.core.somaxconn = 16384
6.开启ipvs
apt-get install ipvsadm -y
apt install ipset -y
modprobe ip_vs
安装
kubeadm init --config=./1.17.yaml --dry-run
kubeadm init --config=./1.17.yaml
7.覆盖网络
curl https://docs.projectcalico.org/v3.9/manifests/calico.yaml -O
POD_CIDR="<your-pod-cidr>" \
sed -i -e "s?192.168.0.0/16?$POD_CIDR?g" calico.yaml
kubectl apply -f calico.yaml