k8s高可用集群架构
在前面k8s学习中,我们只是围绕一个k8s master节点进行操作,当此节点dowm掉后k8s将无法进行后续的部署管理工作。本项目将通过haproxy配置k8s master主机实现负载均衡,通过k8s三台master主机实现k8s集群高可用。
实验前准备
我这里使用全新的虚拟机
1.实验前确保已在server1、server2和server3上部署k8s
2.在server1上删除节点server2、3(若不是全新的虚拟机执行第二步和第三步)
kubectl delete nodes server2
kubectl delete nodes server3
3.重置节点server1、2、3
kubeadm reset
部署haproxy+pacemaker
在server4和server5上部署haproxy+pacemaker做负载均衡和高可用
在server4和server5上安装部署haproxy
1.首先安装yum源
mount /dev/sr0 /softwaresource
vim /etc/yum.repos.d/lyueyue.repo
[rhel7.6]
name=rhel7.6
baseurl=file:///softwaresource/
gpgcheck=0
[HighAvailability]
name="HighAvailability"
baseurl=file:///softwaresource/addons/HighAvailability
gpgcheck=0
[ResilientStorage]
name="ResilientStorage"
baseurl=file:///softwaresource/addons/ResilientStorage
gpgcheck=0
yum repolist
2.安装haproxy
yum install -y haproxy
3.修改haproxy配置文件
cd /etc/haproxy
ls
vim haproxy.cfg
4.启动haproxy
systemctl enable --now haproxy.service
systemctl status haproxy.service
netstat -antlp #查看6443端口
5.配置server5的haproxy
scp /etc/haproxy/haproxy.cfg server5:/etc/haproxy
systemctl enable --now haproxy.service
systemctl status haproxy.service
6.在server4和server5上安装部署pacemaker相关组件
yum install -y pacemaker pcs psmisc policycoreutils-python
7.设置开机自启并启动pcs
systemctl enable --now pcsd.service
8.在server4和server5上新建hacluster用户并pcs注册认证
useradd hacluster
echo lyueyue | passwd --stdin hacluster
pcs cluster auth server4 server5
9.创建集群mycluster,并将server4和server5添加到集群
pcs cluster setup --name mycluster server4 server5
10.启动集群服务并设置开机自启
pcs cluster start --all #corosync是集群心跳 #pacemaker是资源管理器
pcs cluster enable --all
11.设置stonith
pcs status #查看状态
pcs property set stonith-enabled=false #设置stonith为False
pcs status #状态没有警告了
crm_verify -LV #检测没有报错
12.创建vip用于故障无缝切换
pcs resource standards #查看系统级资源
pcs resource create vip ocf:heartbeat:IPaddr2 ip=192.168.1.100 cidr_netmask=24 op monitor interval=30s
pcs status #查看状态,看是否创建成功
13.创建haproxy资源
pcs resource create haproxy systemd:haproxy op monitor interval=30s
14.将vip和haproxy绑定到apiserver这个组中
pcs resource group add apiserver vip haproxy
pcs status
修改配置文件
配置server5
在server4上安装pacemaker相关组件
若有报错解决报错
1.wget http://mirror.centos.org/centos/7/os/x86_64/Packages/clufter-common-0.77.1-1.el7.noarch.rpm
2.wget http://mirror.centos.org/centos/7/os/x86_64/Packages/clufter-bin-0.77.1-1.el7.x86_64.rpm
3.在这个网站下载 https://developer.aliyun.com/packageSearch?word=python-clufter-0.77.1-1.el7.noarch
4.安装这些软件
5.重新执行
yum install -y pacemaker pcs psmisc policycoreutils-python
设置stonith
部署k8s集群
部署k8s集群:server1、server2和server3做master节点 server6做node节点
1.修改文件中的本机地址、vip地址+端口和镜像地址
kubeadm config print init-defaults > kubeadm-init.yaml
vim kubeadm-init.yaml
advertiseAddress: 192.168.1.10
controlPlaneEndpoint: "192.168.1.100:6443"
imageRepository: www.lyueyue.org/k8s
podSubnet: 10.244.0.0/16
---
apiVersion: kubeproxy.config.k8s.io/v1alpha1
kind: KubeProxyConfiguration
mode: ipvs
2.列出清单中所需镜像,可以对照仓库,增改仓库,满足这里的需求
kubeadm config images list --config kubeadm-init.yaml
3.初始化
kubeadm init --config kubeadm-init.yaml --upload-certs
export KUBECONFIG=/etc/kubernetes/admin.conf
kubectl get node
4.将其他节点(server2和server3)加入master;server6加入node,下面只展示加入master过程,node类似。
kubeadm join 192.168.1.100:6443 --token abcdef.0123456789abcdef \
--discovery-token-ca-cert-hash sha256:f76cdd0ce07f1388765ff648cd7ca5aafa0598157429765b52dc8886c54b0812 \
--control-plane --certificate-key 6e69602843c81312a30cf0616de1641c51745852611496e097453cff707d822f
mkdir -p $HOME/.kube
cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
chown $(id -u):$(id -g) $HOME/.kube/config
kubectl get node
5.在server1上配置kubectl命令补齐
echo "source <(kubectl completion bash)" >> ~/.bashrc
source .bashrc
6.网络配置
kubectl apply -f kube-flannel.yml
kubectl -n kube-system get pod
补充:若报错执行如下命令
vim /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
sysctl --system
将所需镜像下载并上传至仓库
1058
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
