一 環境說明:
需要單獨拿出三台機器安裝keep+haproxy,我這里為了方便,就和k8s一起共用了三台機器
master01 192.168.1.200
master02 192.168.1.210
master03 192.168.1.211
vip:192.168.1.222
1.1 安裝keepalived(3台都安裝)
yum install keepalived
1.2 編輯keepalived配置文件
global_defs {
script_user root
enable_script_security
}
vrrp_script chk_haproxy {
script "/bin/bash -c 'if [[ $(netstat -nlp | grep 9443) ]]; then exit 0; else exit 1; fi'" # haproxy 檢測
interval 2 # 每2秒執行一次檢測
weight 11 # 權重變化}
vrrp_instance VI_1 {interface eth0
state MASTER # backup節點設為BACKUP
virtual_router_id 51 # id設為相同,表示是同一個虛擬路由組
priority 100 #初始權重
nopreempt #可搶占
unicast_peer {}
virtual_ipaddress {
192.168.1.222 #vip
}
authentication {
auth_type PASS
auth_pass password
}
track_script {
chk_haproxy
}
notify "/container/service/keepalived/assets/notify.sh"}
二 安裝haproxy(3台都安裝)
2.1編輯haproxy配置文件(三台機器配置一樣)
global
log 127.0.0.1 local2
chroot /var/lib/haproxy
pidfile /var/run/haproxy.pid
maxconn 4000
user haproxy
group haproxy
daemon
# turn on stats unix socket
stats socket /var/lib/haproxy/stats
defaults
mode tcp #支持https
log global
option httplog
option dontlognull
option http-server-close
option forwardfor except 127.0.0.0/8
option redispatch
retries 3
timeout http-request 10s
timeout queue 1m
timeout connect 10s
timeout client 1m
timeout server 1m
timeout http-keep-alive 10s
timeout check 10s
maxconn 3000
#use_backend static if url_static
#default_backend app
listen stats #網頁形式
mode http
bind *:9443
stats uri /admin/stats
monitor-uri /monitoruri
frontend showDoc
bind *:8000
use_backend app #必須和下面的名稱一致
backend app
balance roundrobin
server app1 192.168.1.210:6443 check
server app2 192.168.1.211:6443 check
server app3 192.168.1.200:6443 check
三網頁訪問
vip+9443
四 安裝k8s
省略,在加入集群的時候,ip地址是vip+8000
五 測試
在/root/.kube/config 這個文件里可以改成haproxy的ip和端口看是否可以正常查看,也可以改成vip測試一下
如圖所示:
然后在運行kubectl get nodes,如果可以正常訪問,代表是成功的
六 集群訪問流程
node節點---vip(keepalived)--master(根據haproxy負載選中指定的master)
