Keepalived+HAProxy高可用集群K8S实现 Keepalived+HAProxy高可用集群K8S实

【Keepalived+HAProxy高可用集群K8S实现】本文采用Keepalived+HAProxy的方式构建高可用集群。
当你如果你有硬件负载均衡设备当然更好了。
准备环境：

主机	ip
k8s-master01	192.168.10.4
k8s-master02	192.168.10.5
k8s-master03	192.168.10.6
VIP	192.168.10.150

架构图

文章图片

注意：master集群采用奇数台数，3、5、7…
所有节点都进行hosts文件解析

tail -3 /etc/hosts192.168.10.4 k8s-master01192.168.10.5 k8s-master02192.168.10.6 k8s-master03

所有节点都要安装keepalived和haproxy软件

yum -y install haproxy keepalived

修改haproxy配置文件（所有节点配置相同）
最好选择2.x版本，当然这个版本也不影响使用，只是功能没有2.x版本多

vim /etc/haproxy/haproxy.cfgglobalmaxconn2000ulimit-n16384log127.0.0.1 local0 errstats timeout 30sdefaultslog globalmodehttpoptionhttplogtimeout connect 5000timeout client50000timeout server50000timeout http-request 15stimeout http-keep-alive 15sfrontend monitor-inbind *:33305mode httpoption httplogmonitor-uri /monitorlisten statsbind*:8006modehttpstatsenablestatshide-versionstatsuri/statsstatsrefresh30sstatsrealmHaproxy\ Statisticsstatsauthadmin:adminfrontend k8s-masterbind 0.0.0.0:16443bind 127.0.0.1:16443mode tcpoption tcplogtcp-request inspect-delay 5sdefault_backend k8s-masterbackend k8s-mastermode tcpoption tcplogoption tcp-checkbalance roundrobindefault-server inter 10s downinter 5s rise 2 fall 2 slowstart 60s maxconn 250 maxqueue 256 weight 100server k8s-master01 192.168.10.4:6443checkserver k8s-master02 192.168.10.5:6443checkserver k8s-master03192.168.10.6:6443check

master01节点修改keepalived配置文件

vim /etc/keepalived/keepalived.conf! Configuration File for keepalivedglobal_defs {router_id LVS_DEVEL}vrrp_script chk_apiserver {script "/etc/keepalived/check_apiserver.sh"interval 2weight -5fall 3rise 2}vrrp_instance VI_1 {state MASTERinterface eth0mcast_src_ip 192.168.10.4virtual_router_id 51priority 100advert_int 2authentication {auth_type PASSauth_pass K8SHA_KA_AUTH}virtual_ipaddress {192.168.10.150/24}track_script {chk_apiserver}

master02节点修改keepalived配置文件

vim /etc/keepalived/keepalived.conf! Configuration File for keepalivedglobal_defs {router_id LVS_DEVEL}vrrp_script chk_apiserver {script "/etc/keepalived/check_apiserver.sh"interval 2weight -5fall 3rise 2}vrrp_instance VI_1 {state BACKUPinterface eth0mcast_src_ip 192.168.10.5virtual_router_id 51priority 50advert_int 2authentication {auth_type PASSauth_pass K8SHA_KA_AUTH}virtual_ipaddress {192.168.10.150/24}track_script {chk_apiserver}}

master03节点修改keepalived配置文件

vim /etc/keepalived/keepalived.conf! Configuration File for keepalivedglobal_defs {router_id LVS_DEVEL}vrrp_script chk_apiserver {script "/etc/keepalived/check_apiserver.sh"interval 2weight -5fall 3rise 2}vrrp_instance VI_1 {state BACKUPinterface eth0mcast_src_ip 192.168.10.6virtual_router_id 51priority 50advert_int 2authentication {auth_type PASSauth_pass K8SHA_KA_AUTH}virtual_ipaddress {192.168.10.150/24}track_script {chk_apiserver}}

所有节点创建健康检查脚本

vim /etc/keepalived/check_apiserver.sh#!/bin/basherr=0for k in $(seq 1 5)docheck_code=$(pgrep haproxy)if [[ $check_code == "" ]]; thenerr=$(expr $err + 1)sleep 5continueelseerr=0breakfidoneif [[ $err != "0" ]]; thenecho "systemctl stop keepalived"/usr/bin/systemctl stop keepalivedexit 1elseexit 0fi

启动haproxy与keepalived服务

systemctl daemon-reload systemctl enable --now haproxysystemctl enable --now keepalived

可以用ping和telnet命令测试一下vip的可用性

ping 192.168.10.150PING 192.168.10.150 (192.168.10.150) 56(84) bytes of data.64 bytes from 192.168.10.150: icmp_seq=1 ttl=64 time=1.60 ms64 bytes from 192.168.10.150: icmp_seq=2 ttl=64 time=0.519 ms64 bytes from 192.168.10.150: icmp_seq=3 ttl=64 time=0.874 ms64 bytes from 192.168.10.150: icmp_seq=4 ttl=64 time=0.786 ms^C--- 192.168.10.150 ping statistics ---4 packets transmitted, 4 received, 0% packet loss, time 3009msrtt min/avg/max/mdev = 0.519/0.946/1.606/0.403 mstelnet 192.168.10.150 16443Trying 192.168.10.150...Connected to 192.168.10.150.Escape character is '^]'.Connection closed by foreign host.

再尝试一下断开vip所在节点的keepalived，看ip是否漂移，如果vip漂移至另一节点则代表成功
可能难免有地方出错，如果出错可以留言哈
以上就是Keepalived+HAProxy高可用集群K8S实现的详细内容，更多关于Keepalived+HAProxy实现K8S高可用集群的资料请关注脚本之家其它相关文章！