|NO.Z.00025|——————————|^^ 部署 ^^|——|KuberNetes&二進位制部署.V03|5臺Server|---------------------------------------|核心升級|
阿新 • • 發佈:2022-03-29
[CloudNative:KuberNetes&二進位制部署.V03] [Applications.KuberNetes] [|DevOps|k8s|**5節點**|二進位制1.20|核心升級|——|核心升級|ipvsadm|更改核心啟動順序|]
一、核心升級
### --- 在master01節點下載核心:併發送到其它節點 ~~~ # CentOS7 需要升級核心至4.18+,本地升級的版本為4.19 [root@k8s-master01 ~]# cd /root [root@k8s-master01 ~]# wget http://193.49.22.109/elrepo/kernel/el7/x86_64/RPMS/kernel-ml-devel-4.19.12-1.el7.elrepo.x86_64.rpm [root@k8s-master01 ~]# wget http://193.49.22.109/elrepo/kernel/el7/x86_64/RPMS/kernel-ml-4.19.12-1.el7.elrepo.x86_64.rpm
~~~ # 從master01節點傳到其他節點:
[root@k8s-master01 ~]# for i in k8s-master02 k8s-master03 k8s-node01 k8s-node02;do scp kernel-ml-4.19.12-1.el7.elrepo.x86_64.rpm kernel-ml-devel-4.19.12-1.el7.elrepo.x86_64.rpm $i:/root/ ; done
### --- 所有節點升級核心 ~~~ # 安裝升級版本 [root@k8s-master01 ~]# cd /root && yum localinstall -y kernel-ml*
### --- 所有節點更改核心啟動順序 ~~~ # 所有節點更改核心啟動順序 [root@k8s-master01 ~]# grub2-set-default 0 && grub2-mkconfig -o /etc/grub2.cfg Generating grub configuration file ... Found linux image: /boot/vmlinuz-4.19.12-1.el7.elrepo.x86_64 Found initrd image: /boot/initramfs-4.19.12-1.el7.elrepo.x86_64.img Found linux image: /boot/vmlinuz-3.10.0-862.el7.x86_64 Found initrd image: /boot/initramfs-3.10.0-862.el7.x86_64.img Found linux image: /boot/vmlinuz-0-rescue-4b3d62142f324acdbb2029692b12be10 Found initrd image: /boot/initramfs-0-rescue-4b3d62142f324acdbb2029692b12be10.img done
~~~ # 更改核心啟動順序
[root@k8s-master01 ~]# grubby --args="user_namespace.enable=1" --update-kernel="$(grubby --default-kernel)"
### --- 檢查預設核心是不是4.19
~~~ # 檢視預設核心是否為4.19.12
[root@k8s-master01 ~]# grubby --default-kernel
/boot/vmlinuz-4.19.12-1.el7.elrepo.x86_64
### --- 所有節點重啟,然後檢查核心是不是4.19
~~~ # 檢視核心版本是否更新過來
~~~ 沒有更新過來,系統重啟後更新為4.19
[root@k8s-master01 ~]# uname -a
Linux k8s-master01 3.10.0-862.el7.x86_64 #1 SMP Fri Apr 20 16:44:24 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
二、所有節點安裝ipvsadm:
### --- 所有節點安裝ipvsadm
~~~ # 所有節點安裝ipvsadm
[root@k8s-master01 ~]# yum install ipvsadm ipset sysstat conntrack libseccomp -y
### --- 臨時生效;所有節點配置ipvs模組,
~~~ # 臨時生效
~~~ 在核心4.19+版本nf_conntrack_ipv4已經改為nf_conntrack, 4.18以下使用nf_conntrack_ipv4即可:
[root@k8s-master01 ~]# modprobe -- ip_vs
[root@k8s-master01 ~]# modprobe -- ip_vs_rr
[root@k8s-master01 ~]# modprobe -- ip_vs_wrr
[root@k8s-master01 ~]# modprobe -- ip_vs_sh
[root@k8s-master01 ~]# modprobe -- nf_conntrack
### --- 永久生效;所有節點配置ipvs模組
~~~ # 寫入配置檔案,永久生效
[root@k8s-master01 ~]# vim /etc/modules-load.d/ipvs.conf
ip_vs
ip_vs_lc
ip_vs_wlc
ip_vs_rr
ip_vs_wrr
ip_vs_lblc
ip_vs_lblcr
ip_vs_dh
ip_vs_sh
ip_vs_fo
ip_vs_nq
ip_vs_sed
ip_vs_ftp
ip_vs_sh
nf_conntrack
ip_tables
ip_set
xt_set
ipt_set
ipt_rpfilter
ipt_REJECT
ipip
### --- 讓配置引數生效
~~~ # 然後執行systemctl enable --now systemd-modules-load.service即可
[root@k8s-master01 ~]# systemctl enable --now systemd-modules-load.service
### --- 檢查配置引數是否生效
~~~ # 檢查是否載入:
[root@k8s-master01 ~]# lsmod | grep -e ip_vs -e nf_conntrack
ip_vs_sh 16384 0
ip_vs_wrr 16384 0
ip_vs_rr 16384 0
ip_vs 151552 6 ip_vs_rr,ip_vs_sh,ip_vs_wrr
nf_conntrack 143360 1 ip_vs
nf_defrag_ipv6 20480 1 nf_conntrack
nf_defrag_ipv4 16384 1 nf_conntrack
libcrc32c 16384 3 nf_conntrack,xfs,ip_vs
### --- 開啟系統必須核心引數
~~~ # 開啟一些k8s叢集中必須的核心引數,所有節點配置k8s核心:
[root@k8s-master01 ~]# cat <<EOF > /etc/sysctl.d/k8s.conf
net.ipv4.ip_forward = 1
net.bridge.bridge-nf-call-iptables = 1
net.bridge.bridge-nf-call-ip6tables = 1
fs.may_detach_mounts = 1
vm.overcommit_memory=1
vm.panic_on_oom=0
fs.inotify.max_user_watches=89100
fs.file-max=52706963
fs.nr_open=52706963
net.netfilter.nf_conntrack_max=2310720
net.ipv4.tcp_keepalive_time = 600
net.ipv4.tcp_keepalive_probes = 3
net.ipv4.tcp_keepalive_intvl =15
net.ipv4.tcp_max_tw_buckets = 36000
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_max_orphans = 327680
net.ipv4.tcp_orphan_retries = 3
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_max_syn_backlog = 16384
net.ipv4.ip_conntrack_max = 65536
net.ipv4.tcp_max_syn_backlog = 16384
net.ipv4.tcp_timestamps = 0
net.core.somaxconn = 16384
EOF
~~~ # 讓核心引數生效
[root@k8s-master01 ~]# sysctl --system
三、重啟系統:讓配置引數生效
### --- 所有節點配置完核心後,重啟伺服器,保證重啟後核心依舊載入
~~~ # 重啟系統
[root@k8s-master01 ~]# reboot
~~~ # 檢視核心引數是否載入
[root@k8s-master01 ~]# lsmod | grep --color=auto -e ip_vs -e nf_conntrack
ip_vs_ftp 16384 0
nf_nat 32768 1 ip_vs_ftp
ip_vs_sed 16384 0
ip_vs_nq 16384 0
ip_vs_fo 16384 0
ip_vs_sh 16384 0
ip_vs_dh 16384 0
ip_vs_lblcr 16384 0
ip_vs_lblc 16384 0
ip_vs_wrr 16384 0
ip_vs_rr 16384 0
ip_vs_wlc 16384 0
ip_vs_lc 16384 0
ip_vs 151552 24 ip_vs_wlc,ip_vs_rr,ip_vs_dh,ip_vs_lblcr,ip_vs_sh,ip_vs_fo,ip_vs_nq,ip_vs_lblc,ip_vs_wrr,ip_vs_lc,ip_vs_sed,ip_vs_ftp
nf_conntrack 143360 2 nf_nat,ip_vs
nf_defrag_ipv6 20480 1 nf_conntrack
nf_defrag_ipv4 16384 1 nf_conntrack
libcrc32c 16384 4 nf_conntrack,nf_nat,xfs,ip_vs
### --- 檢視系統核心是否已經完成更新
~~~ # 通過uname -a檢視系統核心版本是否生效
[root@k8s-master01 ~]# uname -a
Linux k8s-master01 4.19.12-1.el7.elrepo.x86_64 #1 SMP Fri Dec 21 11:06:36 EST 2018 x86_64 x86_64 x86_64 GNU/Linux
Walter Savage Landor:strove with none,for none was worth my strife.Nature I loved and, next to Nature, Art:I warm'd both hands before the fire of life.It sinks, and I am ready to depart ——W.S.Landor
來自為知筆記(Wiz)