Kubernetes 一直没有自己的高可用方案,从yum安装1.5.2开始到使用阿里云自带的Kubernetes集群,一直没有自己手动安装配置过这个高可用方案,在过年前终于自己安装配置了一次,也是参考各路大神的文章,现在年过完了,准备把安装过程记录下来,我的安装会比较特殊,仅供各位参考:
1. 192.168.1.40 简写服务器a etcd master keeplived haproxy
2. 192.168.1.41 简写服务器b etcd master keeplived haproxy
3. 192.168.1.42 简写服务器c etcd master keeplived haproxy
VIP 192.168.1.43
操作系统最小化安装centos 7.3
1.修改主机名
hostnamectl set-hostname host40
hostnamectl set-hostname host41
hostnamectl set-hostname host42复制代码2.关闭防火墙和selinux
systemctl stop firewalld
systemctl disable firewalld
sed -i 's/enforcing/disabled/g' /etc/selinux/config
setenforce 0复制代码3.安装基础软件
yum -y install keepalived haproxy psmisc复制代码4.配置haproxy
三台机器启动haproxy ,监听8443端口代理最后的api-service,10080端口作为haproxy状态监控
cat>/etc/haproxy/haproxy.cfg<log /dev/log local0
log /dev/log local1 notice
chroot /var/lib/haproxy
stats socket /tmp/admin.sock mode 660 level admin
stats timeout 30s
user haproxy
group haproxy
daemon
nbproc 1
defaults
log global
timeout connect 5000
timeout client 10m
timeout server 10m
listen admin_stats
bind 0.0.0.0:10080
mode http
log 127.0.0.1 local0 err
stats refresh 30s
stats uri /status
stats realm welcome login\ Haproxy
stats auth admin:123456
stats hide-version
stats admin if TRUE
listen kube-master
bind 0.0.0.0:8443
mode tcp
option tcplog
balance source
server 192.168.1.40 192.168.1.40:6443 check inter 2000 fall 2 rise 2 weight 1
server 192.168.1.41 192.168.1.41:6443 check inter 2000 fall 2 rise 2 weight 1
server 192.168.1.42 192.168.1.42:6443 check inter 2000 fall 2 rise 2 weight 1
EOF
复制代码
启动haproxy,如果有错误,请根据错误提示解决(我在处理的时候因为sock文件地址权限的问题遇到过错误,所以我这里把他切换到tmp目录,避免权限问题)
systemctl daemon-reload
systemctl enable haproxy
systemctl restart haproxy
systemctl status haproxy复制代码5.配置keepalived
5.1配置服务器a keepalived
cat > /etc/haproxy/haproxy.cfg <"killall -0 haproxy"
interval 5
weight -30
}
vrrp_instance VI-kube-master {
state MASTER
priority 150
nopreempt
dont_track_primary
interface eth0
virtual_router_id 68
advert_int 3
track_script {
check-haproxy
}
virtual_ipaddress {
192.168.1.43/24 dev eth0 label eth0:1
}
}
EOF
复制代码 5.2 配置服务器b keepalived
cat > /etc/keepalived/keepalived.conf <"killall -0 haproxy"
interval 5
weight -30
}
vrrp_instance VI-kube-master {
state BACKUP
priority 100
nopreempt
dont_track_primary
interface eth0
virtual_router_id 68
advert_int 3
track_script {
check-haproxy
}
virtual_ipaddress {
192.168.1.43/24 dev eth0 label eth0:1
}
}
EOF
复制代码 5.3 配置服务器c keepalived
cat > /etc/keepalived/keepalived.conf <"killall -0 haproxy"
interval 5
weight -30
}
vrrp_instance VI-kube-master {
state BACKUP
priority 50
nopreempt
dont_track_primary
interface eth0
virtual_router_id 68
advert_int 3
track_script {
check-haproxy
}
virtual_ipaddress {
192.168.1.43/24 dev eth0 label eth0:1
}
}
EOF
复制代码 6.启动keepalived
systemctl daemon-reload
systemctl enable keepalived
systemctl restart keepalived
systemctl status keepalived
复制代码以上配置实现服务器 vip 默认在a服务器,如果a宕机则vip到b服务器,如果ab 都宕机 则vip到c服务器
但是这样设置有一个问题就是a服务器宕机恢复以后,会抢回VIP
如果把abc服务器都设置BACKUP 则第一次启动都不会获得VIP
你们可以把你们的发我参考下 实现第一次启动会获得VIP 切换以后也不会漂移回去的配置
首先完成ha的配置因为后面的配置需要调用vip的地址