Kubernetes部署通用手册 (支持版本1.19,1.18,1.17,1.16) (14)

访问集群中部署的Nginx,打开浏览器输入::38696

Kubernets Apiserver HA SLB 准备环境 内网ip 角色 安装软件 主机名
192.168.0.10   master01   etcd,kube-apiserver,kube-controller-manager,kube-scheduler   8bettest518  
192.168.0.12   master02   etcd,kube-apiserver,kube-controller-manager,kube-scheduler   8bettest519  
192.168.0.7   node01   docker,kubelet,kube-proxy,flannel   8bettest520  
192.168.0.8   node02   docker,kubelet,kube-proxy,flannel   8bettest521  
192.168.0.4   slb master   etcd,keeaplived,nginx   8bettest522  
192.168.0.9   slb backup   keeaplived,nginx   8bettest523  
192.168.0.200   keepalived上的VIP      

我们使用两台机器,当前是使用nginx+keepalived软件进行apiserver 6443接口的负载均衡,实现apiserver高可用。

部署nginx和keepalived

这里我们采用Nginx作为负载均衡软件,现在流量大的apiserver 也可以采用haproxy 作为负载均衡软件,也可以使用。

nginx 配置 yum install -y nginx k8s-lb01,k8s-lb02都要安装 centos7要是没有nginx源,添加nginx的源 cat > /etc/yum.repos.d/nginx.repo << EOF [nginx] name=nginx repo baseurl=http://nginx.org/packages/centos/7/\$basearch/ gpgcheck=0 EOF

nginx 主配置文件

[root@k8s-lb02 nginx]# egrep -v '#|^$' /etc/nginx/nginx.conf user nginx; worker_processes auto; error_log /var/log/nginx/error.log; pid /run/nginx.pid; include /usr/share/nginx/modules/*.conf; events { worker_connections 1024; } stream { log_format main '$remote_addr $upstream_addr - [$time_local] $status $upstream_bytes_sent'; access_log /var/log/nginx/k8s-access.log main; upstream k8s-apiserver { server 192.168.0.10:6443; server 192.168.0.12:6443; } server { listen 6443; proxy_pass k8s-apiserver; } } http { log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; access_log /var/log/nginx/access.log main; sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 65; types_hash_max_size 2048; include /etc/nginx/mime.types; default_type application/octet-stream; include /etc/nginx/conf.d/*.conf; server { listen 80 default_server; listen [::]:80 default_server; server_name _; root /usr/share/nginx/html; include /etc/nginx/default.d/*.conf; location / { } error_page 404 /404.html; location = /40x.html { } error_page 500 502 503 504 /50x.html; location = /50x.html { } } }

# 两台nginx的配置文件一样

[root@k8s-lb01 nginx]# nginx -t nginx: the configuration file /etc/nginx/nginx.conf syntax is ok nginx: configuration file /etc/nginx/nginx.conf test is successful [root@k8s-lb01 nginx]# systemctl start nginx Keepalived配置

安装keepalived

yum install -y keepalived

主keepalived.conf

[root@k8s-lb01 ~]# cat /etc/keepalived/keepalived.conf ! Configuration File for keepalived global_defs { notification_email { acassen@firewall.loc failover@firewall.loc sysadmin@firewall.loc } notification_email_from Alexandre.Cassen@firewall.loc smtp_server 127.0.0.1 smtp_connect_timeout 30 router_id NGINX_MASTER } vrrp_script check_nginx { script "/etc/nginx/check_nginx.sh" } vrrp_instance VI_1 { state MASTER interface eth0 # 网卡名 virtual_router_id 51 # VRRP 路由 ID实例,每个实例是唯一的 priority 100 # 优先级,备服务器设置 90 advert_int 1 # 指定VRRP 心跳包通告间隔时间,默认1秒 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 192.168.0.200/24 # vip地址 } track_script { check_nginx # 监控脚本 } }

从keepalived.conf

[root@k8s-lb02 nginx]# cat /etc/keepalived/keepalived.conf ! Configuration File for keepalived global_defs { notification_email { acassen@firewall.loc failover@firewall.loc sysadmin@firewall.loc } notification_email_from Alexandre.Cassen@firewall.loc smtp_server 127.0.0.1 smtp_connect_timeout 30 router_id NGINX_MASTER } vrrp_script check_nginx { script "/etc/nginx/check_nginx.sh" } vrrp_instance VI_1 { state BACKUP interface eth0 # 网卡名 virtual_router_id 51 # VRRP 路由 ID实例,每个实例是唯一的 priority 90 # 优先级,备服务器设置 90 advert_int 1 # 指定VRRP 心跳包通告间隔时间,默认1秒 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 192.168.0.200/24 # vip地址 } track_script { check_nginx # 监控脚本 } }

编写check_nginx.sh

#!/bin/bash count=$(ps -ef |grep nginx |egrep -cv "grep|$$") if [ "$count" -eq 0 ];then systemctl stop keepalived fi

内容版权声明:除非注明,否则皆为本站原创文章。

转载注明出处:https://www.heiqu.com/wppjyp.html