多master集群架构图
时间必须同步、关闭防火墙、Firewalld、selinux
1、拷贝master01 中的kubernetes目录到master02上
[[email protected] ~]# scp -r /opt/kubernetes/ 192.168.1.16:/opt/
2、启动脚本
[[email protected] kubeconfig]# scp /usr/lib/systemd/system/{kube-apiserver,kube-controller-manager,kube-scheduler}.service 192.168.1.16:/usr/lib/systemd/system/
3、拷贝master01 中的etcd目录到master02上
[[email protected] ~]# scp -r /opt/etcd/ 192.168.1.16:/opt/
4、登录到master02(192.168.1.16)上修改IP配置信息
只需要修改vi /opt/kubernetes/cfg/kube-apiserver 更改为192.168.1.16
5、启动
systemctl start kube-apiserver
systemctl start kube-scheduler
systemctl start kube-controller-manager
systemctl enable kube-apiserver
systemctl enable kube-scheduler
systemctl enable kube-controller-manager
验证:
Load Balancer 安装nginx/keepalived
192.168.1.20
[[email protected] nginx]# vi /etc/yum.repos.d/nginx.repo
[nginx]
name=nginx repo
baseurl=http://nginx.org/packages/centos/7/$basearch/
gpgcheck=0
[[email protected] nginx]# yum install nginx -y
[[email protected] nginx]# yum install keepalived -y
192.168.1.26
[[email protected] nginx]# vi /etc/yum.repos.d/nginx.repo
[nginx]
name=nginx repo
baseurl=http://nginx.org/packages/centos/7/$basearch/
gpgcheck=0
[[email protected] nginx]# yum install nginx -y
[[email protected] nginx]# yum install keepalived -y
修改nginx配置文件
新增:
stream {
log_format main ‘$remote_addr $upstream_addr - [$time_local] $status $upstream_bytes_sent‘;
access_log /var/log/nginx/k8s-access.log main;
upstream k8s-apiserver {
server 192.168.1.13:6443;
server 192.168.1.16:6443;
}
server {
listen 6443;
proxy_pass k8s-apiserver;
}
}
vi /etc/keepalived/keepalived.conf
[[email protected] ~]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
#接收邮件地址
notification_email {
[email protected]
[email protected]
[email protected]
}
#邮件发送地址
notification_email_from [email protected]
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id NGINX_MASTER
}
vrrp_script check_nginx {
script "/etc/nginx/check_nginx.sh"
}
vrrp_instance VI_1 {
state MASTER
interface ens33 #根据自己的网卡名字更改
virtual_router_id 51 # VRRP 路由 ID实例,每个实例是唯一的
priority 100 # 优先级,备服务器设置 90,哪个高就是主
advert_int 1 # 指定VRRP 心跳包通告间隔时间,默认1秒
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.1.30/24
}
track_script {
check_nginx
}
}
[[email protected] ~]# vi /etc/nginx/check_nginx.sh
count=$(ps -ef |grep nginx |egrep -cv "grep|$$")
if [ "$count" -eq 0 ];then
systemctl stop keepalived
fi
实验:
2台机都启动 nginx、keepalived服务后,在主节点上会有一个vip(192.168.1.30)
192.168.1.20
echo ‘nginx master‘ > /usr/share/nginx/html/index.html
192.168.1.26
echo ‘nginx backup‘ > /usr/share/nginx/html/index.html
验证:
访问192.168.1.30 ---》nginx master
/etc/nginx/check_nginx.sh
当把主节点的nginx关闭,pkill nginx时,keepalived会每隔1秒检测check_nginx,会执行脚本/etc/nginx/check_nginx.sh,停止掉keepalived服务,这样vip会转移到backup上去,当当把主节点的nginx,keepalived开启,vip又会回到主节点上
原文地址:http://blog.51cto.com/jacksoner/2327314