一,安装haproxy
source /root/env.sh
for master_ip in ${MASTER_IPS[@]}
do
echo -e "\033[31m>>> ${master_ip} \033[0m"
ssh root@${master_ip} "yum -y install haproxy"
done
#验证是否安装成功
source /root/env.sh
for master_ip in ${MASTER_IPS[@]}
do
echo -e "\033[31m>>> ${master_ip} \033[0m"
ssh root@${master_ip} "rpm -q haproxy"
done
二,修改haproxy配置
cat > haproxy.cfg << EOF
global
log 127.0.0.1 local2
chroot /var/lib/haproxy
pidfile /var/run/haproxy.pid
maxconn 4000
user haproxy
group haproxy
daemon
# turn on stats unix socket
stats socket /var/lib/haproxy/stats
defaults
mode tcp # 修改默认为四层代理
log global
option httplog
option dontlognull
option http-server-close
option forwardfor except 127.0.0.0/8
option redispatch
retries 3
timeout http-request 10s
timeout queue 1m
timeout connect 10s
timeout client 1m
timeout server 1m
timeout http-keep-alive 10s
timeout check 10s
maxconn 3000
frontend main 172.27.128.200:6443
acl url_static path_beg -i /static /images /javascript /stylesheets
acl url_static path_end -i .jpg .gif .png .css .js
default_backend k8s-master
backend k8s-master
mode tcp # 修改为tcp
balance roundrobin
server k8s-master01 172.27.128.11:6443 check # 三个master主机
server k8s-master02 172.27.128.12:6443 check
server k8s-master03 172.27.128.13:6443 check
EOF
三,分发haproxy.cfg
source /root/env.sh
for master_ip in ${MASTER_IPS[@]}
do
echo -e "\033[31m>>> ${master_ip} \033[0m"
scp haproxy.cfg root@${master_ip}:/etc/haproxy/haproxy.cfg
done
#验证是否分发成功
source /root/env.sh
for master_ip in ${MASTER_IPS[@]}
do
echo -e "\033[31m>>> ${master_ip} \033[0m"
ssh root@${master_ip} "ls -ld /etc/haproxy/haproxy.cfg"
done
四,启动haproxy
source /root/env.sh
for master_ip in ${MASTER_IPS[@]}
do
echo -e "\033[31m>>> ${master_ip} \033[0m"
ssh root@${master_ip} "systemctl restart haproxy && systemctl enable haproxy"
done
五,验证haproxy是否启动成功
source /root/env.sh
for master_ip in ${MASTER_IPS[@]}
do
echo -e "\033[31m>>> ${master_ip} \033[0m"
ssh root@${master_ip} "systemctl status haproxy | grep Active"
done
#验证端口
source /root/env.sh
for master_ip in ${MASTER_IPS[@]}
do
echo -e "\033[31m>>> ${master_ip} \033[0m"
ssh root@${master_ip} "netstat -lntp | grep haproxy"
done
输出:tcp 0 0 172.27.128.200:6443 0.0.0.0:* LISTEN 22963/haproxy
确保状态为 active (running)
,否则查看日志,确认原因
journalctl -u haproxy
六,验证虚拟ip是否能ping
source /root/env.sh
for master_ip in ${MASTER_IPS[@]}
do
echo -e "\033[31m>>> ${master_ip} \033[0m"
ssh root@${master_ip} "ip addr show ${VIP_IF}"
ssh ${master_ip} "ping -c 1 ${MASTER_VIP}"
done