1.基本配置
配置dns解析或者hosts
关闭firewall selinux
date -R
ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
sudo echo 'LANG="en_US.UTF-8"' >> /etc/profile;source /etc/profile
时间同步
2.kernel调优
https://docs.rancher.cn/rancher2x/install-prepare/best-practices/os.html#_1-%E5%86%85%E6%A0%B8%E8%B0%83%E4%BC%98
保存配置
sysctl -p
3.安装docker-ce
# 定义用户名
NEW_USER=rancher
# 添加用户(可选)
sudo adduser $NEW_USER
# 为新用户设置密码
sudo passwd $NEW_USER
# 为新用户添加sudo权限
sudo echo "$NEW_USER ALL=(ALL) ALL" >> /etc/sudoers
# 卸载旧版本Docker软件
sudo yum remove docker
docker-client
docker-client-latest
docker-common
docker-latest
docker-latest-logrotate
docker-logrotate
docker-selinux
docker-engine-selinux
docker-engine
container*
# 定义安装版本
export docker_version=18.06.3
# 对系统进行全面的更新升级,推荐升级一下(可选)
sudo yum update -y;
# 安装必要的一些系统工具
sudo yum install -y yum-utils device-mapper-persistent-data
lvm2 bash-completion;
# Step 2: 添加软件源信息
sudo yum-config-manager --add-repo
http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo;
# Step 3: 更新并安装 Docker-CE
sudo yum makecache all;
version=$(yum list docker-ce.x86_64 --showduplicates | sort -r|grep ${docker_version}|awk '{print $2}');
sudo yum -y install --setopt=obsoletes=0 docker-ce-${version} docker-ce-selinux-${version};
# 如果已经安装高版本Docker,可进行降级安装(可选)
yum downgrade --setopt=obsoletes=0 -y docker-ce-${version} docker-ce-selinux-${version};
# 把当前用户加入docker组
sudo usermod -aG docker $NEW_USER;
# 设置开机启动
sudo systemctl enable docker;
# docker版本锁定
yum install yum-plugin-versionlock
yum versionlock add docker-ce docker-ce-cli
查看锁定
yum versionlock list
解锁
yum versionlock delete <软件包名称>
解锁所有
yum versionlock clear
docker调优
touch /etc/docker/daemon.json
cat > /etc/docker/daemon.json <<EOF
{
"oom-score-adjust": -1000,
"log-driver": "json-file",
"log-opts": {
"max-size": "100m",
"max-file": "3"
},
"max-concurrent-downloads": 10,
"max-concurrent-uploads": 10,
"registry-mirrors": ["https://2inti5wg.mirror.aliyuncs.com"],
"storage-driver": "overlay2",
"storage-opts": [
"overlay2.override_kernel_check=true"
]
}
EOF
systemctl daemon-reload && systemctl restart docker
4.安装rancher
docker pull rancher/rancher:stable
docker run --name rancher
--restart=unless-stopped
-p 1080:80 -p 1443:443
-v /etc/localtime:/etc/localtime:ro
-v /data/rancher/:/var/lib/rancher/
-v /data/auditlog:/var/log/auditlog
-e CATTLE_SYSTEM_CATALOG=bundled
-e AUDIT_LEVEL=3
-d rancher/rancher:stable