hello world!
debian 常用配置
系统初始化
仓库配置及常用软件安装
cp /etc/apt/sources.list /etc/apt/sources.list.bak
sed -i 's/deb.debian.org/mirrors.ustc.edu.cn/g' /etc/apt/sources.list
sed -i 's/security.debian.org/mirrors.ustc.edu.cn/g' /etc/apt/sources.list
apt update && apt upgrade && apt install -y bash-completion curl wget vim git sudo man lsb-release
# 配置 vim
echo 'set paste' >> /etc/vim/vimrc
# 配置自动补全
cat >> /etc/profile <<EOF
if [ -f /etc/bash_completion ]; then
. /etc/bash_completion
fi
EOF
source /etc/profile
系统常用配置
# 时区配置
timedatectl set-timezone Asia/Shanghai
# 语言环境配置
localectl set-locale LANG=zh_CN.utf8
# 网卡静态地址配置
cp /etc/network/interfaces /etc/network/interfaces.bak
cat > /etc/network/interfaces <<EOF
source /etc/network/interfaces.d/*
auto lo
iface lo inet loopback
allow-hotplug ens33
iface ens33 inet static
address 10.1.1.21
network 10.1.1.0
netmask 255.255.255.0
broadcast 10.1.1.255
gateway 10.1.1.2
EOF
# hostname 设置
export HOSTNAME=hostname
hostnamectl set-hostname $HOSTNAME
echo "127.0.1.1 $HOSTNAME" >> /etc/hosts
# ssh 证书生成
ssh-keygen -t rsa -b 2048 -N '' -f /root/.ssh/id_rsa > /dev/null
cat /root/.ssh/id_rsa.pub >> /root/.ssh/authorized_keys
常用软件快速安装
docker 安装
# docker安装
curl -fsSL https://get.daocloud.io/docker | bash -s docker --mirror Aliyun
# 或者
curl -fsSL https://get.docker.com | bash -s docker --mirror Aliyun
# 设置源
curl -sSL https://get.daocloud.io/daotools/set_mirror.sh | sh -s http://f1361db2.m.daocloud.io
# 或者
cat > /etc/docker/daemon.json << EOF
{
"exec-opts": ["native.cgroupdriver=systemd"],
"registry-mirrors": [
"https://registry.docker-cn.com",
"https://docker.mirrors.ustc.edu.cn",
"http://hub-mirror.c.163.com"
],
"max-concurrent-downloads": 10,
"log-driver": "json-file",
"storage-driver": "overlay2",
"log-level": "warn",
"log-opts": {
"max-size": "10m",
"max-file": "3"
},
"data-root": "/var/lib/docker"
}
EOF
# 重启 docker
systemctl restart docker.service
# 解决 docker info 后的 WARNING: No swap limit support,改完之后重启生效
sed -i 's/GRUB_CMDLINE_LINUX=""/GRUB_CMDLINE_LINUX="cgroup_enable=memory swapaccount=1"/g' /etc/default/grub
kubernetes 安装
kubeadm 方式安装
# 关闭 swap 分区
swapoff -a && sysctl -w vm.swappiness=0
sed -i 's/.*swap.*/# &/' /etc/fstab
# 官方推荐安装方式(需网络支持)
# https://kubernetes.io/zh/docs/setup/production-environment/tools/kubeadm/install-kubeadm/
sudo apt install -y apt-transport-https ca-certificates curl
sudo curl -fsSLo /usr/share/keyrings/kubernetes-archive-keyring.gpg https://packages.cloud.google.com/apt/doc/apt-key.gpg
# 设置 k8s 源
echo "deb [signed-by=/usr/share/keyrings/kubernetes-archive-keyring.gpg] https://apt.kubernetes.io/ kubernetes-xenial main" | sudo tee /etc/apt/sources.list.d/kubernetes.list
# 使用阿里源
echo "deb [signed-by=/usr/share/keyrings/kubernetes-archive-keyring.gpg] https://mirrors.aliyun.com/kubernetes/apt/ kubernetes-xenial main" | sudo tee /etc/apt/sources.list.d/kubernetes.list
sudo apt update
sudo apt install -y kubelet kubeadm kubectl
# 【可选】阻止软件自动更新
sudo apt-mark hold kubelet kubeadm kubectl
镜像下载
# 查看 k8s 对应组件的版本
kubeadm config images list
# 下载所有镜像
kubeadm config images pull
# 下载指定版本镜像
kubeadm config images pull --kubernetes-version=v1.23.3
proxy安装
docker run -d --name=k8s-haproxy --net=host -v /etc/haproxy:/etc/haproxy:ro haproxy:2.5.4-alpine
创建k8s集群
# k8s 集群初始化
kubeadm init --apiserver-advertise-address 10.1.1.100 --pod-network-cidr=10.244.0.0/16 | tee kubeadm-init.log
# 加入集群
kubeadm join 10.1.1.100:6443 --token me97s3.dactb8c1jqebbqfu --discovery-token-ca-cert-hash sha256:efd377d0d3d35f3b111221ff9afa9275e52298eac00529cce877f8a58bef1a77
# flannel 插件安装
kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
# 常用查询
kubectl get apiservice
kubectl api-versions
kubectl get --raw "/apis/policy/v1/"|jq
kubectl api-resources
kubectl explain <resource>
浙公网安备 33010602011771号