docker kubernetes的web集群
一、规划
1.1 机器和网络规划
版本
CentOS Linux release 7.6.1810 (Core)
Docker version 20.10.3
kubectl-v1.15.1
nginx version: nginx/1.16.1
Keepalived v1.3.5
IP | work |
---|---|
192.168.174.50 | NFS |
192.168.174.20 | master |
192.168.174.21 | node1 |
192.168.174.22 | node2 |
192.168.174.23 | node3 |
192.168.174.200 | LB1 |
192.168.174.201 | LB2 |
1.2 思路
- 使用kubernetes 起nginx集群
- nginx集群从NFS服务器获取数据,使得数据一致性
- 用nginx做负载均衡
- 使用keepalive实现高可用
二、搭建服务
2.1 搭建NFS服务
2.1.1 安装nfs
yum install -y nfs-utils
2.1.2 新建共享文件夹
mkdir /web
chmod 777 /web
cat >/web/index.html <<EOF
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
body {
width: 35em;
margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif;
}
</style>
</head>
<body>
<h1>Welcome to HU NAN NONGDA!</h1>
<p>To get something, You have to give,To give</p>
<p>You have to insist!</p>
<p>If you find it's hard for you. Quit;</p>
<p>But once you quit Don't compain.</p>
<p><em>Thank you for listening.</em></p>
</body>
</html>
EOF
2.1.3 编辑/etc/exports配置文件
# cat /etc/exports
/web 192.168.174.0/24(rw,no_root_squash,no_all_squash,sync)
2.1.4 刷新配置
# exportfs -rv
exporting 192.168.174.0/24:/web
2.2 使用kubectl搭建nginx集群
2.2.1 安装NFS服务
在所有docker机器上安装nfs
yum install -y nfs-utils
2.2.2在kubernetes master 上编排nginx集群
编写好yaml文件
# ls
nginx-servic.yaml nginx.yaml pvc.yaml pv-nfs.yaml kustomization.yaml
[root@master practice]# cat pv-nfs.yaml
apiVersion: v1
kind: PersistentVolume #资源类型
metadata:
name: nginx-pv
labels:
type: nginx-pv
spec:
capacity:
storage: 5Gi
accessModes:
- ReadWriteMany #访问模式,多个客户端读写
persistentVolumeReclaimPolicy: Recycle #回收策略-可以回收
storageClassName: nfs
nfs:
path: "/web"
server: 192.168.174.50 #NFS
readOnly: false
[root@master practice]# cat pvc.yaml
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: nginx-pvc
spec:
accessModes:
- ReadWriteMany
resources:
requests:
storage: 2Gi
storageClassName: nfs
[root@master practice]# cat nginx.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: backend-nginx
spec:
replicas: 10
selector:
matchLabels:
app: nginx
tier: backend-nginx
track: stable
template:
metadata:
labels:
app: nginx
tier: backend-nginx
track: stable
spec:
containers:
- name: pv-container-nfs
image: nginx
ports:
- containerPort: 80
volumeMounts:
- mountPath: "/usr/share/nginx/html"
name: pv-storage-nfs
volumes:
- name: pv-storage-nfs
persistentVolumeClaim:
claimName: nginx-pvc
[root@master practice]# cat nginx-servic.yaml
apiVersion: v1
kind: Service
metadata:
name: nginxservice
spec:
type: NodePort
selector:
app: nginx #pod 的名字
ports:
- name: http
nodePort: 30003 #本机对外监控的端口
protocol: TCP # 将 Service的 8080 端口映射到 Pod 的80端口,使用TCP协议
port: 8080
targetPort: 80
# cat kustomization.yaml
resources:
- pv-nfs.yaml
- pvc-nfs.yaml
- nginx.yaml
- nginx-servic.yaml
2.2.3 执行 kustomization.yaml
kubectl apply -k .
2.2.4 验证
[root@master ~]# kubectl get pvc
NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS AGE
nginx-pvc Bound nginx-pv 5Gi RWX nfs 164m
[root@master ~]# kubectl get service
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.1.0.1 <none> 443/TCP 3h38m
nginxservice NodePort 10.1.219.109 <none> 8080:30003/TCP 140m
[root@master ~]# kubectl get pod
NAME READY STATUS RESTARTS AGE
backend-nginx-68f68c5774-6bwd6 1/1 Running 0 171m
backend-nginx-68f68c5774-6kqjv 1/1 Running 0 171m
backend-nginx-68f68c5774-7nvnc 1/1 Terminating 0 171m
2.3 搭建LoadBalance
2.31 安装nginx
yum install -y nginx
systemctl stop firewalld
systemctl disable firewalld
2.3.2 启动nginx并修改配置文件
systemctl start nginx
cat /etc/nginx/nginx.conf
........
upstream web_pools {
server 192.168.174.20:30003;
server 192.168.174.21:30003;
server 192.168.174.22:30003;
server 192.168.174.23:30003;
}
service {
......
location / {
proxy_pass http://web_pools;
}
}
# nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
# nginx -s reload
2.3.3 安装并配置keeplived
# yum install keepalived -y
keepalived.conf
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id LVS_DEVEL
vrrp_skip_check_adv_addr
# vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_instance VI_1 {
state MASTER
interface ens37
virtual_router_id 99
priority 110
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.0.100
}
}
backup机器
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id LVS_DEVEL
vrrp_skip_check_adv_addr
# vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_instance VI_2 {
state BACKUP
interface ens37
virtual_router_id 99
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.0.100
}
}
2.3.4测试 vip漂移
2.3.5 压力测试
[root@nfs ~]# siege -d 0 -c 250 -t 1 www.abc.com
{ "transactions": 46918,
"availability": 100.00,
"elapsed_time": 59.86,
"data_transferred": 2.37,
"response_time": 0.32,
"transaction_rate": 783.80,
"throughput": 0.04,
"concurrency": 247.44,
"successful_transactions": 46918,
"failed_transactions": 0,
"longest_transaction": 3.01,
"shortest_transaction": 0.00
}