本文主要是介绍Kubernetes学习指南:保姆级实操手册05——配置集群HA负载均衡,希望对大家解决编程问题提供一定的参考价值,需要的开发者们随着小编来一起学习吧!
五、Kubernetes学习指南:保姆级实操手册05——配置集群HA负载均衡
简介: Keepalived 提供 VRRP 实现,并允许您配置 Linux 机器使负载均衡,预防单点故障。HAProxy 提供可靠、高性能的负载均衡,能与 Keepalived 完美配合
1、配置Keepalive
官方文档提供了两种运行方式(此案例使用选项1):
- 选项1:在操作系统上运行服务
- 选项2:将服务作为静态pod运行
参考文档:[https://github.com/kubernetes/kubeadm/blob/main/docs/ha-considerations.md#options-for-software-load-balancing]
1.1、安装keepalived组件
注:三台master节点上安装
yum install -y keepalived
1.2、配置keepalived
### 在k8s-master01上设置:
[root@k8s-m01 ~]# cp /etc/keepalived/keepalived.conf /etc/keepalived/keepalived.conf.back
[root@k8s-master01 keepalived]# cat > /etc/keepalived/keepalived.conf << EOF
! Configuration File for keepalived
global_defs {router_id k8s-master01
}
vrrp_script check_apiserver {script "/etc/keepalived/check_apiserver.sh"interval 3weight -2fall 10rise 2
}vrrp_instance VI_1 {state MASTERinterface ens192virtual_router_id 51priority 100authentication {auth_type PASSauth_pass 123456}virtual_ipaddress {10.255.210.99}track_script {check_apiserver}
}EOF### 在k8s-master02上设置:
$ mkdir /etc/keepalived [root@k8s-master02 keepalived]# cat > /etc/keepalived/keepalived.conf << EOF
! Configuration File for keepalived
global_defs {router_id k8s-master02
}
vrrp_script check_apiserver {script "/etc/keepalived/check_apiserver.sh"interval 3weight -2fall 10rise 2
}vrrp_instance VI_1 {state BACKUPinterface ens192virtual_router_id 51priority 99authentication {auth_type PASSauth_pass 123456}virtual_ipaddress {10.255.210.99}track_script {check_apiserver}
}EOF### 在k8s-master03上设置:
$ mkdir /etc/keepalived[root@k8s-master03 keepalived]# cat > /etc/keepalived/keepalived.conf << EOF
! Configuration File for keepalived
global_defs {router_id k8s-master03
}
vrrp_script check_apiserver {script "/etc/keepalived/check_apiserver.sh"interval 3weight -2fall 10rise 2
}vrrp_instance VI_1 {state BACKUPinterface ens192virtual_router_id 51priority 98authentication {auth_type PASSauth_pass 123456}virtual_ipaddress {10.255.210.99}track_script {check_apiserver}
}EOF
扩展:参数说明
参数说明:router_id:节点ip,master每个节点配置自己的IPmcast_src_ip:节点IP,master每个节点配置自己的IPvirtual_ipaddress:虚拟IP,即VIP。interface:指定接口的名称。virtual_router_id:有效值为0-255,可以理解为一个组ID,只有相同的ID才被确认为一个组。如果每个keepalived实例修改的ID不一致,则会出现各自有一个VIP的现象。
1.3、编写健康检查脚本
[root@k8s-master01 keepalived]# cat > /etc/keepalived/check_apiserver.sh <<EOF
#!/bin/sh errorExit() { echo "*** $*" 1>&2 exit 1
} curl --silent --max-time 2 --insecure https://localhost:16443/ -o /dev/null || errorExit "Error GET https://localhost:16443/"
if ip addr | grep -q 10.255.210.99; then
curl --silent --max-time 2 --insecure https://10.255.210.99:16443/ -o /dev/null || errorExit "Error GET https://10.255.210.99:16443/"
fi EOFchmod +x /etc/keepalived/check_apiserver.shscp /etc/keepalived/check_apiserver.sh root@k8s-master02:/etc/keepalived/
scp /etc/keepalived/check_apiserver.sh root@k8s-master03:/etc/keepalived/
1.4、启动Keepalived
systemctl enable keepalived --now; systemctl restart keepalived.service ;systemctl status keepalived.service
1.5、测试keepalived
ip a
#查看VIP在那个节点 systemctl stop keepalived.service
#VIP所在节点停止服务,观察是否飘移VIP systemctl restart keepalived.service
#重启服务后,VIP将迁回
2、配置Haproxy
2.1、安装Haproxy
yum install -y haproxy
2.2、配置haproxy.cfg
globalmaxconn 2000ulimit-n 16384log 127.0.0.1 local0 errstats timeout 30sdefaultslog globalmode httpoption httplogtimeout connect 5stimeout client 50stimeout server 50stimeout http-request 15stimeout http-keep-alive 15sfrontend monitor-inbind *:33305mode httpoption httplogmonitor-uri /monitorlisten statsbind *:8006mode httpstats enablestats hide-versionstats uri /statsstats refresh 30sstats realm Haproxy\ Statisticsstats auth admin:adminfrontend k8s-masterbind 0.0.0.0:16443bind 127.0.0.1:16443mode tcpoption tcplogtcp-request inspect-delay 5sdefault_backend k8s-masterbackend k8s-mastermode tcpoption tcplogoption tcp-checkbalance roundrobindefault-server inter 10s downinter 5s rise 2 fall 2 slowstart 60s maxconn 250 maxqueue 256 weight 100server k8s-master01 10.255.210.1:6443 checkserver k8s-master02 10.255.210.2:6443 checkserver k8s-master03 10.255.210.3:6443 check
2.3、启动haproxy
systemctl restart haproxy.service;systemctl status haproxy.service
2.4、查看端口
ss -alnupt |grep 16443
tcp LISTEN 0 2000 *:16443 *:* users:(("haproxy",pid=53056,fd=6))
tcp LISTEN 0 2000 127.0.0.1:16443 *:* users:(("haproxy",pid=53056,fd=7))
[root@k8s-master02 ~]# ss -alnupt |grep 6443
tcp LISTEN 0 2000 *:16443 *:* users:(("haproxy",pid=53056,fd=6))
tcp LISTEN 0 2000 127.0.0.1:16443 *:* users:(("haproxy",pid=53056,fd=7))
这篇关于Kubernetes学习指南:保姆级实操手册05——配置集群HA负载均衡的文章就介绍到这儿,希望我们推荐的文章对编程师们有所帮助!