k8s多master和负载均衡、web页面部署
一、部署单节点
systemctl stop firewalld
setenforce 0
部署master2
将master01上的kuberetes目录拷贝至master02上
scp -r /opt/kubernetes/ root@192.168.177.11:/opt
将master01上的三个组件启动脚本拷贝至master02上
scp /usr/lib/systemd/system/{kube-apiserver,kube-controller-manager,kube-scheduler}.service root@192.168.177.11:/usr/lib/systemd/system/
修改master02配置文件 kube-apiserver中的IP地址
cd /opt/kubernetes/cfg
vim kube-apiserver
KUBE_APISERVER_OPTS="--logtostderr=true \
--v=4 \
--etcd-servers=https://192.168.177.33:2379,https://192.168.177.8:2379,https://192.168.177.18:2379 \
--bind-address=192.168.177.11 \ #修改master2的IP地址
--secure-port=6443 \
--advertise-address=192.168.177.11 \ #修改master2的IP地址
拷贝master01上已有的etcd证书给master02使用
注意:master02一定要有etcd证书(不装etcd也需要etcd证书,因为master02也是要与etcd交互的)
scp -r /opt/etcd/ root@192.168.177.11:/opt
启动master02的三个组件服务
systemctl start kube-apiserver
systemctl enable kube-apiserver
systemctl status kube-apiserver
systemctl start kube-controller-manager
systemctl enable kube-controller-manager
systemctl status kube-controller-manager
systemctl start kube-scheduler
systemctl enable kube-scheduler
systemctl status kube-scheduler
增加环境变量
vim /etc/profile
#末尾添加
export PATH=$path:/opt/kubernetes/bin
source /etc/profile
查看master02是否可以检测到node节点
kubectl get node
注:这是时候的master02无法控制node节点,只能访问etcd。还需要再部署load balancer。
二、lvs(部署keepalived+nginx)
负载均衡部署
systemctl stop firewalld
setenforce 0
部署nginx
vim /etc/yum.repos.d/nginx.repo
[nginx]
name=nginx repo
baseurl=http://nginx.org/packages/centos/7/$basearch/
gpgcheck=0
yum list
yum -y install nginx
添加四层转发(添加stream模块)
#在events模块和http模块中间添加一个独立的stream模块
vim /etc/nginx/nginx.conf
…………省略内容
stream {
log_format main '$remote_addr $upstream_addr - [$time_local] $status $upstream_bytes_sent';
access_log /var/log/nginx/k8s-access.log main; #指定日志存放目录
upstream k8s-apiserver {
#master01的ip地址和端口
server 192.168.177.33:6443; #6443是apiserver的端口号
#master02的ip地址和端口
server 192.168.177.11:6443;
}
server {
listen 6443;
proxy_pass k8s-apiserver;
}
}
…………省略内容
开启nginx服务
nginx -t #检查配置文件是否有语法错误
systemctl start nginx #开启nginx服务
netstat -ntap | grep nginx #查看nginx状态及监听端口6443
部署keepalived高可用
在2台nginx服务器上配置
yum -y install keepalived
修改配置文件
删除原有配置文件,重新定义添加
vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
# 接收邮件地址
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
# 邮件发送地址
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id NGINX_MASTER
}
vrrp_script check_nginx {
script "/etc/nginx/check_nginx.sh" #监控nginx脚本的路径,稍后会创建
}
vrrp_instance VI_1 {
state MASTER #lb01该节点为MASTER,lb02设为BACKUP
interface ens33
virtual_router_id 51
priority 100 #优先级,lb01为master,优先级100。lb02为backup,优先级设90
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.177.100/24 #VIP地址(虚拟IP)
}
track_script {
check_nginx
}
}