k8s之keepalive+nginx高可用集群部署

1、安装nginx、keepalived

yum install nginx keepalived -y

2、更新nginx配置文件

stream {

log_format main '$remote_addr $upstream_addr - [$time_local] $status $upstream_bytes_sent';

access_log /var/log/nginx/k8s-access.log main;

upstream k8s-apiserver {

server 192.168.0.180:6443; # Master1 APISERVER IP:PORT

server 192.168.0.181:6443; # Master2 APISERVER IP:PORT

}

 

server {

listen 16443; # 由于nginx与master节点复用，这个监听端口不能是6443，否则会冲突

proxy_pass k8s-apiserver;

}

}
2.1如果安装报错，安装插件

 yum -y install nginx-all-modules.noarch

3、安装配置keepalived

keepalive配置,主从节点只有优先级的差异

[root@k8smaster1 keepalived]# vim /etc/keepalived/keepalived.conf
global_defs {

notification_email {

acassen@firewall.loc

failover@firewall.loc

sysadmin@firewall.loc

}

notification_email_from Alexandre.Cassen@firewall.loc

smtp_server 127.0.0.1

smtp_connect_timeout 30

router_id NGINX_MASTER

}

vrrp_script check_nginx {

script "/etc/keepalived/check_nginx.sh"

}

vrrp_instance VI_1 {

state MASTER #备机需要改为BACKUP

interface ens33 # 修改为实际网卡名

virtual_router_id 51 # VRRP 路由 ID实例，每个实例是唯一的

priority 100 # 优先级，备服务器设置 90需要低于100

advert_int 1 # 指定VRRP 心跳包通告间隔时间，默认1秒

authentication {

auth_type PASS

auth_pass 1111

}

# 虚拟IP

virtual_ipaddress {

192.168.0.199/24

}

track_script {

check_nginx

}

}

4、启动服务

在两个控制节点执行以下操作

[root@k8smaster1 ]# chmod +x /etc/keepalived/check_nginx.sh

[root@k8smaster1 ]# systemctl daemon-reload

[root@k8smaster1 ]# systemctl start nginx

[root@k8smaster1 ]# systemctl start keepalived

[root@k8smaster1 ]# systemctl enable nginx keepalived

[root@k8smaster1 ]# systemctl status keepalived