生产环境中多应用多master集群架构
准备以下配置:
配置 | IP |
---|---|
master01 | 10.0.3.171 |
master02 | 10.0.3.172 |
node01 | 10.0.3.104 |
node02 | 10.0.3.150 |
LB(master) | 10.0.3.173 |
LB(backup) | 10.0.3.165 |
虚拟地址 | 10.0.3.160 |
在master01中,将相应的配置内容copy到master02中:
scp -r /opt/kubernetes/ [email protected]:/opt/
scp /usr/lib/systemd/system/{kube-apiserver,kube-scheduler,kube-controller-manager}.service [email protected]:/usr/lib/systemd/system
修改/opt/kubernetes/cfg/kube-apiserver的地址。
直接重启
systemctl daemon-reload
systemctl restart kube-apiserver
systemctl restart kube-scheduler
systemctl restart kube-controller-manager
在负载均衡器LB-master中。
vi /etc/nginx/nginx.conf
events {
worker_connections 1024;
}
#-------------------添加内容
stream {
log_format main "$remote_addr $upstream_addr $time_local $status";
access_log /var/log/nginx/k8s-access.log main;
upstream k8s-apiserver {
server 10.0.3.171:6443;
server 10.0.3.172:6443;
}
server {
listen 10.0.3.173:6443;
proxy_pass k8s-apiserver;
}
}
#-----------------------
http {
systemctl restart nginx
netstat -antp |grep 8080
tail /var/log/nginx/k8s-access.log -f
重新启动k8s的进程,会在该log中看到分配信息。
安装keepalived,并修改配置文件
yum install keepalived -y
vi /etc/keepalived/keepalived.conf
cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
# 接收邮件地址
notification_email {
[email protected]
[email protected]
[email protected]
}
# 邮件发送地址
notification_email_from [email protected]
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id NGINX_MASTER
}
# 通过一个vrrp协议检查本机nginx是否正常,若不正常,将关闭keepalived
# 实现vip的漂移
vrrp_script check_nginx {
script "/etc/keepalived/check_nginx.sh" #生成一个.sh文件,将地址写入
}
vrrp_instance VI_1 {
state MASTER
# interface ens32 # 网卡接口
interface eth0 # 网卡接口
virtual_router_id 51 # VRRP 路由 ID实例,每个实例是唯一的
priority 100 # 优先级,备服务器设置 90
advert_int 1 # 指定VRRP 心跳包通告间隔时间,默认1秒
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.0.3.160/24 #虚拟地址
}
track_script {
check_nginx
}
}
vrrp协议内容
# vi /etc/keepalived/check_nginx.sh
count=$(ps -ef |grep nginx |egrep -cv "grep|$$")
if [ "$count" -eq 0 ];then
/etc/init.d/keepalived stop
fi
通常在终端中输入
count=$(ps -ef |grep nginx |egrep -cv "grep|$$")
正常情况下不会为0。
通过ifconfig或ip a查看网卡接口,在vrrp_instance中修改
重启keepalived
systemctl restart keepalived
ps -ef |grep keepalived
启动成功
ip a查看是否绑定了虚拟ip