k8s开启ipvs

1.加载内核模快

[root@k8s-master ~]# lsmod|grep ip_vs
ip_vs_sh 12688 0 
ip_vs_wrr 12697 0 
ip_vs_rr 12600 0 
ip_vs 141092 6 ip_vs_rr,ip_vs_sh,ip_vs_wrr
nf_conntrack 133387 9 ip_vs,nf_nat,nf_nat_ipv4,nf_nat_ipv6,xt_conntrack,nf_nat_masquerade_ipv4,nf_conntrack_netlink,nf_conntrack_ipv4,nf_conntrack_ipv6
libcrc32c 12644 4 xfs,ip_vs,nf_nat,nf_conntrack
[root@k8s-master ~]# yum install ipvsadm ipset -y

 

 

2.修改kube-proxy配置

复制代码
[root@k8s-master ~]# kubectl edit configmap kube-proxy -n kube-system
ipvs:
      excludeCIDRs: null
      minSyncPeriod: 0s
      scheduler: ""
      strictARP: false
      syncPeriod: 0s
      tcpFinTimeout: 0s
      tcpTimeout: 0s
      udpTimeout: 0s
    kind: KubeProxyConfiguration
    metricsBindAddress: ""
    mode: "ipvs"     #修改此处
    nodePortAddresses: null
复制代码

 

 

 

3.删除所有kube-proxy的pod

复制代码
[root@k8s-master ~]# kubectl get pod -n kube-system 
NAME                                 READY   STATUS    RESTARTS   AGE
coredns-6d56c8448f-bl6ds             1/1     Running   0          78m
coredns-6d56c8448f-g2scb             1/1     Running   0          78m
etcd-k8s-master                      1/1     Running   1          78m
kube-apiserver-k8s-master            1/1     Running   1          78m
kube-controller-manager-k8s-master   1/1     Running   1          78m
kube-flannel-ds-5wwvj                1/1     Running   0          76m
kube-flannel-ds-9hcqz                1/1     Running   0          77m
kube-flannel-ds-ct6jr                1/1     Running   1          76m
kube-proxy-5ntj4                     1/1     Running   0          76m
kube-proxy-82dk4                     1/1     Running   0          78m
kube-proxy-s9jrw                     1/1     Running   0          76m
kube-scheduler-k8s-master            1/1     Running   1          78m
[root@k8s-master ~]# kubectl delete pod kube-proxy-5ntj4 kube-proxy-82dk4 kube-proxy-s9jrw  -n kube-system 
pod "kube-proxy-5ntj4" deleted
pod "kube-proxy-82dk4" deleted
pod "kube-proxy-s9jrw" deleted
复制代码

 

 

 


4.校验

日志出现Using ipvs Proxier即可

复制代码
[root@k8s-master ~]# kubectl get pod -n kube-system 
NAME                                 READY   STATUS    RESTARTS   AGE
coredns-6d56c8448f-bl6ds             1/1     Running   0          79m
coredns-6d56c8448f-g2scb             1/1     Running   0          79m
etcd-k8s-master                      1/1     Running   1          79m
kube-apiserver-k8s-master            1/1     Running   1          79m
kube-controller-manager-k8s-master   1/1     Running   1          79m
kube-flannel-ds-5wwvj                1/1     Running   0          76m
kube-flannel-ds-9hcqz                1/1     Running   0          77m
kube-flannel-ds-ct6jr                1/1     Running   1          76m
kube-proxy-c2mxx                     1/1     Running   0          13s
kube-proxy-j4zlw                     1/1     Running   0          6s
kube-proxy-jffp7                     1/1     Running   0          16s
kube-scheduler-k8s-master            1/1     Running   1          79m
[root@k8s-master ~]# kubectl logs kube-proxy-c2mxx -n kube-system 
I0907 04:23:26.102780       1 node.go:136] Successfully retrieved node IP: 10.3.104.56
I0907 04:23:26.102846       1 server_others.go:111] kube-proxy node IP is an IPv4 address (10.3.104.56), assume IPv4 operation
I0907 04:23:26.133916       1 server_others.go:259] Using ipvs Proxier.
E0907 04:23:26.134077       1 proxier.go:381] can't set sysctl net/ipv4/vs/conn_reuse_mode, kernel version must be at least 4.1
W0907 04:23:26.134167       1 proxier.go:434] IPVS scheduler not specified, use rr by default
I0907 04:23:26.134396       1 server.go:650] Version: v1.19.0
I0907 04:23:26.134922       1 conntrack.go:52] Setting nf_conntrack_max to 131072
I0907 04:23:26.135295       1 config.go:224] Starting endpoint slice config controller
I0907 04:23:26.135324       1 shared_informer.go:240] Waiting for caches to sync for endpoint slice config
I0907 04:23:26.135368       1 config.go:315] Starting service config controller
I0907 04:23:26.135373       1 shared_informer.go:240] Waiting for caches to sync for service config
I0907 04:23:26.235476       1 shared_informer.go:247] Caches are synced for service config 
I0907 04:23:26.235488       1 shared_informer.go:247] Caches are synced for endpoint slice config
复制代码

 

 

 

5.检查ipvs代理规则

复制代码
[root@k8s-master ~]# kubectl get svc --all-namespaces
NAMESPACE     NAME         TYPE        CLUSTER-IP   EXTERNAL-IP   PORT(S)                  AGE
default       kubernetes   ClusterIP   10.96.0.1    <none>        443/TCP                  80m
default       nginx        ClusterIP   None         <none>        80/TCP                   75m
kube-system   kube-dns     ClusterIP   10.96.0.10   <none>        53/UDP,53/TCP,9153/TCP   80m
[root@k8s-master ~]# ipvsadm -ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  10.96.0.1:443 rr
  -> 10.3.104.51:6443             Masq    1      0          0         
TCP  10.96.0.10:53 rr
  -> 10.244.0.2:53                Masq    1      0          0         
  -> 10.244.0.3:53                Masq    1      0          0         
TCP  10.96.0.10:9153 rr
  -> 10.244.0.2:9153              Masq    1      0          0         
  -> 10.244.0.3:9153              Masq    1      0          0         
UDP  10.96.0.10:53 rr
  -> 10.244.0.2:53                Masq    1      0          0         
  -> 10.244.0.3:53                Masq    1      0          0
复制代码

 

posted @   杰宏唯一  阅读(1446)  评论(0编辑  收藏  举报
编辑推荐:
· Linux系列:如何用heaptrack跟踪.NET程序的非托管内存泄露
· 开发者必知的日志记录最佳实践
· SQL Server 2025 AI相关能力初探
· Linux系列:如何用 C#调用 C方法造成内存泄露
· AI与.NET技术实操系列(二):开始使用ML.NET
阅读排行:
· 被坑几百块钱后,我竟然真的恢复了删除的微信聊天记录!
· 没有Manus邀请码?试试免邀请码的MGX或者开源的OpenManus吧
· 【自荐】一款简洁、开源的在线白板工具 Drawnix
· 园子的第一款AI主题卫衣上架——"HELLO! HOW CAN I ASSIST YOU TODAY
· Docker 太简单,K8s 太复杂?w7panel 让容器管理更轻松!
点击右上角即可分享
微信分享提示