环境准备

修改主机名

hostnamectl set-hostname master

各主机添加ssh key

$ ssh-keygen -t rsa -b 2048
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
85:a2:29:29:7a:32:2e:89:c5:13:ee:c8:a2:7a:53:ae root@master
The key's randomart image is:
+--[ RSA 2048]----+
|                 |
|         .       |
|      . . .      |
|  .. o . .       |
|.oo.o   S        |
|..=..            |
|*=.+             |
|B=+ .            |
|BoEo             |
+-----------------+
ssh-copy-id node1
ssh-copy-id node2
ssh-copy-id node3

系统更新

yum -y install epel-release
yum -y install update

关闭selinux

setenforce 0
sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/sysconfig/selinux

配置防火墙

  • TCP 端口 2377 用于集群管理通信
  • TCPUDP 端口 7946 用于节点之间的通信
  • UDP 端口 4789 用于overlay网络通信

[warning] 如果创建网络使用--opt encrypted,需要允许ip protocol 50 (ESP)

firewall-cmd --add-port=2377/tcp --permanent && \
firewall-cmd --add-port=7946/tcp --permanent && \
firewall-cmd --add-port=7946/udp --permanent && \
firewall-cmd --add-port=4789/udp --permanent && \
firewall-cmd --reload

results matching ""

    No results matching ""