CentOS7安装Rancher并部署kubernetes
setenforce 0
sudo sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config
systemctl stop firewalld.service && systemctl disable firewalld.service
ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
echo 'LANG="en_US.UTF-8"' >> /etc/profile;source /etc/profile
cat /etc/hosts
192.168.6.105 rancher
192.168.6.105 node1
chronyc sources -v
cat >> /etc/sysctl.conf<<EOF
> net.ipv4.ip_forward=1
> net.bridge.bridge-nf-call-iptables=1
> net.ipv4.neigh.default.gc_thresh1=4096
> net.ipv4.neigh.default.gc_thresh2=6144
> net.ipv4.neigh.default.gc_thresh3=8192
> EOF
sysctl -p
cat add_mod.sh
#!/bin/sh
mods=(
br_netfilter
ip6_udp_tunnel
ip_set
ip_set_hash_ip
ip_set_hash_net
iptable_filter
iptable_nat
iptable_mangle
iptable_raw
nf_conntrack_netlink
nf_conntrack
nf_conntrack_ipv4
nf_defrag_ipv4
nf_nat
nf_nat_ipv4
nf_nat_masquerade_ipv4
nfnetlink
udp_tunnel
VETH
VXLAN
x_tables
xt_addrtype
xt_conntrack
xt_comment
xt_mark
xt_multiport
xt_nat
xt_recent
xt_set
xt_statistic
xt_tcpudp
)
for mod in ${mods[@]};do
modprobe $mod
lsmod |grep $mod
done
chmod a+x add_mod.sh
./add_mod.sh
mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.backup
wget -O /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-7.repo
yum makecache
yum remove docker \
docker-client \
docker-client-latest \
docker-common \
docker-latest \
docker-latest-logrotate \
docker-logrotate \
docker-selinux \
docker-engine-selinux \
docker-engine \
container*
yum install -y yum-utils device-mapper-persistent-data lvm2 bash-completion
yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
yum-config-manager --enable docker-ce-stable
yum install -y docker-ce
systemctl enable docker
systemctl start docker
cat /etc/docker/daemon.json
{
"registry-mirrors": ["https://7bezldxe.mirror.aliyuncs.com/"],
"max-concurrent-downloads": 3,
"max-concurrent-uploads": 5,
"storage-driver": "overlay2",
"storage-opts": ["overlay2.override_kernel_check=true"],
"log-driver": "json-file",
"log-opts": {
"max-size": "100m",
"max-file": "3"
}
}
docker run -d --restart=unless-stopped -p 80:80 -p 443:443 rancher/rancher:stable
cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF
yum install -y kubectl
mkdir ~/.kube/
vim ~/.kube/config
mkdir -p ~/yaml
cat > ~/yaml/dashboard_service_account_admin.yaml <<EOF
> apiVersion: v1
> kind: ServiceAccount
> metadata:
> name: admin-user
> namespace: kube-system
> EOF
cat > ~/yaml/dashboard_cluster_role_binding_admin.yaml <<EOF
> apiVersion: rbac.authorization.k8s.io/v1
> kind: ClusterRoleBinding
> metadata:
> name: admin-user
> roleRef:
> apiGroup: rbac.authorization.k8s.io
> kind: ClusterRole
> name: cluster-admin
> subjects:
> - kind: ServiceAccount
> name: admin-user
> namespace: kube-system
> EOF
cd ~/yaml/
kubectl apply -f dashboard_service_account_admin.yaml
kubectl apply -f dashboard_cluster_role_binding_admin.yaml
kubectl edit deployment kube-system-kubernetes-dashboard -n kube-system
kubectl -n kube-system describe secret $(kubectl -n kube-system get secret | grep admin-user | awk '{print $1}’)