[root@localhost ~]# getenforce
Enforcing
[root@localhost ~]# setenforce 0
[root@localhost ~]# getenforce
Permissive
[root@localhost ~]# vim /etc/selinux/config # 这两种配置文件效果一样,任选其一。
[root@localhost ~]# vim /etc/sysconfig/selinux
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
# SELINUX=enforcing # 注释第一行即可
# SELINUXTYPE= can take one of three two values:
# targeted - Targeted processes are protected,
# minimum - Modification of targeted policy. Only selected processes are protected.
# mls - Multi Level Security protection.
# SELINUXTYPE=targeted # 注释这一行即可
[root@localhost ~]# hostnamectl set-hostname K8s-master
[root@localhost ~]# bash
[root@k8s-master ~]#
[root@k8s-master ~]# vim /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
K8s-master 192.168.43.2 # 前面是主机名,后面是对应IP
K8s-node01 192.168.43.3
K8s-node02 192.168.43.4
[root@k8s-master ~]# systemctl daemon-reload
[root@k8s-master ~]# yum -y install wget
[root@k8s-master ~]# mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.backup
[root@k8s-master ~]# wget -O /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-7.repo
[root@k8s-master ~]# yum makecache
[root@k8s-master ~]# yum install -y epel-release
[root@k8s-master ~]# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
f5:21:e0:89:44:97:1f:e5:df:71:4f:b0:3a:ec:70:31 root@k8s-master
The key's randomart image is:
+--[ RSA 2048]----+
| .o o. .. . |
| . +.o.. o |
| . o.o.E ..o|
| ..+ * o+|
| S . * . o|
| + . |
| . |
| |
| |
+-----------------+
[root@k8s-master ~]# ssh-copy-id 192.168.43.3 # 另一台服务的IP地址
The authenticity of host '192.168.43.3 (192.168.43.3)' can't be established.
ECDSA key fingerprint is e9:b9:0c:d9:13:ef:c7:12:ee:2a:cf:06:16:3d:da:26.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@192.168.43.3's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh '192.168.43.3'"
and check to make sure that only the key(s) you wanted were added.