这是一种简单的网络模型,虚拟机和外部环境完全断开,只允许虚拟机之间互相访问,用的比较少
小结 Model VM -> host host -> VM VM <-> VM VM -> Internet Internet -> VMBridged + + + + +
NAT + Port Forwarding - + Port Forwarding
NAT Network + Port Forwarding + + Port Forwarding
Host-only + + + - -
Internal - - + - -
关于vagrant的网络
参考文档 https://www.vagrantup.com/docs/networking
vagrant支持3种网络配置,可以在Vagrantfile中进行配置:
端口映射,比如访问本机的8080端口、转发到虚拟机的80端口(默认为tcp,如果需要转发udp则指定Protocol为udp)
config.vm.network "forwarded_port", guest: 80, host: 8080私有网络,对应Host-only网络,允许主机访问虚拟机,以及虚拟机之间互相访问,其它机器无法访问虚拟机,安全性高
config.vm.network "private_network", ip: "192.168.21.4"共有网络,对应bridge网络,相当于一个独立的网络设备
config.vm.network "public_network", ip: "192.168.1.120" docker安装docker官方文档 https://docs.docker.com/engine/install/
设置官方的软件源
$ sudo yum install -y yum-utils $ sudo yum-config-manager \ --add-repo \ https://download.docker.com/linux/centos/docker-ce.repo安装docker引擎
$ sudo yum install docker-ce docker-ce-cli containerd.io启动docker
$ sudo systemctl start docker k8s安装k8s官方文档 https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/install-kubeadm/
确保 iptables 工具不使用 nftables 后端
update-alternatives --set iptables /usr/sbin/iptables-legacy update-alternatives --set ip6tables /usr/sbin/ip6tables-legacy update-alternatives --set arptables /usr/sbin/arptables-legacy update-alternatives --set ebtables /usr/sbin/ebtables-legacy设置源,并安装 kubelet kubeadm kubectl
cat <<EOF > /etc/yum.repos.d/kubernetes.repo [kubernetes] name=Kubernetes baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64 enabled=1 gpgcheck=1 repo_gpgcheck=1 gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg EOF # 将 SELinux 设置为 permissive 模式(相当于将其禁用) setenforce 0 sed -i 's/^SELINUX=enforcing$/SELINUX=permissive/' /etc/selinux/config yum install -y kubelet kubeadm kubectl --disableexcludes=kubernetes systemctl enable --now kubelet 初始化集群 kubeadm init在主节点上执行kubeadm初始化
[root@localhost vagrant]# kubeadm init [init] Using Kubernetes version: v1.20.0 [preflight] Running pre-flight checks [WARNING Service-Docker]: docker service is not enabled, please run 'systemctl enable docker.service' [WARNING IsDockerSystemdCheck]: detected "cgroupfs" as the Docker cgroup driver. The recommended driver is "systemd". Please follow the guide at https://kubernetes.io/docs/setup/cri/ [WARNING SystemVerification]: this Docker version is not on the list of validated versions: 20.10.1. Latest validated version: 19.03 error execution phase preflight: [preflight] Some fatal errors occurred: [ERROR NumCPU]: the number of available CPUs 1 is less than the required 2 [ERROR Mem]: the system RAM (486 MB) is less than the minimum 1700 MB [ERROR FileContent--proc-sys-net-bridge-bridge-nf-call-iptables]: /proc/sys/net/bridge/bridge-nf-call-iptables contents are not set to 1 [ERROR Swap]: running with swap on is not supported. Please disable swap [preflight] If you know what you are doing, you can make a check non-fatal with `--ignore-preflight-errors=...` To see the stack trace of this error execute with --v=5 or higherdocker service is not enabled的告警,直接执行systemctl enable docker.service解决,docker会被设置为开机自启动
cgroupfs 问题告警,意思是systemd作为cgroup驱动更加稳定,让你用这个,不同的cri的设置可以参考https://kubernetes.io/docs/setup/cri/
docker版本问题告警,我的docker版本过新了,官方还没有测试过,最后一个验证过的版本是19.03
Error部分CPU和内存不足的问题,打开VirtualBox,在虚拟机的设置中将CPU的核数调整为2或以上、内存大小调整为1700MB或以上即可
