一、实验环境介绍
Master02:192.168.50.134
LB1:192.168.50.137
LB2:192.168.50.138
VIP:192.168.50.100
二、实验步骤
- 前置条件:先具备单master节点部署环境
1、关闭防火墙及selinux服务
2、在master01上操作,将master1上的工作目录推送到master2上
scp -r /opt/kubernetes/ root@192.168.195.136:/opt
3、复制master中的三个组件启动脚本
scp /usr/lib/systemd/system/{kube-apiserver,kube-controller-manager,kube-scheduler}.service root@192.168.50.136:/usr/lib/systemd/system/
4、在master02上操作,修改配置文件kube-apiserver中的IP,
cd /opt/kubernetes/cfg/
vim kube-apiserver
--bind-address=192.168.50.136 \ ## 修改为master2的IP
--advertise-address=192.168.50.136 \ ## 修改为master2的IP
5、将master1上的etcd工作目录拷贝到master2中
scp -r /opt/etcd/ root@192.168.50.136:/opt/
6、启动master02中的三个组件服务
systemctl start kube-apiserver.service
systemctl start kube-controller-manager.service
systemctl start kube-scheduler.service
7、设置环境变量
vim /etc/profile
在末尾加入一行:
export PATH=$PATH:/opt/kubernetes/bin/
使配置生效:source /etc/profile
//下面进行高可用负载均衡配置
8、分别在lb01 lb02上操作
安装nginx服务,把nginx.sh和keepalived.conf脚本拷贝到家目录
vim /etc/yum.repos.d/nginx.repo
[nginx]
name=nginx repo
baseurl=http://nginx.org/packages/centos/7/$basearch/
gpgcheck=0
yum install nginx -y
9、在nginx中添加四层转发
stream {
log_format main '$remote_addr $upstream_addr - [$time_local] $status $upstream_bytes_sent';
access_log /var/log/nginx/k8s-access.log main;
upstream k8s-apiserver {
server 192.168.50.133:6443; ## 代理的两个master节点IP
server 192.168.50.136:6443; ## 代理的两个master节点IP
}
server {
listen 6443;
proxy_pass k8s-apiserver;
}
}
启动nginx服务
systemctl start nginx
10、分别在lb1与lb2上部署keepalived服务
yum install keepalived -y
修改配置文件
cp keepalived.conf /etc/keepalived/keepalived.conf
keepalived配置文件如下:
! Configuration File for keepalived
global_defs {
# 接收邮件地址
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
# 邮件发送地址
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id NGINX_MASTER
}
vrrp_script check_nginx {
script "/etc/nginx/check_nginx.sh"
}
vrrp_instance VI_1 {
state MASTER
interface ens33
virtual_router_id 51 # VRRP 路由 ID实例,每个实例是唯一的
priority 100 # 优先级,备服务器设置 90
advert_int 1 # 指定VRRP 心跳包通告间隔时间,默认1秒
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.50.100/24
}
track_script {
check_nginx
}
}//注意:lb02是Backup配置如下:
! Configuration File for keepalived
global_defs {
# 接收邮件地址
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
# 邮件发送地址
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id NGINX_MASTER
}
vrrp_script check_nginx {
script "/etc/nginx/check_nginx.sh"
}
vrrp_instance VI_1 {
state BACKUP
interface ens33
virtual_router_id 51 # VRRP 路由 ID实例,每个实例是唯一的
priority 90 # 优先级,备服务器设置 90
advert_int 1 # 指定VRRP 心跳包通告间隔时间,默认1秒
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.195.100/24
}
track_script {
check_nginx
}
}
11、创建keepalived服务监测脚本
vim /etc/nginx/check_nginx.sh
#!/bin/bash
count=$(ps -ef |grep nginx |egrep -cv "grep|$$")
if [ "$count" -eq 0 ];then
systemctl stop keepalived
fi
为脚本添加可执行权限并启动keepalived
chmod +x /etc/nginx/check_nginx.sh
systemctl start keepalived
到此,k8s高可用群集部署完成
版权声明:本文为u014042047原创文章,遵循CC 4.0 BY-SA版权协议,转载请附上原文出处链接和本声明。