新服务器加入到已有的K8S集群中

一、配置node节点环境

1、免密登录

vim .ssh/authorized_keys

添加ssh密钥

xxxxxxxxxxxxx

2、添加DNS解析

vim /etc/resolv.conf

nameserver 114.114.114.114

3、配置环境（参考法规）

配置防火墙，selinux，yum源，主机名，磁盘分区，时区同步

4、关闭swap分区

sudo sed -i 's/^\(.*swap.*\)$/#\1/g' /etc/fstab 
sudo swapoff -a

5、时区同步

sudo yum -y install ntpdate
sudo ntpdate ntp1.aliyun.com
sudo systemctl start ntpdate
sudo systemctl status ntpdate
sudo systemctl enable ntpdate

6、清空防火墙策略并且关闭防火墙 关闭selinux

iptables -F

iptables-save

systemctl stop firewalld

systemctl disable firewalld

echo "SELINUX=disabled
# SELINUXTYPE= can take one of these three values:
#     targeted - Targeted processes are protected,
#     minimum - Modification of targeted policy. Only selected processes are protected.
#     mls - Multi Level Security protection.
SELINUXTYPE=targeted" > /etc/selinux/config

7、加载内核模块和ipv4、ipv6的配置

vim /etc/sysctl.d/k8s.conf

cat <<EOF | sudo tee /etc/modules-load.d/k8s.conf
overlay
br_netfilter
EOF

sudo modprobe overlay
sudo modprobe br_netfilter

# sysctl params required by setup, params persist across reboots
cat <<EOF | sudo tee /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-iptables  = 1
net.bridge.bridge-nf-call-ip6tables = 1
net.ipv4.ip_forward                 = 1
vm.swappiness = 0
EOF
#vm.swappiness = 0 关闭交换分区
# Apply sysctl params without reboot
sudo sysctl --system

8、永久关闭交换分区

vim /etc/fstab
#这一行注释掉

/dev/mapper/rl-swap none swap defaults 0 0

swapoff -a

8、添加域名解析（网关、Master、node）

127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4

::1 localhost localhost.localdomain localhost6 localhost6.localdomain6

10.81.106.3 k8sm-prod01-gggg-master01

10.81.106.4 k8sm-prod02-gggg-master02

10.2.119.54 app1.cim.gggg.cn

10.2.119.56 app2.cim.gggg.cn

10.2.119.57 app3.gggg.cn

10.81.13.156 k8sapi01.gggg.cn #网关

9、磁盘分区

将剩下的空间都划分给数据目录 配置逻辑卷

fdisk /dev/xvdb

pvcreate /dev/xvdb1

vgcreate data /dev/xvdb1

lvcreate -L 499G data /dev/xvdb1

mkfs.xfs /dev/data/lvol0

vim /etc/fstab

将新创建的文件系统 写入文件后 mount -a

二、安装containerd

不需要和Master相同 YUM装

1、安装

#yum -y install container-selinux
yum -y install containerd.io.x86_64

2、配置文件

备份配置文件

cd /etc/containerd/ && cp config.toml config.toml.bak

将master的配置文件复制过去

systemctl daemon-reload
systemctl restart  containerd.service

3、安装k8s

安装与master相同的版本，yum源上面平移的master的

yum install -y kubelet-1.21.3 kubeadm-1.21.3 kubectl-1.21.3 --disableexcludes=kubernetes

4、加入到master集群中

master生成token，Node节点输入生成的token加入集群

sudo kubeadm token create --print-join-command