Kubernetes Containerd 版生产可用集群之-《二、安装haproxy,keepalived》

安裝haproxy, keealived

Master:  kube-master115,  kube-master116 两台机安装 haproxy,keepalived 作为api-server 入口

Node:    kube-node118, kube-node119 两台机安装 keepalived, 作为 edge 入口

一、Master安装配置 haproxy, keepalived

# yum -y install haproxy keepalived

1、配置 haproxy

7443端口 映射  master api-server  服务端口 6443

#  vi /etc/haproxy/haproxy.cfg
global
        maxconn 64000
        chroot  /usr/share/haproxy
        uid 99
        gid 99
        daemon
        nbproc  5
        tune.ssl.default-dh-param 2048
        stats bind-process 1
        stats socket /var/run/haproxy.stats level admin
defaults
        log     global
        log 127.0.0.1 local0
        mode    http
        option  dontlognull
        retries 3
        option  redispatch
        option  httpclose
        balance roundrobin
        #balance leastconn
        #option  forwardfor
        #option  forwardfor if-none

        maxconn 64000
        timeout http-request 5s
        timeout connect 5000
        timeout client  10000
        timeout server  30000
listen  monitor_stat :8088
        stats   uri /ihaproxy-stats
        stats   realm Haproxy Statistics
        stats   auth ha_house:ZW5dmKRTObmOuA1nnS5U
        stats   hide-version
        bind-process    1


#############################kube-apiserver###
# newk8s
frontend ctm-k8s
    mode tcp
    log global
    option tcplog
    bind *:7443
    default_backend       ctm-k8s-apiserver

backend ctm-k8s-apiserver
    balance source
    mode    tcp
    option  tcplog
    server  kube-master115 192.168.5.115:6443 check fall 3 rise 2
    server  kube-master116 192.168.5.116:6443 check fall 3 rise 2
    server  kube-master117 192.168.5.117:6443 check fall 3 rise 2 

2、配置 keepalived

 kube-master115, kube-master116 新增 VIP地址： 192.168.5.114 作为高可用IP

#  vi /etc/keeaplived/keepalived.conf
! Configuration File for keepalived
global_defs {
  notification_email {
    root@localhost
  }
#  notification_email_from keepalived@localhost
#  smtp_server 127.0.0.1
#  smtp_connect_timeout 30
  router_id haproxy1
}
 
vrrp_script chk_haproxy {                                   #HAproxy 服务监控脚本
  script "/data/keepalived/check_haproxy.sh"
  interval 2
  weight 2
}
vrrp_instance VI_1 {
  state MASTER
  interface eno16777736
  virtual_router_id 1
  priority 100
  advert_int 1
  authentication {
    auth_type PASS
    auth_pass 1111
  }
  track_script {
    chk_haproxy
  }
  virtual_ipaddress {
    192.168.5.114/24
  }
}

2.1、配置haproxy检查脚本

发现haproxy服务异常，停止 keepalived服务

# cat /data/keepalived/check_haproxy.sh
 
#!/bin/bash
 
A=`ps -C haproxy --no-header | wc -l`
 
if [ $A -eq 0 ];then
 
  systemctl start haproxy.service
 
  sleep 3
 
  if [ `ps -C haproxy --no-header | wc -l ` -eq 0 ];then
 
    systemctl stop keepalived.service
 
  fi
 
fi

二、 Node节点安装 keepalived

Node:    kube-node118, kube-node119 两台机安装 keepalived, 作为 edge 入口

VIP:  192.168.5.110

# yum -y install  keepalived

1、配置 keepalived

注意 以下两个参数不能跟上面的配置相同

router_id haproxy2

virtual_router_id 2

#  vi /etc/keeaplived/keepalived.conf

! Configuration File for keepalived
global_defs {
  notification_email {
    root@localhost
  }
#  notification_email_from keepalived@localhost
#  smtp_server 127.0.0.1
#  smtp_connect_timeout 30
  router_id haproxy2
}

vrrp_instance VI_1 {
  state MASTER

# 另外一台机设置 BACKUP

  interface eno16777736
  virtual_router_id 2
  priority 100
  advert_int 1
  authentication {
    auth_type PASS
    auth_pass 1111
  }
  track_script {
    chk_haproxy
  }
  virtual_ipaddress {
    192.168.5.110/24
  }
}

三、开机启动服务

# systemctl  enable haproxy

# systemctl enable keepalived

# systemctl start haproxy
# systemctl start keepalived