您好,登錄后才能下訂單哦!
今天小編給大家分享一下怎么用Keepalived+HAProxy高可用集群K8S實(shí)現(xiàn)的相關(guān)知識(shí)點(diǎn),內(nèi)容詳細(xì),邏輯清晰,相信大部分人都還太了解這方面的知識(shí),所以分享這篇文章給大家參考一下,希望大家閱讀完這篇文章后有所收獲,下面我們一起來(lái)了解一下吧。
準(zhǔn)備環(huán)境:
主機(jī) | ip |
---|---|
k8s-master01 | 192.168.10.4 |
k8s-master02 | 192.168.10.5 |
k8s-master03 | 192.168.10.6 |
VIP | 192.168.10.150 |
架構(gòu)圖
注意:master集群采用奇數(shù)臺(tái)數(shù),3、5、7…
所有節(jié)點(diǎn)都進(jìn)行hosts文件解析
tail -3 /etc/hosts 192.168.10.4 k8s-master01 192.168.10.5 k8s-master02 192.168.10.6 k8s-master03
所有節(jié)點(diǎn)都要安裝keepalived和haproxy軟件
yum -y install haproxy keepalived
修改haproxy配置文件(所有節(jié)點(diǎn)配置相同)
最好選擇2.x版本,當(dāng)然這個(gè)版本也不影響使用,只是功能沒(méi)有2.x版本多
vim /etc/haproxy/haproxy.cfg global maxconn 2000 ulimit-n 16384 log 127.0.0.1 local0 err stats timeout 30s defaults log global mode http option httplog timeout connect 5000 timeout client 50000 timeout server 50000 timeout http-request 15s timeout http-keep-alive 15s frontend monitor-in bind *:33305 mode http option httplog monitor-uri /monitor listen stats bind *:8006 mode http stats enable stats hide-version stats uri /stats stats refresh 30s stats realm Haproxy\ Statistics stats auth admin:admin frontend k8s-master bind 0.0.0.0:16443 bind 127.0.0.1:16443 mode tcp option tcplog tcp-request inspect-delay 5s default_backend k8s-master backend k8s-master mode tcp option tcplog option tcp-check balance roundrobin default-server inter 10s downinter 5s rise 2 fall 2 slowstart 60s maxconn 250 maxqueue 256 weight 100 server k8s-master01 192.168.10.4:6443 check server k8s-master02 192.168.10.5:6443 check server k8s-master03 192.168.10.6:6443 check
master01節(jié)點(diǎn)修改keepalived配置文件
vim /etc/keepalived/keepalived.conf ! Configuration File for keepalived global_defs { router_id LVS_DEVEL } vrrp_script chk_apiserver { script "/etc/keepalived/check_apiserver.sh" interval 2 weight -5 fall 3 rise 2 } vrrp_instance VI_1 { state MASTER interface eth0 mcast_src_ip 192.168.10.4 virtual_router_id 51 priority 100 advert_int 2 authentication { auth_type PASS auth_pass K8SHA_KA_AUTH } virtual_ipaddress { 192.168.10.150/24 } track_script { chk_apiserver }
master02節(jié)點(diǎn)修改keepalived配置文件
vim /etc/keepalived/keepalived.conf ! Configuration File for keepalived global_defs { router_id LVS_DEVEL } vrrp_script chk_apiserver { script "/etc/keepalived/check_apiserver.sh" interval 2 weight -5 fall 3 rise 2 } vrrp_instance VI_1 { state BACKUP interface eth0 mcast_src_ip 192.168.10.5 virtual_router_id 51 priority 50 advert_int 2 authentication { auth_type PASS auth_pass K8SHA_KA_AUTH } virtual_ipaddress { 192.168.10.150/24 } track_script { chk_apiserver } }
master03節(jié)點(diǎn)修改keepalived配置文件
vim /etc/keepalived/keepalived.conf ! Configuration File for keepalived global_defs { router_id LVS_DEVEL } vrrp_script chk_apiserver { script "/etc/keepalived/check_apiserver.sh" interval 2 weight -5 fall 3 rise 2 } vrrp_instance VI_1 { state BACKUP interface eth0 mcast_src_ip 192.168.10.6 virtual_router_id 51 priority 50 advert_int 2 authentication { auth_type PASS auth_pass K8SHA_KA_AUTH } virtual_ipaddress { 192.168.10.150/24 } track_script { chk_apiserver } }
所有節(jié)點(diǎn)創(chuàng)建健康檢查腳本
vim /etc/keepalived/check_apiserver.sh #!/bin/bash err=0 for k in $(seq 1 5) do check_code=$(pgrep haproxy) if [[ $check_code == "" ]]; then err=$(expr $err + 1) sleep 5 continue else err=0 break fi done if [[ $err != "0" ]]; then echo "systemctl stop keepalived" /usr/bin/systemctl stop keepalived exit 1 else exit 0 fi
啟動(dòng)haproxy與keepalived服務(wù)
systemctl daemon-reload systemctl enable --now haproxy systemctl enable --now keepalived
可以用ping和telnet命令測(cè)試一下vip的可用性
ping 192.168.10.150 PING 192.168.10.150 (192.168.10.150) 56(84) bytes of data. 64 bytes from 192.168.10.150: icmp_seq=1 ttl=64 time=1.60 ms 64 bytes from 192.168.10.150: icmp_seq=2 ttl=64 time=0.519 ms 64 bytes from 192.168.10.150: icmp_seq=3 ttl=64 time=0.874 ms 64 bytes from 192.168.10.150: icmp_seq=4 ttl=64 time=0.786 ms ^C --- 192.168.10.150 ping statistics --- 4 packets transmitted, 4 received, 0% packet loss, time 3009ms rtt min/avg/max/mdev = 0.519/0.946/1.606/0.403 ms telnet 192.168.10.150 16443 Trying 192.168.10.150... Connected to 192.168.10.150. Escape character is '^]'. Connection closed by foreign host.
再嘗試一下斷開(kāi)vip所在節(jié)點(diǎn)的keepalived,看ip是否漂移,如果vip漂移至另一節(jié)點(diǎn)則代表成功
以上就是“怎么用Keepalived+HAProxy高可用集群K8S實(shí)現(xiàn)”這篇文章的所有內(nèi)容,感謝各位的閱讀!相信大家閱讀完這篇文章都有很大的收獲,小編每天都會(huì)為大家更新不同的知識(shí),如果還想學(xué)習(xí)更多的知識(shí),請(qǐng)關(guān)注億速云行業(yè)資訊頻道。
免責(zé)聲明:本站發(fā)布的內(nèi)容(圖片、視頻和文字)以原創(chuàng)、轉(zhuǎn)載和分享為主,文章觀點(diǎn)不代表本網(wǎng)站立場(chǎng),如果涉及侵權(quán)請(qǐng)聯(lián)系站長(zhǎng)郵箱:is@yisu.com進(jìn)行舉報(bào),并提供相關(guān)證據(jù),一經(jīng)查實(shí),將立刻刪除涉嫌侵權(quán)內(nèi)容。