三.准备工作

3.1.端口转发

vim /etc/sysctl.conf
net.ipv4.ip_forward=1
net.ipv4.conf.all.rp_filter=0
net.ipv4.conf.default.rp_filter=0

3.2.关闭网络管理服务

systemctl stop NetworkManager.service
systemctl disable firewalld.service

3.3.hosts

vim /etc/hosts 
#添加
10.2.1.11 k8s-1
10.2.1.12 k8s-2
10.2.1.13 k8s-3

3.4.iptables

#停止firewall
systemctl stop firewalld.service 
#禁止firewall开机启动
systemctl disable firewalld.service 

#安装 iptables service
yum -y install iptables-services

#添加策略
vim /etc/sysconfig/iptables
-A INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 8080 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 2379 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 2380 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 10250 -j ACCEPT

[所有节点]
#注释此行
-A FORWARD -j REJECT --reject-with icmp-host-prohibited 
#添加此行
-A FORWARD -j ACCEPT 
#注释此行
-A INPUT -j REJECT --reject-with icmp-host-prohibited 
#添加此行
-A INPUT -j ACCEPT 

#重启防火墙使配置生效
systemctl restart iptables.service
#设置防火墙开机启动
systemctl enable iptables.service 

5.docker
官网安装说明
https://docs.docker.com/engine/installation/linux/centos/

#更新yum
yum update

#配置yum源
vim /etc/yum.repos.d/docker.repo 
[dockerrepo]
name=Docker Repository
baseurl=https://yum.dockerproject.org/repo/main/centos/$releasever/
enabled=1
gpgcheck=1
gpgkey=https://yum.dockerproject.org/gpg

#安装
yum install docker-engine

#下载镜像
docker pull google/pause
docker tag google/pause gcr.io/google_containers/pause-amd64:3.0

docker pull siriuszg/kubernetes-dashboard-amd64:v1.4.0
docker tag siriuszg/kubernetes-dashboard-amd64:v1.4.0 10.2.3.223:5000/kubernetes-dashboard-amd64:v1.4.0