(三)Kubernetes/K8s高可用架構(gòu)

(三)Kubernetes/K8s 高可用架構(gòu)
高可用架構(gòu) 采用多master+多l(xiāng)b+keepalive的方案實(shí)現(xiàn)(注意其中l(wèi)b的ip 地址的證書)
1,多master安裝
將原master 1 部署文件拷貝到新master,修改bind 地址 啟動(dòng) 注意 由于需要連接etcd 需要拷貝etcd 的證書

讓客戶滿意是我們工作的目標(biāo),不斷超越客戶的期望值來自于我們對(duì)這個(gè)行業(yè)的熱愛。我們立志把好的技術(shù)通過有效、簡(jiǎn)單的方式提供給客戶,將通過不懈努力成為客戶在信息化領(lǐng)域值得信任、有價(jià)值的長(zhǎng)期合作伙伴,公司提供的服務(wù)項(xiàng)目有:空間域名、虛擬空間、營銷軟件、網(wǎng)站建設(shè)、順昌網(wǎng)站維護(hù)、網(wǎng)站推廣。

scp –r /opt/kubernetes root@192.168.0.102:/opt
scp –r /opt/etcd/ssl root@192.168.0.102:/opt/etcd
scp /usr/lib/systemd/system/{kube-apiserver,kube-controller-manager,kube-scheduler}.service root@192.168.31.64:/usr/lib/systemd/system
##修改apiserver配置文件為本地IP
vim  /opt/kubernetes/cfg/kube-apiserver.conf
--bind-address=192.168.0.102 \
--secure-port=6443 \
--advertise-address=192.168.0.102 \
#啟動(dòng)
for i in $(ls /opt/kubernetes/bin/);do systemctl start $i;systemctl enable $i; done

lb部署
lb--nginx-mater

#安裝Nginx+Keepalived
rpm -ivh http://nginx.org/packages/rhel/7/x86_64/RPMS/nginx-1.16.0-1.el7.ngx.x86_64.rpm
vim /etc/nginx/nginx.conf 
##注意添加的配置文件的位置 特別是需要inclued 插入放于events  和http 之間
stream {

    log_format  main  '$remote_addr $upstream_addr - [$time_local] $status $upstream_bytes_sent';

    access_log  /var/log/nginx/k8s-access.log  main;   ## 安裝好 之后不需要 可以關(guān)閉 日志量比較大

    upstream k8s-apiserver {
                server 192.168.0.101:6443;    ## 后端安裝master 地址
                server 192.168.0.102:6443;
            }

    server {
       listen 6443;
       proxy_pass k8s-apiserver;
    }
}

keepalived 高可用

yum install keepalived
vi /etc/keepalived/keepalived.conf
global_defs { 
   notification_email { 
     acassen@firewall.loc 
     failover@firewall.loc 
     sysadmin@firewall.loc 
   } 
   notification_email_from Alexandre.Cassen@firewall.loc  
   smtp_server 127.0.0.1 
   smtp_connect_timeout 30 
   router_id NGINX_MASTER
} 

vrrp_script check_nginx {
    script "/etc/keepalived/check_nginx.sh"
        }

vrrp_instance VI_1 { 
    state MASTER 
    interface ens33  ## 自己機(jī)器網(wǎng)卡的名稱
    virtual_router_id 51 # VRRP 路由 ID實(shí)例,每個(gè)實(shí)例是唯一的 
    priority 100    # 優(yōu)先級(jí),備服務(wù)器設(shè)置 90 
    advert_int 1    # 指定VRRP 心跳包通告間隔時(shí)間,默認(rèn)1秒 
    authentication { 
        auth_type PASS      
        auth_pass 1111 
    }  
    virtual_ipaddress { 
        192.168.0.105/24    ## 虛擬vip地址
    } 
    track_script {
        check_nginx
    } 
}

判斷nginx 進(jìn)程腳本

#!/bin/bash
count=$(ps -ef |grep nginx |egrep -cv "grep|$$")

if [ "$count" -eq 0 ];then
    exit 1
else
    exit 0
fi
systemctl start keepalived
systemctl enable keepalived

lb-nginx-backup
nginx 安裝同上

yum install keepalived
vi /etc/keepalived/keepalived.conf
global_defs { 
   notification_email { 
     acassen@firewall.loc 
     failover@firewall.loc 
     sysadmin@firewall.loc 
   } 
   notification_email_from Alexandre.Cassen@firewall.loc  
   smtp_server 127.0.0.1 
   smtp_connect_timeout 30 
   router_id NGINX_BACKUP
} 

vrrp_script check_nginx {
    script "/etc/keepalived/check_nginx.sh"
}

vrrp_instance VI_1 { 
    state BACKUP      ##標(biāo)注角色
    interface ens33    ##自己網(wǎng)卡的名稱
    virtual_router_id 51 # VRRP 路由 ID實(shí)例,每個(gè)實(shí)例是唯一的 
    priority 90    # 優(yōu)先級(jí),備服務(wù)器設(shè)置 90 
    advert_int 1    # 指定VRRP 心跳包通告間隔時(shí)間,默認(rèn)1秒 
    authentication { 
        auth_type PASS      
        auth_pass 1111 
    }  
    virtual_ipaddress { 
        192.168.0.105/24
    } 
    track_script {
        check_nginx
    } 
}

# cat /etc/keepalived/check_nginx.sh 
#!/bin/bash
count=$(ps -ef |grep nginx |egrep -cv "grep|$$")

if [ "$count" -eq 0 ];then
    exit 1
else
    exit 0
fi

# systemctl start keepalived
# systemctl enable keepalived

測(cè)試

##在lb master節(jié)點(diǎn)
ip addr show  ## 查看vip 是否綁定到了網(wǎng)卡上面 關(guān)閉nginx 查看vip 是否能漂移到backup 上面

修改所有node apiserver地址填寫為vip

cd /opt/kubernetes/cfg
grep 192 *
bootstrap.kubeconfig:    server: https://192.168.31.63:6443
kubelet.kubeconfig:    server: https://192.168.31.636443
kube-proxy.kubeconfig:    server: https://192.168.31.63:6443

#批量修改:
sed -i 's#192.168.0.63#192.168.0.105 *
 curl -k --header "Authorization: Bearer c47ffb939f5ca36231d9e3121a252940" https://192.168.31.60:6443/version
##此teken 是bootstarp 的token

標(biāo)題名稱:(三)Kubernetes/K8s高可用架構(gòu)
新聞來源:http://bm7419.com/article40/gejeeo.html

成都網(wǎng)站建設(shè)公司_創(chuàng)新互聯(lián),為您提供響應(yīng)式網(wǎng)站、外貿(mào)網(wǎng)站建設(shè)動(dòng)態(tài)網(wǎng)站、軟件開發(fā)網(wǎng)站導(dǎo)航、小程序開發(fā)

廣告

聲明:本網(wǎng)站發(fā)布的內(nèi)容(圖片、視頻和文字)以用戶投稿、用戶轉(zhuǎn)載內(nèi)容為主,如果涉及侵權(quán)請(qǐng)盡快告知,我們將會(huì)在第一時(shí)間刪除。文章觀點(diǎn)不代表本網(wǎng)站立場(chǎng),如需處理請(qǐng)聯(lián)系客服。電話:028-86922220;郵箱:631063699@qq.com。內(nèi)容未經(jīng)允許不得轉(zhuǎn)載,或轉(zhuǎn)載時(shí)需注明來源: 創(chuàng)新互聯(lián)

成都定制網(wǎng)站建設(shè)