前文环境中完成k8s单master节点集群架构部署,两个node节点都已加入集群中,完成与master节点的通信。本文在前文基础下,再加入一个master节点,同时加入nginx负载均衡+keepalived高可用集群,前文链接地址:Kubernetes------二进制单master节点集群部署
一、K8S双master节点集群架构
二、资源分配
主机 | IP地址 | 所需组件 |
---|---|---|
master1 | 192.168.88.10 | kube-apiserver、kube-controller-manager、kube-scheduler、etcd |
node1 | 192.168.88.20 | kubelet、kube-proxy、docker-ce、flannel、etcd |
node2 | 192.168.88.30 | kubelet、kube-proxy、docker-ce、flannel、etcd |
master2 | 192.168.88.40 | kube-apiserver、kube-controller-manager、kube-schedule |
nginx1 | 192.168.88.50 | nginx、keepalived |
nginx2 | 192.168.88.60 | nginx、keepalived |
三、master2节点部署
所有节点修改主机名,关闭防护墙及系统安全防护机制,安全性功能,网络管理
#以master2节点为例
[root@localhost ~]# hostnamectl set-hostname master2
[root@localhost ~]# su -
上一次登录:五 10月 15 14:20:19 CST 2021从 192.168.88.1pts/1 上
[root@master2 ~]# systemctl stop firewalld.service
[root@master2 ~]# systemctl disable firewalld.service
Removed symlink /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
[root@master2 ~]# setenforce 0
[root@master2 ~]# sed -i "s/SELINUX=enforcing/SELINUX=disabled/g" /etc/selinux/config
[root@master2 ~]# systemctl stop NetworkManager
[root@master2 ~]# systemctl disable NetworkManager
Removed symlink /etc/systemd/system/multi-user.target.wants/NetworkManager.service.
Removed symlink /etc/systemd/system/dbus-org.freedesktop.NetworkManager.service.
Removed symlink /etc/systemd/system/dbus-org.freedesktop.nm-dispatcher.service.
把master1节点相关命令,证书,服务复制到master2节点
[root@master1 ~]# scp -r /opt/kubernetes/ root@192.168.88.40:/opt
[root@master1 ~]# scp /usr/lib/systemd/system/{kube-apiserver,kube-controller-manager,kube-scheduler}.service root@192.168.88.40:/usr/lib/systemd/system/
修改配置文件kube-apiserver
[root@master2 ~]# cd /opt/kubernetes/
[root@master2 /opt/kubernetes]# ls
bin cfg ssl
[root@master2 /opt/kubernetes]# cd cfg/
[root@master2 /opt/kubernetes/cfg]# ls
kube-apiserver kube-controller-manager kube-scheduler token.csv
[root@master2 /opt/kubernetes/cfg]# vim kube-apiserver
把master1节点etcd证书复制到master2节点
#新加入的m