In addition to Weibo, there is also WeChat
Please pay attention
WeChat public account
Shulou
2025-01-16 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Servers >
Share
Shulou(Shulou.com)06/02 Report--
1. Architecture design and environment design 1.1. Architecture design deployment Haproxy provides Endpoint access for Kubernetes to use Keepalived to set the Endpoint entry address to Virtual IP and to achieve redundancy by deploying multiple nodes to deploy highly available Kubernetes clusters using kubeadm, specify that the Virtual IP generated by Endpoint IP for Keepalived uses prometheus as the cluster monitoring system of Kubernetes, and uses grafana as the chart monitoring chart display system Using alertmanager as alarm system, using jenkins + gitlab + harbor to build CI/CD system, using separate domain names to communicate in the Kubernetes cluster, and building DNS services on the intranet to resolve domain names.
1.2. Environment design hostname IP role kube-master-01.sk8s.io-01.sk8s.io192.168.0.201k8s master, haprxoy + keepalived (virtual IP: 192.168.0.250) kube-master-01.sk8s.io-02.sk8s.io192.168.0.202k8s master, haprxoy + keepalived (virtual IP: 192.168.0.250) kube-master-01.sk8s.io-03.sk8s.io192.168.0.203k8s master, DNS, Storage, GitLab Harborkube-node-01.sk8s.io192.168.0.204nodekube-node-02.sk8s.io192.168.0.205node2. Operating system initialization setting 2.1. Close SELINUX [root@localhost ~] # setenforce 0 [root@localhost ~] # sed-I's # ^ SELINUX=.*#SELINUX=disabled#' / etc/sysconfig/selinux [root@localhost ~] # sed-I's # ^ SELINUX=.*#SELINUX=disabled#' / etc/selinux/config2.2. Turn off the useless service [root@localhost ~] # systemctl disable firewalld postfix auditd kdump NetworkManager2.3. Upgrade the system kernel [root@master ~] # rpm-- import https://www.elrepo.org/RPM-GPG-KEY-elrepo.org[root@master ~] # rpm-Uvh http://www.elrepo.org/elrepo-release-7.0-3.el7.elrepo.noarch.rpm [root@master ~] # yum-y-disablerepo=\ *-enablerepo=elrepo-kernel install kernel-lt.x86_64 kernel-lt-devel.x86_64 kernel-lt-headers.x86_64 [root@master ~] # yum-y remove kernel-tools-libs.x86_64 kernel-tools.x86_64 [root@master ~] # yum-y-- disablerepo=\ *-- enablerepo=elrepo-kernel install kernel-lt-tools.x86_64 [root@master ~] # cat / etc/resolv.conf [root@localhost ~] # echo "nameserver 114.114.114.114" > > / etc/resolv.conf [root@localhost ~] # echo 'LANG= "en_US.UTF-8' > / Etc/locale.conf [root@localhost ~] # echo 'export LANG= "en_US.UTF-8" > / etc/profile.d/custom.sh [root@localhost ~] # cat > > / etc/security/limits.conf / etc/hosts.deny2.7. Ssh configuration # create an administrator user and generate a ssh key (download the private key to prohibit retention on the server Copy the public key to another server ~ / .ssh/authorized_keys) [root@localhost ~] # useradd huyuan [root@localhost ~] # echo "sycx123" | passwd-- stdin huyuan [root@localhost ~] # su-huyuan [root@localhost ~] # ssh-keygen-b 4096 [root@localhost ~] # mv ~ / .ssh/id_rsa.pub ~ / .ssh/authorized_keys# goes back to root user [root@localhost ~] # exit# to prohibit DNS anti-decoding Optimize SSH connection speed [root@localhost ~] # sed-I's / ^ # UseDNS.*/UseDNS no/' / etc/ssh/sshd_config# disable password authentication [root@localhost ~] # sed-I's / ^ PasswordAuthentication. * / PasswordAuthentication no/' / etc/ssh/sshd_config# prohibit root users from logging in [root@localhost ~] # sed-I 's/#PermitRootLogin.*/PermitRootLogin no/' / etc/ssh/sshd_config# only allows huyuan to log in to the server Multiple users use spaces to separate [root@localhost ~] # echo "AllowUsers huyuan" > > / etc/ssh/sshd_config# restart service [root@localhost ~] # systemctl restart sshd2.7. Set the unified root password [root@localhost ~] # echo "xxxxx" | passwd-- stdin root 2.8. Set the hostname [root@localhost ~] # hostnamectl set-hostname kube-master-01.sk8s.io-01.sk8s.io [root@localhost ~] # echo "192.168.0.201 kube-master-01.sk8s.io-01.sk8s.io" > > / etc/hosts [root@localhost ~] # echo "192.168.0.202 kube-master-01.sk8s.io-02.sk8s.io" > > / etc/hosts [root@localhost ~] # echo "192.168.0. 203 kube-master-01.sk8s.io-03.sk8s.io "> / etc/hosts [root@localhost ~] # echo" 192.168.0.204 kube-node-01.sk8s.io "> / etc/hosts [root@localhost ~] # echo" 192.168.0.205 kube-node-02.sk8s.io "> > / etc/hosts3. Initialize Kubernetes cluster 3. 1. Install and configure docker (all nodes) [root@kube-master-01.sk8s.io01 ~] # yum install-y yum-utils device-mapper-persistent-data lvm2 [root@kube-master-01.sk8s.io01 ~] # yum-config-manager-add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo[root@kube-master-01.sk8s.io01 ~] # yum- y install docker-ce-18.09.6 docker- Ce-cli-18.09.6 [root@kube-master-01.sk8s.io01 ~] # cat / etc/docker/daemon.json {"registry-mirrors": ["https://c7i79lkw.mirror.aliyuncs.com"], "insecure-registries": ["122.228.208.72 log-driver 9000"], "exec-opts": ["native.cgroupdriver=systemd"], "log-driver": "json-file", "graph": "/ opt/docker", "log-opts": {"max-size": "100m"} "storage-driver": "overlay2"} [root@kube-master-01.sk8s.io01] # systemctl enable docker [root@kube-master-01.sk8s.io01] # systemctl start docker3.2. Configure haproxy as ApiServer Agent # install and configure [root@kube-master-01.sk8s.io01 ~] # yum-y install haproxy [root@kube-master-01.sk8s.io01 ~] # cat > / etc/haproxy/haproxy.cfg / etc/keepalived/keepalived.conf > / etc/rsyslog.conf# configuration keepalived log [root@kube-master-01.sk8s.io01 ~] # cp / etc/sysconfig/keepalived {on kube-master-01.sk8s.io01 and kube-master-01.sk8s.io02 hosts .bak} [root@kube-master-01.sk8s.io01 ~] # echo KEEPALIVED_OPTIONS= "- D-d-S 0" > / etc/sysconfig/keepalived [root@kube-master-01.sk8s.io01 ~] # echo "local0.* / var/log/keepalived.log" > > / etc/rsyslog.conf# since haproxy logs are transmitted through udp, you need to open the udp port of rsyslog, which is in rsyslog. Remove the comments [root@kube-master-01.sk8s.io01 ~] # cat / etc/rsyslog.conf$ModLoad imudp$UDPServerRun 514 [root@kube-master-01.sk8s.io01 ~] # systemctl restart rsyslog [root@kube-master-01.sk8s.io01 ~] # systemctl restart haproxy [root@kube-master-01.sk8s.io01 ~] # systemctl restart keepalived3.5. Install kubelet kubeadm and kubectl [root@kube-master-01.sk8s.io01 ~] # cat > / etc/yum.repos.d/kubernetes.repo / etc/sysconfig/modules/ipvs.modules kubeadm-init.yaml coredns.yaml
Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.
Views: 0
*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.
Continue with the installation of the previous hadoop.First, install zookooper1. Decompress zookoope
"Every 5-10 years, there's a rare product, a really special, very unusual product that's the most un
© 2024 shulou.com SLNews company. All rights reserved.
12
Report
