Kubernetes 一直沒有自己的高可用方案,從yum安裝1.5.2開始到使用阿里雲自帶的Kubernetes叢集,一直沒有自己手動安裝配置過這個高可用方案,在過年前終於自己安裝配置了一次,也是參考各路大神的文章,現在年過完了,準備把安裝過程記錄下來,我的安裝會比較特殊,僅供各位參考:
1. 192.168.1.40 簡寫伺服器a etcd master keeplived haproxy
2. 192.168.1.41 簡寫伺服器b etcd master keeplived haproxy
3. 192.168.1.42 簡寫伺服器c etcd master keeplived haproxy
VIP 192.168.1.43
作業系統最小化安裝centos 7.3
1.修改主機名
hostnamectl set-hostname host40
hostnamectl set-hostname host41
hostnamectl set-hostname host42複製程式碼2.關閉防火牆和selinux
systemctl stop firewalld
systemctl disable firewalld
sed -i 's/enforcing/disabled/g' /etc/selinux/config
setenforce 0複製程式碼3.安裝基礎軟體
yum -y install keepalived haproxy psmisc複製程式碼4.配置haproxy
三臺機器啟動haproxy ,監聽8443埠代理最後的api-service,10080埠作為haproxy狀態監控
cat>/etc/haproxy/haproxy.cfg<<EOF
global
log /dev/log local0
log /dev/log local1 notice
chroot /var/lib/haproxy
stats socket /tmp/admin.sock mode 660 level admin
stats timeout 30s
user haproxy
group haproxy
daemon
nbproc 1
defaults
log global
timeout connect 5000
timeout client 10m
timeout server 10m
listen admin_stats
bind 0.0.0.0:10080
mode http
log 127.0.0.1 local0 err
stats refresh 30s
stats uri /status
stats realm welcome login\ Haproxy
stats auth admin:123456
stats hide-version
stats admin if TRUE
listen kube-master
bind 0.0.0.0:8443
mode tcp
option tcplog
balance source
server 192.168.1.40 192.168.1.40:6443 check inter 2000 fall 2 rise 2 weight 1
server 192.168.1.41 192.168.1.41:6443 check inter 2000 fall 2 rise 2 weight 1
server 192.168.1.42 192.168.1.42:6443 check inter 2000 fall 2 rise 2 weight 1
EOF
複製程式碼
啟動haproxy,如果有錯誤,請根據錯誤提示解決(我在處理的時候因為sock檔案地址許可權的問題遇到過錯誤,所以我這裡把他切換到tmp目錄,避免許可權問題)
systemctl daemon-reload
systemctl enable haproxy
systemctl restart haproxy
systemctl status haproxy複製程式碼5.配置keepalived
5.1配置伺服器a keepalived
cat > /etc/haproxy/haproxy.cfg <<EOF
global_defs {
router_id k8s-master
}
vrrp_script check-haproxy {
script "killall -0 haproxy"
interval 5
weight -30
}
vrrp_instance VI-kube-master {
state MASTER
priority 150
nopreempt
dont_track_primary
interface eth0
virtual_router_id 68
advert_int 3
track_script {
check-haproxy
}
virtual_ipaddress {
192.168.1.43/24 dev eth0 label eth0:1
}
}
EOF
複製程式碼5.2 配置伺服器b keepalived
cat > /etc/keepalived/keepalived.conf <<EOF
global_defs {
router_id k8s-slave1
}
vrrp_script check-haproxy {
script "killall -0 haproxy"
interval 5
weight -30
}
vrrp_instance VI-kube-master {
state BACKUP
priority 100
nopreempt
dont_track_primary
interface eth0
virtual_router_id 68
advert_int 3
track_script {
check-haproxy
}
virtual_ipaddress {
192.168.1.43/24 dev eth0 label eth0:1
}
}
EOF
複製程式碼5.3 配置伺服器c keepalived
cat > /etc/keepalived/keepalived.conf <<EOF
global_defs {
router_id k8s-slave2
}
vrrp_script check-haproxy {
script "killall -0 haproxy"
interval 5
weight -30
}
vrrp_instance VI-kube-master {
state BACKUP
priority 50
nopreempt
dont_track_primary
interface eth0
virtual_router_id 68
advert_int 3
track_script {
check-haproxy
}
virtual_ipaddress {
192.168.1.43/24 dev eth0 label eth0:1
}
}
EOF
複製程式碼6.啟動keepalived
systemctl daemon-reload
systemctl enable keepalived
systemctl restart keepalived
systemctl status keepalived
複製程式碼以上配置實現伺服器 vip 預設在a伺服器,如果a當機則vip到b伺服器,如果ab 都當機 則vip到c伺服器
但是這樣設定有一個問題就是a伺服器當機恢復以後,會搶回VIP
如果把abc伺服器都設定BACKUP 則第一次啟動都不會獲得VIP
你們可以把你們的發我參考下 實現第一次啟動會獲得VIP 切換以後也不會漂移回去的配置
首先完成ha的配置因為後面的配置需要呼叫vip的地址