| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293 |
- #!/bin/sh
- systemctl disable --now firewalld
- systemctl disable --now dnsmasq
- systemctl disable --now NetworkManager
- setenforce 0
- sed -i 's#SELINUX=enforcing#SELINUX=disabled#g' /etc/sysconfig/selinux
- sed -i 's#SELINUX=enforcing#SELINUX=disabled#g' /etc/selinux/config
- swapoff -a && sysctl -w vm.swappiness=0
- sed -ri 's/.*swap.*/#&/' /etc/fstab
- sed -i '/# End of file/i########################' /etc/security/limits.conf
- sed -i '/# End of file/i* soft nofile 655350' /etc/security/limits.conf
- sed -i '/# End of file/i* hard nofile 655350' /etc/security/limits.conf
- sed -i '/# End of file/i* soft nproc 655350' /etc/security/limits.conf
- sed -i '/# End of file/i* hard nproc 655350' /etc/security/limits.conf
- sed -i '/# End of file/i* soft memlock unlimited' /etc/security/limits.conf
- sed -i '/# End of file/i* hard memlock unlimited' /etc/security/limits.conf
- sed -i '/# End of file/i########################' /etc/security/limits.conf
- modprobe -- ip_vs
- modprobe -- ip_vs_rr
- modprobe -- ip_vs_wrr
- modprobe -- ip_vs_sh
- modprobe -- nf_conntrack
- cat <<EOF | sudo tee > /etc/modules-load.d/ipvs.conf
- ip_vs
- ip_vs_lc
- ip_vs_wlc
- ip_vs_rr
- ip_vs_wrr
- ip_vs_lblc
- ip_vs_lblcr
- ip_vs_dh
- ip_vs_sh
- ip_vs_fo
- ip_vs_nq
- ip_vs_sed
- ip_vs_ftp
- ip_vs_sh
- nf_conntrack
- ip_tables
- ip_set
- xt_set
- ipt_set
- ipt_rpfilter
- ipt_REJECT
- ipip
- EOF
- # 执行命令
- systemctl enable --now systemd-modules-load.service #--now = enable+start
- #检测是否加载
- lsmod | grep -e ip_vs -e nf_conntrack
- ## 所有节点
- cat <<EOF > /etc/sysctl.d/k8s.conf
- net.ipv4.ip_forward = 1
- net.bridge.bridge-nf-call-iptables = 1
- net.bridge.bridge-nf-call-ip6tables = 1
- fs.may_detach_mounts = 1
- vm.overcommit_memory=1
- net.ipv4.conf.all.route_localnet = 1
- vm.panic_on_oom=0
- fs.inotify.max_user_watches=89100
- fs.file-max=52706963
- fs.nr_open=52706963
- net.netfilter.nf_conntrack_max=2310720
- net.ipv4.tcp_keepalive_time = 600
- net.ipv4.tcp_keepalive_probes = 3
- net.ipv4.tcp_keepalive_intvl =15
- net.ipv4.tcp_max_tw_buckets = 36000
- net.ipv4.tcp_tw_reuse = 1
- net.ipv4.tcp_max_orphans = 327680
- net.ipv4.tcp_orphan_retries = 3
- net.ipv4.tcp_syncookies = 1
- net.ipv4.tcp_max_syn_backlog = 16768
- net.ipv4.ip_conntrack_max = 65536
- net.ipv4.tcp_timestamps = 0
- net.core.somaxconn = 16768
- EOF
- sysctl --system
- lsmod | grep -e ip_vs -e nf_conntrack
- timedatectl set-timezone Asia/Shanghai
|
