在81,83,84上同步操作
[root@k8s1 ~]# systemctl stop firewalld
[root@k8s1 ~]# systemctl disable firewalld
Removed symlink /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
[root@k8s1 ~]# iptables -F && iptables -t nat -F && iptables -t mangle -F &&iptables -X
[root@k8s1 ~]# setenforce 0
[root@k8s1 ~]# sed -i 's/enforcing/disabled/' /etc/selinux/config
[root@k8s1 ~]# swapoff -a
[root@k8s1 ~]# sed -ri 's/.*swap.*/#&/' /etc/fstab
[root@k8s1 ~]# hostnamectl set-hostname master01
[root@k8s1 ~]# su
[root@master01 ~]# cat >> /etc/hosts << EOF
> 192.168.233.81 master01
> 192.168.233.83 node01
> 192.168.233.84 node02
> EOF
[root@master01 ~]# cd /etc/sysctl.d/
[root@master01 sysctl.d]# ls
99-sysctl.conf k8s.conf
[root@master01 sysctl.d]# vim k8s.conf
[root@master01 sysctl.d]# cat > /etc/sysctl.d/k8s.conf << EOF
> net.bridge.bridge-nf-call-ip6tables = 1
> net.bridge.bridge-nf-call-iptables = 1
> net.ipv6.conf.all.disable_ipv6=1
> net.ipv4.ip_forward=1
> EOF
[root@master01 sysctl.d]# sysctl --system
[root@master01 sysctl.d]# yum install ntpdate -y
[root@master01 sysctl.d]# ntpdate ntp.aliyun.com
[root@master01 sysctl.d]# systemctl start docker.service
[root@master01 sysctl.d]# cd /opt
[root@master01 opt]# mv cfssl cfssl-certinfo cfssljson /usr/local/bin/
[root@master01 opt]# chmod 777 /usr/local/bin/cfssl*
[root@master01 opt]# cd /usr/local/bin/
[root@master01 bin]# ls
cfssl cfssl-certinfo cfssljson docker-compose
[root@master01 bin]# cd /opt
[root@master01 opt]# ls
containerd harbor harbor-offline-installer-v2.8.1.tgz rh
[root@master01 opt]# mkdir k8s
[root@master01 opt]# ls
containerd harbor harbor-offline-installer-v2.8.1.tgz k8s rh
[root@master01 opt]# cd k8s/
[root@master01 k8s]# ls
etcd-cert.sh etcd.sh
#把脚本放进去
[root@master01 k8s]# vim etcd-cert.sh
[root@master01 k8s]# vim etcd.sh
[root@master01 k8s]# chmod 777 etcd-cert.sh etcd.sh
[root@master01 k8s]# ls
etcd-cert.sh etcd.sh
[root@master01 k8s]# mkdir /opt/k8s/etcd-cert
[root@master01 k8s]# ls
etcd-cert etcd-cert.sh etcd.sh
[root@master01 k8s]# mv etcd-cert.sh etcd-cert/
[root@master01 k8s]# cd etcd-cert/
[root@master01 etcd-cert]# ls
etcd-cert.sh
[root@master01 etcd-cert]# ./etcd-cert.sh
[root@master01 etcd-cert]# ls
ca-config.json ca-csr.json ca.pem server.csr server-key.pem
ca.csr ca-key.pem etcd-cert.sh server-csr.json server.pem
[root@master01 k8s]# ls
etcd-cert etcd.sh etcd-v3.4.9-linux-amd64.tar.gz
[root@master01 k8s]# tar -xf etcd
etcd-cert/ etcd-v3.4.9-linux-amd64.tar.gz
etcd.sh
[root@master01 k8s]# tar -xf etcd-
etcd-cert/ etcd-v3.4.9-linux-amd64.tar.gz
[root@master01 k8s]# tar -xf etcd-v3.4.9-linux-amd64.tar.gz
[root@master01 k8s]# ls
etcd-cert etcd.sh etcd-v3.4.9-linux-amd64 etcd-v3.4.9-linux-amd64.tar.gz
[root@master01 k8s]# cd etcd-v3.4.9-linux-amd64/
[root@master01 etcd-v3.4.9-linux-amd64]# ls
Documentation etcd etcdctl README-etcdctl.md README.md READMEv2-etcdctl.md
[root@master01 k8s]# mkdir -p /opt/etcd/{cfg,bin,ssl}
[root@master01 k8s]# cd /opt/etcd/
[root@master01 etcd]# ls
bin cfg ssl
[root@master01 opt]# cd k8s/
[root@master01 k8s]# cd etcd-v3.4.9-linux-amd64/
[root@master01 etcd-v3.4.9-linux-amd64]# mv etcd etcdctl /opt/etcd/bin/