Kubernetes: Configuração dos Pré-Requisitos: Difference between revisions

From Wiki
 
(2 intermediate revisions by the same user not shown)
Line 30: Line 30:


Salve e feche o arquivo.
Salve e feche o arquivo.
= Configurando o firewalld =
Habilitando
systemctl enable firewalld
Iniciando
systemctl start firewalld
Criando as regras
firewall-cmd --permanent --zone=public --add-port=22/tcp
firewall-cmd --permanent --zone=public --add-port=80/tcp
firewall-cmd --permanent --zone=public --add-port=443/tcp
firewall-cmd --permanent --zone=public --add-port=6443/tcp
firewall-cmd --permanent --zone=public --add-port=10250/tcp
firewall-cmd --reload


= Desabilitando o SWAP =
= Desabilitando o SWAP =

Latest revision as of 15:11, 13 August 2019

Instalação dos pacotes

1) Instalando os pacotes necessários

yum update 

yum -y install lvm2 device-mapper-persistent-data btrfs-progs


Desabilitando o SELinux

Verificar primeiro o status

sestatus

Se estiver habilitado

Abra o arquivo /etc/selinux/config e defina disabled

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#       enforcing - SELinux security policy is enforced.
#       permissive - SELinux prints warnings instead of enforcing.
#       disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of these two values:
#       targeted - Targeted processes are protected,
#       mls - Multi Level Security protection.
SELINUXTYPE=targeted

Salve e feche o arquivo.

Configurando o firewalld

Habilitando

systemctl enable firewalld

Iniciando

systemctl start firewalld

Criando as regras

firewall-cmd --permanent --zone=public --add-port=22/tcp
firewall-cmd --permanent --zone=public --add-port=80/tcp
firewall-cmd --permanent --zone=public --add-port=443/tcp
firewall-cmd --permanent --zone=public --add-port=6443/tcp
firewall-cmd --permanent --zone=public --add-port=10250/tcp
firewall-cmd --reload

Desabilitando o SWAP

1) Execute o comando para desabilitar o swap

swapoff -a

2) Editar o /etc/fstab e comente as partições de swap

# /dev/mapper/rhel-swap swap swap defaults 0 0

Salve e feche o fstab

3) Execute o comando

mount -a


Configuração do Storage

1) Vamos criar o storage para o Component Pack. Alterar o seu disco, no meu caso /dev/sdb

pvcreate /dev/sdb

vgcreate dockerVg /dev/sdb

lvcreate -l 95%VG --wipesignatures y -n thinpoolLv dockerVg

lvcreate -l 1%VG  --wipesignatures y -n thinpoolmetaLv dockerVg 

2) E mais alguns passos ...

lvconvert -y --zero n -c 512K --thinpool dockerVg/thinpoolLv --poolmetadata dockerVg/thinpoolmetaLv

cat > /etc/lvm/profile/dockerVg-thinpoolLv.profile  << EOF
activation {
 thin_pool_autoextend_threshold=80
 thin_pool_autoextend_percent=20
} 
EOF

lvchange --metadataprofile dockerVg-thinpoolLv dockerVg/thinpoolLv

lvs -o+seg_monitor

mkdir -p /var/lib/docker

Exemplo:

# lsblk

NAME                        MAJ:MIN RM  SIZE RO TYPE MOUNTPOINT
...
sdb                            8:16   0   231G  0 disk
└─sdb1                         8:17   0   231G  0 part
  ├─rootvg-lv_var            253:5    0 113.8G  0 lvm  /var
  ├─rootvg-lv_opt            253:8    0    43G  0 lvm  /opt
  ├─rootvg-lv_thinpool_tmeta 253:10   0     3G  0 lvm
  │ └─rootvg-lv_thinpool     253:12   0    70G  0 lvm
  └─rootvg-lv_thinpool_tdata 253:11   0    70G  0 lvm
    └─rootvg-lv_thinpool     253:12   0    70G  0 lvm


Caso o filesytem já esteja criado

Tive um cliente que só entregava discos montados, com os passos abaixo resolveu:

1) Comentar o /etc/fstab

#/dev/mapper/rootvg-lv_devsdx /dev/sdX xfs defaults 0 2

2) Desmontar volume

umount /dev/sdX

3) remover o logical volume

lvremove /dev/rootvg/lv_devsdx

4) Criar volumes para discos de 80G

lvcreate -L 70g --wipesignatures y -n lv_thinpool rootvg

lvcreate -L 3g --wipesignatures y -n lv_thinpoolmeta rootvg


E continuar no item acima E mais alguns passos ...

Ver também