• 使用keepalived实现kubenetes apiserver高可用

    # 安装 nginx
yum install nginx -y

# 配置nginx4层代理
/etc/nginx/nginx.conf

stream {
    upstream kube-apiserver {
        server 10.4.7.21:6443     max_fails=3 fail_timeout=30s;
        server 10.4.7.22:6443     max_fails=3 fail_timeout=30s;
    }
    server {
        listen 7443;
        proxy_connect_timeout 2s;
        proxy_timeout 900s;
        proxy_pass kube-apiserver;
    }
}
    架构描述: 
通过nginx进行4层代理转发apiserver请求,keepalived做高可用;

keepalived 主+nginx+端口检测脚本   10.4.7.11 
keepalived 从+nginx+端口检测脚本   10.4.7.12
    keepalived VIP   虚拟IP

      

    # 安装keepalived 
yum install keepalived -y
systemctl start keepalived
systemctl enable keepalived

# 配置 7443监听脚本
/etc/keepalived/check_port.sh
#!/bin/bash
#keepalived 监控端口脚本
CHK_PORT=$1
if [ -n "$CHK_PORT" ];then
        PORT_PROCESS=`ss -lnt|grep $CHK_PORT|wc -l`
        if [ $PORT_PROCESS -eq 0 ];then
                echo "Port $CHK_PORT Is Not Used,End."
                exit 1
        fi
else
        echo "Check Port Cant Be Empty!"
fi

# 给端口监听脚本授予执行权限
# chmod +x /etc/keepalived/check_port.sh

# keepalived 主配置文件

cat /etc/keepalived/keepalived.conf


! Configuration File for keepalived

global_defs {
   router_id 10.4.7.11

}

vrrp_script chk_nginx {
    script "/etc/keepalived/check_port.sh 7443"
    interval 2
    weight -20
}

vrrp_instance VI_1 {
    state MASTER
    interface eth0
    virtual_router_id 251
    priority 100
    advert_int 1
    mcast_src_ip 10.4.7.11
    nopreempt

    authentication {
        auth_type PASS
        auth_pass 11111111
    }
    track_script {
         chk_nginx
    }
    virtual_ipaddress {
        10.4.7.10
    }
}
    # keepalived从配置文件:
cat /etc/keepalived/keepalived.conf

! Configuration File for keepalived
global_defs {
    router_id 10.4.7.12
}
vrrp_script chk_nginx {
    script "/etc/keepalived/check_port.sh 7443"
    interval 2
    weight -20
}
vrrp_instance VI_1 {
    state BACKUP
    interface eth0
    virtual_router_id 251
    mcast_src_ip 10.4.7.12
    priority 90
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 11111111
    }
    track_script {
        chk_nginx
    }
    virtual_ipaddress {
        10.4.7.10
    }
}

     

    # 注意:VIP千万不能随便漂移
  • 相关阅读:
    Babel 7.x 和 Babel 8.x的区别
    JavaScript——Set 的用法
    DFS 和 BFS
    JavaScript——event事件详解
    Day17-18前端学习之路——Javascript事件
    Day17-18前端学习之路——常用语句资料库
    Day5前端学习之路——盒模型和浮动
    Day7前端学习之路——多栏布局
    如何在GitHub预览html
    新人上路请教一个输入字符的问题
  • 原文地址:https://www.cnblogs.com/ipyanthony/p/12017907.html
Copyright © 2020-2023  润新知