2. 程式人生 > 其它 >|NO.Z.00028|——————————|^^ 部署 ^^|——|Kubernetes&高可用叢集.V02|------------------------------------|Keepalived&haproxy|

|NO.Z.00028|——————————|^^ 部署 ^^|——|Kubernetes&高可用叢集.V02|------------------------------------|Keepalived&haproxy|

阿新 發佈:2022-03-28

[CloudNative:Kubernetes&高可用叢集.V02]                                                            [Applications.CloudNative] [|雲端計算|K8S|叢集搭建-高可用叢集-實現過程介紹/初始化和部署Keepalived/] [部署haproxy和docker等元件/部署master1節點初始化/部署master2和node節點|]







一、 所有master節點部署keepalived
### --- 安裝相關包和keepalived

[root@k8s-master1 ~]# yum install -y conntrack-tools libseccomp libtool-ltdl
[root@k8s-master1 ~]# yum install -y keepalived
[root@k8s-master2 ~]# yum install -y conntrack-tools libseccomp libtool-ltdl
[root@k8s-master2 ~]# yum install -y keepalived
 
### --- 配置master節點
~~~     master1節點配置

[root@k8s-master1 ~]# cat > /etc/keepalived/keepalived.conf <<EOF 
> ! Configuration File for keepalived
> 
> global_defs {
>    router_id k8s
> }
> 
> vrrp_script check_haproxy {
>     script "killall -0 haproxy"
>     interval 3
>     weight -2
>     fall 10
>     rise 2
> }
> 
> vrrp_instance VI_1 {
>     state MASTER 
>     interface ens34 
>     virtual_router_id 51
>     priority 250
>     advert_int 1
>     authentication {
>         auth_type PASS
>         auth_pass ceb1b3ec013d66163d6ab
>     }
>     virtual_ipaddress {
>         10.10.10.15
>     }
>     track_script {
>         check_haproxy
>     }
> 
> }
> EOF
 
~~~     master2節點配置

[root@k8s-master2 ~]# cat > /etc/keepalived/keepalived.conf <<EOF 
> ! Configuration File for keepalived
> 
> global_defs {
>    router_id k8s
> }
> 
> vrrp_script check_haproxy {
>     script "killall -0 haproxy"
>     interval 3
>     weight -2
>     fall 10
>     rise 2
> }
> 
> vrrp_instance VI_1 {
>     state MASTER 
>     interface ens34 
>     virtual_router_id 51
>     priority 250
>     advert_int 1
>     authentication {
>         auth_type PASS
>         auth_pass ceb1b3ec013d66163d6ab
>     }
>     virtual_ipaddress {
>         10.10.10.15
>     }
>     track_script {
>         check_haproxy
>     }
> 
> }
> EOF
 
### --- 啟動和檢查
~~~     在兩臺master節點都執行
~~~     啟動keepalived

[root@k8s-master1 ~]# systemctl start keepalived.service
[root@k8s-master2 ~]# systemctl start keepalived.service
~~~     設定開機啟動

[root@k8s-master1 ~]# systemctl enable keepalived.service
[root@k8s-master2 ~]# systemctl enable keepalived.service
~~~     檢視啟動狀態

[root@k8s-master1 ~]# systemctl status keepalived.service
[root@k8s-master2 ~]# systemctl status keepalived.service
~~~     啟動後檢視master1的網絡卡資訊
~~~     目前在k8s-master2上,當k8s-master掛掉會漂移到k8s-master1上

[root@k8s-master2 ~]# ip a s ens34          
3: ens34: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    inet 10.10.10.12/24 brd 10.10.10.255 scope global noprefixroute ens34
    inet 10.10.10.15/32 scope global ens34
       valid_lft forever preferred_lft forever
二、部署haproxy(所有master節點上部署) 
### --- 安裝

[root@k8s-master1 ~]# yum install -y haproxy
[root@k8s-master2 ~]# yum install -y haproxy
### --- 兩臺master節點的配置均相同,配置中聲明瞭後端代理的兩個master節點伺服器,
~~~     指定了haproxy執行的埠為16443等,因此16443埠為叢集的入口

[root@k8s-master1 ~]# cat > /etc/haproxy/haproxy.cfg << EOF
[root@k8s-master2 ~]# cat > /etc/haproxy/haproxy.cfg << EOF
> #---------------------------------------------------------------------
> # Global settings
> #---------------------------------------------------------------------
> global
>     # to have these messages end up in /var/log/haproxy.log you will
>     # need to:
>     # 1) configure syslog to accept network log events.  This is done
>     #    by adding the '-r' option to the SYSLOGD_OPTIONS in
>     #    /etc/sysconfig/syslog
>     # 2) configure local2 events to go to the /var/log/haproxy.log
>     #   file. A line like the following can be added to
>     #   /etc/sysconfig/syslog
>     #
>     #    local2.*                       /var/log/haproxy.log
>     #
>     log         127.0.0.1 local2
>     
>     chroot      /var/lib/haproxy
>     pidfile     /var/run/haproxy.pid
>     maxconn     4000
>     user        haproxy
>     group       haproxy
>     daemon 
>        
>     # turn on stats unix socket
>     stats socket /var/lib/haproxy/stats
> #---------------------------------------------------------------------
> # common defaults that all the 'listen' and 'backend' sections will
> # use if not designated in their block
> #---------------------------------------------------------------------  
> defaults
>     mode                    http
>     log                     global
>     option                  httplog
>     option                  dontlognull
>     option http-server-close
>     option forwardfor       except 127.0.0.0/8
>     option                  redispatch
>     retries                 3
>     timeout http-request    10s
>     timeout queue           1m
>     timeout connect         10s
>     timeout client          1m
>     timeout server          1m
>     timeout http-keep-alive 10s
>     timeout check           10s
>     maxconn                 3000
> #---------------------------------------------------------------------
> # kubernetes apiserver frontend which proxys to the backends
> #--------------------------------------------------------------------- 
> frontend kubernetes-apiserver
>     mode                 tcp
>     bind                 *:16443
>     option               tcplog
>     default_backend      kubernetes-apiserver    
> #---------------------------------------------------------------------
> # round robin balancing between the various backends
> #---------------------------------------------------------------------
> backend kubernetes-apiserver
>     mode        tcp
>     balance     roundrobin                                    # 負載策略
>     server      master01.k8s.io   10.10.10.11:6443 check      # master1節點地址
>     server      master02.k8s.io   10.10.10.12:6443 check      # master2節點地址
> #---------------------------------------------------------------------
> # collection haproxy statistics message
> #---------------------------------------------------------------------
> listen stats
>     bind                 *:1080
>     stats auth           admin:awesomePassword
>     stats refresh        5s
>     stats realm          HAProxy\ Statistics
>     stats uri            /admin?stats
> EOF
### --- 兩臺master都啟動
~~~     設定開機啟動

[root@k8s-master1 ~]# systemctl enable haproxy
[root@k8s-master2 ~]# systemctl enable haproxy
~~~     開啟haproxy

[root@k8s-master1 ~]# systemctl start haproxy
[root@k8s-master2 ~]# systemctl start haproxy
~~~     檢視啟動狀態

[root@k8s-master1 ~]# systemctl status haproxy
[root@k8s-master2 ~]# systemctl status haproxy
~~~     檢查埠

[root@k8s-master1 ~]# netstat -lntup|grep haproxy
tcp        0      0 0.0.0.0:1080            0.0.0.0:*               LISTEN      11945/haproxy       
tcp        0      0 0.0.0.0:16443           0.0.0.0:*               LISTEN      11945/haproxy       
udp        0      0 0.0.0.0:34302           0.0.0.0:*                           11944/haproxy       
[root@k8s-master2 ~]# netstat -lntup|grep haproxy
tcp        0      0 0.0.0.0:1080            0.0.0.0:*               LISTEN      11945/haproxy       
tcp        0      0 0.0.0.0:16443           0.0.0.0:*               LISTEN      11945/haproxy       
udp        0      0 0.0.0.0:34302           0.0.0.0:*                           11944/haproxy







===============================END===============================

Walter Savage Landor:strove with none,for none was worth my strife.Nature I loved and, next to Nature, Art:I warm'd both hands before the fire of life.It sinks, and I am ready to depart                                                                                                                                                    ——W.S.Landor



來自為知筆記(Wiz)

相關推薦

no