Master02:192.168.50.134
LB1:192.168.50.137
LB2:192.168.50.138
VIP:192.168.50.100
1、关闭防火墙及selinux服务
2、在master01上操作,将master1上的工作目录推送到master2上
scp -r /opt/kubernetes/ root@192.168.195.136:/opt3、复制master中的三个组件启动脚本
scp /usr/lib/systemd/system/{kube-apiserver,kube-controller-manager,kube-scheduler}.service root@192.168.50.136:/usr/lib/systemd/system/4、在master02上操作,修改配置文件kube-apiserver中的IP,
cd /opt/kubernetes/cfg/ vim kube-apiserver --bind-address=192.168.50.136 \ ## 修改为master2的IP --advertise-address=192.168.50.136 \ ## 修改为master2的IP5、将master1上的etcd工作目录拷贝到master2中
scp -r /opt/etcd/ root@192.168.50.136:/opt/6、启动master02中的三个组件服务
systemctl start kube-apiserver.service systemctl start kube-controller-manager.service systemctl start kube-scheduler.service7、设置环境变量
vim /etc/profile 在末尾加入一行: export PATH=$PATH:/opt/kubernetes/bin/ 使配置生效:source /etc/profile//下面进行高可用负载均衡配置
8、分别在lb01 lb02上操作
安装nginx服务,把nginx.sh和keepalived.conf脚本拷贝到家目录
vim /etc/yum.repos.d/nginx.repo [nginx] name=nginx repo baseurl=http://nginx.org/packages/centos/7/$basearch/ gpgcheck=0 yum install nginx -y9、在nginx中添加四层转发
stream { log_format main '$remote_addr $upstream_addr - [$time_local] $status $upstream_bytes_sent'; access_log /var/log/nginx/k8s-access.log main; upstream k8s-apiserver { server 192.168.50.133:6443; ## 代理的两个master节点IP server 192.168.50.136:6443; ## 代理的两个master节点IP } server { listen 6443; proxy_pass k8s-apiserver; } }启动nginx服务
systemctl start nginx10、分别在lb1与lb2上部署keepalived服务
yum install keepalived -y修改配置文件
cp keepalived.conf /etc/keepalived/keepalived.conf keepalived配置文件如下: ! Configuration File for keepalived global_defs { # 接收邮件地址 notification_email { acassen@firewall.loc failover@firewall.loc sysadmin@firewall.loc } # 邮件发送地址 notification_email_from Alexandre.Cassen@firewall.loc smtp_server 127.0.0.1 smtp_connect_timeout 30 router_id NGINX_MASTER } vrrp_script check_nginx { script "/etc/nginx/check_nginx.sh" } vrrp_instance VI_1 { state MASTER interface ens33 virtual_router_id 51 # VRRP 路由 ID实例,每个实例是唯一的 priority 100 # 优先级,备服务器设置 90 advert_int 1 # 指定VRRP 心跳包通告间隔时间,默认1秒 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 192.168.50.100/24 } track_script { check_nginx } }//注意:lb02是Backup配置如下: ! Configuration File for keepalived global_defs { # 接收邮件地址 notification_email { acassen@firewall.loc failover@firewall.loc sysadmin@firewall.loc } # 邮件发送地址 notification_email_from Alexandre.Cassen@firewall.loc smtp_server 127.0.0.1 smtp_connect_timeout 30 router_id NGINX_MASTER } vrrp_script check_nginx { script "/etc/nginx/check_nginx.sh" } vrrp_instance VI_1 { state BACKUP interface ens33 virtual_router_id 51 # VRRP 路由 ID实例,每个实例是唯一的 priority 90 # 优先级,备服务器设置 90 advert_int 1 # 指定VRRP 心跳包通告间隔时间,默认1秒 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 192.168.195.100/24 } track_script { check_nginx } }11、创建keepalived服务监测脚本
vim /etc/nginx/check_nginx.sh #!/bin/bash count=$(ps -ef |grep nginx |egrep -cv "grep|$$") if [ "$count" -eq 0 ];then systemctl stop keepalived fi为脚本添加可执行权限并启动keepalived
chmod +x /etc/nginx/check_nginx.sh systemctl start keepalived到此,k8s高可用群集部署完成