# 安装
yum install haproxy keepalived -y
# 配置 haproxy(master1,2配置相同)
# 修改配置文件
vi /etc/haproxy/haproxy.cfg
global
log 127.0.0.1 local2
chroot /var/lib/haproxy
pidfile /var/run/haproxy.pid
maxconn 4000
user haproxy
group haproxy
daemon
# turn on stats unix socket
stats socket /var/lib/haproxy/stats
# 开启web页面
listen admin_status
bind *:8000
mode http
stats uri /status
# 配置tcp转发
frontend main *:16443
mode tcp
default_backend k8s
# 配置后端端口
backend k8s
balance roundrobin
mode tcp
server k8smaster01 192.168.241.191:6443 check
server k8smaster02 192.168.241.192:6443 check
# 启动haproxy
systemctl start haproxy && systemctl enable haproxy
# 配置keepalived
vi /etc/keepalived/keepalived.conf
# 配置邮箱服务器
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id LVS_DEVEL_bak
vrrp_skip_check_adv_addr
vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
}
# 配置监控检查脚本
# 用来做健康检查的,当时检查失败时会将 vrrp_instance 的 priority 减少相应的值。
vrrp_script check_haproxy {
# 根据进程名称检测进程是否存活
script "killall -0 haproxy"
#【每个3秒检查一次;】
interval 3
# 【检测失败则权重-2;成功将不执行;
# 可使用rpm -ql keepalived查询是否有样例文件可参看;】
weight -2
# 连续失败10次
fall 10
# 最少成功2次
rise 2
}
# 配置虚拟ip
vrrp_instance VI_1 {
state MASTER
interface ens33
virtual_router_id 51
# 优先级高抢占虚拟IP,两台服务器优先级要不一致
priority 99
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.241.190
}
# 检测脚本
track_script {
check_haproxy
}
}
# 启动
systemctl start keepalived && systemctl status keepalived