参考《附003.Kubeadm部署Kubernetes》。
参考《附003.Kubeadm部署Kubernetes》。
本方案采用kubeadm部署Kubernetes 1.18.3版本;
etcd采用混部方式;
KeepAlived:实现VIP高可用;
HAProxy:以系统systemd形式运行,提供反向代理至3个master 6443端口;
其他主要部署组件包括:
Metrics:度量;
Dashboard:Kubernetes 图形UI界面;
Helm:Kubernetes Helm包管理工具;
Ingress:Kubernetes 服务暴露;
Longhorn:Kubernetes 动态存储组件。
部署规划 节点规划 节点主机名 IP 类型 运行服务master01 172.24.8.71 Kubernetes master节点 docker、etcd、kube-apiserver、kube-scheduler、kube-controller-manager、
kubectl、kubelet、metrics、calico、HAProxy、KeepAlived
master02 172.24.8.72 Kubernetes master节点 docker、etcd、kube-apiserver、kube-scheduler、kube-controller-manager、
kubectl、kubelet、metrics、calico、HAProxy、KeepAlived
master03 172.24.8.73 Kubernetes master节点 docker、etcd、kube-apiserver、kube-scheduler、kube-controller-manager、
kubectl、kubelet、metrics、calico、HAProxy、KeepAlived
worker01 172.24.8.74 Kubernetes node节点1 docker、kubelet、proxy、calico
worker02 172.24.8.75 Kubernetes node节点2 docker、kubelet、proxy、calico
worker03 172.24.8.76 Kubernetes node节点3 docker、kubelet、proxy、calico
VIP 172.24.8.100
Kubernetes的高可用主要指的是控制平面的高可用,即指多套Master节点组件和Etcd组件,工作节点通过负载均衡连接到各Master。
Kubernetes高可用架构中etcd与Master节点组件混布方式特点:
所需机器资源少
部署简单,利于管理
容易进行横向扩展
风险大,一台宿主机挂了,master和etcd就都少了一套,集群冗余度受到的影响比较大。
提示:本实验使用高可用架构一实现Kubernetes的高可用。
[root@master01 ~]# vi k8sinit.sh
# Initialize the machine. This needs to be executed on every machine. # Install docker useradd -m docker yum -y install yum-utils device-mapper-persistent-data lvm2 yum-config-manager --add-repo yum -y install docker-ce mkdir /etc/docker cat > /etc/docker/daemon.json <<EOF { "registry-mirrors": ["https://dbzucv6w.mirror.aliyuncs.com"], "exec-opts": ["native.cgroupdriver=systemd"], "log-driver": "json-file", "log-opts": { "max-size": "100m" }, "storage-driver": "overlay2", "storage-opts": [ "overlay2.override_kernel_check=true" ] } EOF systemctl restart docker systemctl enable docker systemctl status docker # Disable the SELinux. sed -i 's/^SELINUX=.*/SELINUX=disabled/' /etc/selinux/config # Turn off and disable the firewalld. systemctl stop firewalld systemctl disable firewalld # Modify related kernel parameters & Disable the swap. cat > /etc/sysctl.d/k8s.conf << EOF net.ipv4.ip_forward = 1 net.bridge.bridge-nf-call-ip6tables = 1 net.bridge.bridge-nf-call-iptables = 1 net.ipv4.tcp_tw_recycle = 0 vm.swappiness = 0 vm.overcommit_memory = 1 vm.panic_on_oom = 0 net.ipv6.conf.all.disable_ipv6 = 1 EOF sysctl -p /etc/sysctl.d/k8s.conf >&/dev/null swapoff -a sed -i '/ swap / s/^\(.*\)$/#\1/g' /etc/fstab modprobe br_netfilter # Add ipvs modules cat > /etc/sysconfig/modules/ipvs.modules <<EOF #!/bin/bash modprobe -- ip_vs modprobe -- ip_vs_rr modprobe -- ip_vs_wrr modprobe -- ip_vs_sh modprobe -- nf_conntrack_ipv4 modprobe -- nf_conntrack EOF chmod 755 /etc/sysconfig/modules/ipvs.modules bash /etc/sysconfig/modules/ipvs.modules # Install rpm yum install -y conntrack ntpdate ntp ipvsadm ipset jq iptables curl sysstat libseccomp wget # Update kernel rpm --import :8888/RPM-GPG-KEY-elrepo.org rpm -Uvh :8888/elrepo-release-7.0-4.el7.elrepo.noarch.rpm yum --disablerepo="*" --enablerepo="elrepo-kernel" install -y kernel-ml sed -i 's/^GRUB_DEFAULT=.*/GRUB_DEFAULT=0/' /etc/default/grub grub2-mkconfig -o /boot/grub2/grub.cfg yum update -y # Reboot the machine. # reboot