架构：服务器采用Master-nodes（3台）+ Worker-nodes(2台)

一，服务准备工作

（1）在所有（5台）机器配置

1. 主机名绑定，如下：

cat  /etc/hosts

192.168.0.100 k8s-master01
192.168.0.106 k8s-master02
192.168.0.107 k8s-master03
192.168.0.200 k8s-master-lb   # 此ip为keeplived漂移ip
192.168.0.108 k8s -node01
192.168.0.109 k8s -node02

2. 关闭每一台服务器的防火墙、selinux、dnsmasq、swap。配置如下：

systemctl disable --now firewalld
systemctl disable --now dnsmasq # 一般没有，报错忽略
systemctl disable --now networkManager  #Centos8及以上版本无需关闭

setenforce 0

3. 关闭开机自动重启设置

vi /etc/sysconfig/selinux

SELINUX=enforcing 改成 SELINUX=disable 

4. 关闭swapoff，其影响docker性能

swapoff -a && sysctl -w vm.swappiness=0

5. 关闭fstab，注释掉该行就行

#/dev/mapper/cl-swap  swap   swap  defaults 0 0

6. 同步服务器时间，通过ntpdate

rpm -ivh http://mirrors.wlnmp.com/centos/wlnmp-release-centos.noarch.rpm  #下载
yum install wntp -y  # 安装

ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
echo 'Asia/Shanghai'>/etc/timezone
ntpdate time2.aliyun.com

crontab -e # 加入开机启动
* /5 *  *  *  * ntpdate time2.aliyun.com

7. 更改链接限制

ulimit -SHn 65535
#配置文件位置：vi /etc/security/limits.conf

8. 导入centos8的源地址

curl -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-8.repo

yum install -y yum-utils device-mapper-persistent-data lvm2

9. 导入K8S的源地址

cat <<E0F> /etc/yum.repos.d/kubernetes .repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes -el7-x86_64/
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF

sed -i -e '/mirrors.cloud.aliyuncs.com/d' -e 'mirrors.aliyuncs.com/d' /etc/yum.repos.d/CentOS-Base.repo

10. 所有节点升级系统并重启:

yum instal wget jq psmisc vim net-tools telnet yum-utils device-mapper-persistent-data lvm2 -y

yum update -y --exclude=kernel* && reboot #Centos7需要升级，8不需要,下一步升级内核

如果为Centos7版本，需要升级内核到4.18+：

rpm --import https://www.elrepo.org/RPM-GPG-KEY-elrepo.org
rpm -Uvh http://www.elrepo.org/elrepo-release-7.0-2.el7.elrepo.noarch.rpm
dnf --disablerepo=\* --enablerepo=elrepo -y install kernel-ml kernel-ml-develgrubby --defaut-kernel

11. 安装ipvsadm

yum install ipvsadm ipset sysstat conntrack libseccomp -y  
#安装完成后
modprobe -- ip_vs
modprobe -- ip_vs_rr
modprobe -- ip_vs_wrr
modprobe -- ip_vs_sh
modprobe -- nf_conntrack_ipv4

# 设置ip模块
vim /etc/modules-load.d/ipvs.conf

ip_vs
ip_vs_rr
ip_vs_wrr
ip_vs_sh
nf_conntrack_ipv4
ip_tables
ip_set
xt_set
ipt_set
ipt_rpfilter
ipt_REJECT
ipip

# 设置开机启动
systemctl enable --now systemd-modules-load.service

# 查看是否加载
lsmod | grep -e ip_vs -e nf_conntrack_ipv4

（2）仅在Master01机器配置

ssh-keygen -t rsa

for i in k8s-master01 k8s-master02 k8s-master03 k8s-node01 k8s-node02; do ssh-copy-id -i .ssh/id_rsa.pub $i; done

git clone https://github.com/dotbalo/k8s-ha-install.git