Keepalived+HAProxy实现K8S高可用集群-20240927

timeout client 50000

timeout server 50000

timeout http-request 15s

timeout http-keep-alive 15s

frontend monitor-in

bind *:33305

mode http

option httplog

monitor-uri /monitor

listen stats

bind *:8006

mode http

stats enable

stats hide-version

stats uri /stats

stats refresh 30s

stats realm Haproxy\ Statistics

stats auth admin:admin

frontend k8s-master

bind 0.0.0.0:16443

bind 127.0.0.1:16443

mode tcp

option tcplog

tcp-request inspect-delay 5s

default_backend k8s-master

backend k8s-master

mode tcp

option tcplog

option tcp-check

balance roundrobin

default-server inter 10s downinter 5s rise 2 fall 2 slowstart 60s maxconn 250 maxqueue 256 weight 100

server k8s-master01 192.168.10.4:6443 check

server k8s-master02 192.168.10.5:6443 check

server k8s-master03 192.168.10.6:6443 check

  • master01节点修改keepalived配置文件

vim /etc/keepalived/keepalived.conf

! Configuration File for keepalived

global_defs {

router_id LVS_DEVEL

}

vrrp_script chk_apiserver {

script “/etc/keepalived/check_apiserver.sh”

interval 2

weight -5

fall 3

rise 2

}

vrrp_instance VI_1 {

state MASTER

interface eth0

mcast_src_ip 192.168.10.4

virtual_router_id 51

priority 100

advert_int 2

authentication {

auth_type PASS

auth_pass K8SHA_KA_AUTH

}

virtual_ipaddress {

192.168.10.150/24

}

track_script {

chk_apiserver

}

  • master02节点修改keepalived配置文件

vim /etc/keepalived/keepalived.conf

! Configuration File for keepalived

global_defs {

router_id LVS_DEVEL

}

vrrp_script chk_apiserver {

script “/etc/keepalived/check_apiserver.sh”

interval 2

weight -5

fall 3

rise 2

}

vrrp_instance VI_1 {

state BACKUP

interface eth0

mcast_src_ip 192.168.10.5

virtual_router_id 51

priority 50

advert_int 2

authentication {

auth_type PASS

auth_pass K8SHA_KA_AUTH

}

virtual_ipaddress {

192.168.10.150/24

}

track_script {

chk_apiserver

}

}

  • master03节点修改keepalived配置文件

vim /etc/keepalived/keepalived.conf

! Configuration File for keepalived

global_defs {

router_id LVS_DEVEL

}

vrrp_script chk_apiserver {

script “/etc/keepalived/check_apiserver.sh”

interval 2

weight -5

fall 3

rise 2

}

vrrp_instance VI_1 {

state BACKUP

interface eth0

mcast_src_ip 192.168.10.6

virtual_router_id 51

priority 50

advert_int 2

authentication {

auth_type PASS

auth_pass K8SHA_KA_AUTH

}

virtual_ipaddress {

192.168.10.150/24

}

track_script {

chk_apiserver

}

}

  • 所有节点创建健康检查脚本

vim /etc/keepalived/check_apiserver.sh

#!/bin/bash

err=0

for k in $(seq 1 5)

do

check_code=$(pgrep haproxy)

if [[ $check_code == “” ]]; then

err=$(expr $err + 1)

sleep 5

continue

else

err=0

break

fi

done

if [[ $err != “0” ]]; then

echo “systemctl stop keepalived”

/usr/bin/systemctl stop keepalived

exit 1

else

exit 0

fi

  • 启动haproxy与keepalived服务

systemctl daemon-reload

systemctl enable --now haproxy

systemctl enable --now keepalived

  • 可以用ping和telnet命令测试一下vip的可用性

ping 192.168.10.150

PING 192.168.10.150 (192.168.10.150) 56(84) bytes of data.

64 bytes from 192.168.10.150: icmp_seq=1 ttl=64 time=1.60 ms

64 bytes from 192.168.10.150: icmp_seq=2 ttl=64 time=0.519 ms

64 bytes from 192.168.10.150: icmp_seq=3 ttl=64 time=0.874 ms

64 bytes from 192.168.10.150: icmp_seq=4 ttl=64 time=0.786 ms

^C

— 192.168.10.150 ping statistics —

4 packets transmitted, 4 received, 0% packet loss, time 3009ms

rtt min/avg/max/mdev = 0.519/0.946/1.606/0.403 ms

telnet 192.168.10.150 16443

Trying 192.168.10.150…

Connected to 192.168.10.150.

Escape character is ‘^]’.

Connection closed by foreign host.

评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值