Kubernetes安裝之一：HA-高可用配置

       Kubernetes 一直沒有本身的高可用方案，從yum安裝1.5.2開始到使用阿里雲自帶的Kubernetes集羣，一直沒有本身手動安裝配置過這個高可用方案，在過年前終於本身安裝配置了一次，也是參考各路大神的文章，如今年過完了，準備把安裝過程記錄下來，個人安裝會比較特殊，僅供各位參考：

1. 192.168.1.40 簡寫服務器a         etcd master   keeplived haproxy 

2. 192.168.1.41 簡寫服務器b         etcd master   keeplived haproxy 

3. 192.168.1.42 簡寫服務器c          etcd master  keeplived haproxy 

VIP 192.168.1.43

操做系統最小化安裝centos 7.3 

1.修改主機名

hostnamectl set-hostname  host40
hostnamectl set-hostname  host41
hostnamectl set-hostname  host42複製代碼

2.關閉防火牆和selinux

systemctl stop firewalld
systemctl disable firewalld
sed -i 's/enforcing/disabled/g' /etc/selinux/config
setenforce 0複製代碼

3.安裝基礎軟件 

yum -y install keepalived haproxy  psmisc複製代碼

4.配置haproxy

三臺機器啓動haproxy ，監聽8443端口代理最後的api-service，10080端口做爲haproxy狀態監控

cat>/etc/haproxy/haproxy.cfg<<EOF
global
    log /dev/log    local0
    log /dev/log    local1 notice
    chroot /var/lib/haproxy
    stats socket /tmp/admin.sock mode 660 level admin
    stats timeout 30s
    user haproxy
    group haproxy
    daemon
    nbproc 1
    
defaults
    log     global
    timeout connect 5000
    timeout client  10m
    timeout server  10m

listen  admin_stats
    bind 0.0.0.0:10080
    mode http
    log 127.0.0.1 local0 err
    stats refresh 30s 
    stats uri /status
    stats realm welcome login\ Haproxy
    stats auth admin:123456
    stats hide-version
    stats admin if TRUE

 listen kube-master
     bind 0.0.0.0:8443
     mode tcp
     option tcplog
     balance source
     server 192.168.1.40 192.168.1.40:6443 check inter 2000 fall 2 rise 2 weight 1
     server 192.168.1.41 192.168.1.41:6443 check inter 2000 fall 2 rise 2 weight 1
     server 192.168.1.42 192.168.1.42:6443 check inter 2000 fall 2 rise 2 weight 1
EOF
複製代碼

 

啓動haproxy，若是有錯誤，請根據錯誤提示解決(我在處理的時候由於sock文件地址權限的問題遇到過錯誤，因此我這裏把他切換到tmp目錄，避免權限問題)

systemctl daemon-reload
systemctl enable haproxy
systemctl restart haproxy
systemctl status haproxy複製代碼

5.配置keepalived

5.1配置服務器a keepalived

cat > /etc/haproxy/haproxy.cfg <<EOF
global_defs {
    router_id k8s-master
}

vrrp_script check-haproxy {
    script "killall -0 haproxy"
    interval 5
    weight -30
}

vrrp_instance VI-kube-master {
    state MASTER
    priority 150
    nopreempt 
    dont_track_primary
    interface eth0
    virtual_router_id 68
    advert_int 3
    track_script {
        check-haproxy
    }
    virtual_ipaddress {
        192.168.1.43/24 dev eth0 label eth0:1
    }
}
EOF
複製代碼

5.2 配置服務器b keepalived 

cat > /etc/keepalived/keepalived.conf <<EOF
global_defs {
    router_id k8s-slave1
}

vrrp_script check-haproxy {
    script "killall -0 haproxy"
    interval 5
    weight -30
}

vrrp_instance VI-kube-master {
    state BACKUP
    priority 100
    nopreempt 
    dont_track_primary
    interface eth0
    virtual_router_id 68
    advert_int 3
    track_script {
        check-haproxy
    }
    virtual_ipaddress {
        192.168.1.43/24 dev eth0 label eth0:1
    }
}
EOF
複製代碼

5.3 配置服務器c keepalived

cat > /etc/keepalived/keepalived.conf <<EOF
global_defs {
    router_id k8s-slave2
}

vrrp_script check-haproxy {
    script "killall -0 haproxy"
    interval 5
    weight -30
}

vrrp_instance VI-kube-master {
    state BACKUP
    priority 50
    nopreempt 
    dont_track_primary
    interface eth0
    virtual_router_id 68
    advert_int 3
    track_script {
        check-haproxy
    }
    virtual_ipaddress {
        192.168.1.43/24 dev eth0 label eth0:1
    }
}
EOF
複製代碼

6.啓動keepalived

systemctl daemon-reload
systemctl enable keepalived
systemctl restart keepalived
systemctl status keepalived
複製代碼

以上配置實現服務器 vip 默認在a服務器，若是a宕機則vip到b服務器，若是ab 都宕機 則vip到c服務器

可是這樣設置有一個問題就是a服務器宕機恢復之後，會搶回VIP

若是把abc服務器都設置BACKUP 則第一次啓動都不會得到VIP

大家能夠把大家的發我參考下 實現第一次啓動會得到VIP  切換之後也不會漂移回去的配置

首先完成ha的配置由於後面的配置須要調用vip的地址