标签:script 二进制安装 环境变量 服务 权重 real err .com killall
继续上一章部署。
八、部署高可用组件
本章介绍keepalived和haproxy实现kube-apiserver高可用。
8.1 安装软件包
source /opt/k8s/bin/environment.sh for master_ip in ${MASTER_IPS[@]} do echo ">>> ${master_ip}" ssh k8s@${master_ip} "sudo yum install -y keepalived haproxy" done
8.2 配置 haproxy
cat > haproxy.cfg <<EOF global log /dev/log local0 log /dev/log local1 notice chroot /var/lib/haproxy stats socket /var/run/haproxy-admin.sock mode 660 level admin stats timeout 30s user haproxy group haproxy daemon nbproc 1 defaults log global timeout connect 5000 timeout client 10m timeout server 10m listen admin_stats bind 0.0.0.0:10080 mode http log 127.0.0.1 local0 err stats refresh 30s stats uri /status stats realm welcome login\ Haproxy stats auth admin:123456 stats hide-version stats admin if TRUE listen kube-master bind 0.0.0.0:8443 mode tcp option tcplog balance source server 192.168.56.20 192.168.56.20:6443 check inter 2000 fall 2 rise 2 weight 1 server 192.168.56.21 192.168.56.21:6443 check inter 2000 fall 2 rise 2 weight 1 EOF
8.3 下发 haproxy.cfg 到所有 master 节点
source /opt/k8s/bin/environment.sh for master_ip in ${MASTER_IPS[@]} do echo ">>> ${master_ip}" scp haproxy.cfg root@${master_ip}:/etc/haproxy done
8.4 起 haproxy 服务
source /opt/k8s/bin/environment.sh for master_ip in ${MASTER_IPS[@]} do echo ">>> ${master_ip}" ssh k8s@${master_ip} "sudo systemctl restart haproxy" done
8.5 检查服务状态
source /opt/k8s/bin/environment.sh for master_ip in ${MASTER_IPS[@]} do echo ">>> ${master_ip}" ssh k8s@${master_ip} "sudo systemctl status haproxy|grep Active" done
确保状态都是 active (running)。
查看日志:journalctl -u haproxy
8.6 检查是否监听了 8443 端口
source /opt/k8s/bin/environment.sh for master_ip in ${MASTER_IPS[@]} do echo ">>> ${master_ip}" ssh k8s@${master_ip} "sudo netstat -lnpt|grep haproxy" done
8.7 配置 keeplived
keepalived 是一主一备的运行模式,所以配置文件类型有两种
master 192.168.56.20 backup 192.168.56.21
master配置文件:
source /opt/k8s/bin/environment.sh cat > keepalived-master.conf <<EOF global_defs { router_id lb-master-105 } vrrp_script check-haproxy { script "killall -0 haproxy" interval 5 weight -30 } vrrp_instance VI-kube-master { state MASTER priority 120 dont_track_primary interface ${VIP_IF} virtual_router_id 68 advert_int 3 track_script { check-haproxy } virtual_ipaddress { ${MASTER_VIP} } } EOF
backup 配置文件:
source /opt/k8s/bin/environment.sh cat > keepalived-backup.conf <<EOF global_defs { router_id lb-backup-105 } vrrp_script check-haproxy { script "killall -0 haproxy" interval 5 weight -30 } vrrp_instance VI-kube-master { state BACKUP priority 110 dont_track_primary interface ${VIP_IF} virtual_router_id 68 advert_int 3 track_script { check-haproxy } virtual_ipaddress { ${MASTER_VIP} } } EOF
8.8 下发keepalived配置文件
[root@k8s-m1 ha_config]# scp keepalived-master.conf root@192.168.56.20:/etc/keepalived/keepalived.conf [root@k8s-m1 ha_config]# scp keepalived-backup.conf root@192.168.56.21:/etc/keepalived/keepalived.conf
8.9 起 keepalived 服务
source /opt/k8s/bin/environment.sh for master_ip in ${MASTER_IPS[@]} do echo ">>> ${master_ip}" ssh root@${master_ip} "systemctl restart keepalived" done
8.10 检查服务状态
# 确认服务是 active (running) source /opt/k8s/bin/environment.sh for master_ip in ${MASTER_IPS[@]} do echo ">>> ${master_ip}" ssh root@${master_ip} "systemctl status keepalived|grep Active" done # 查看 VIP 所在的节点,确保可以 ping 通 VIP source /opt/k8s/bin/environment.sh for master_ip in ${MASTER_IPS[@]} do echo ">>> ${master_ip}" ssh root@${master_ip} "/usr/sbin/ip addr show ${VIP_IF}" ssh root@${master_ip} "ping -c 1 ${MASTER_VIP}" done # 查看日志 journalctl -u keepalived
8.11 浏览器打开status也没
地址:${MASTER_VIP}:10080/status
用户名和密码在 haproxy.cfg 的 status auth 字段
HAProxy status页面
二进制安装kubernetes v1.11.2 (第七章 部署高可用组件)
标签:script 二进制安装 环境变量 服务 权重 real err .com killall
原文地址:https://www.cnblogs.com/aast/p/9844068.html
