二进制部署kubernetes v1.30.2集群 五、master节点高可用
master节点高可用
以下步骤在master节点上操作
一、安装haproxy和keepalived服务
yum -y install keepalived haproxy
二、配置haproxy
mv /etc/haproxy/haproxy.cfg /etc/haproxy/haproxy.cfg.bak cat >/etc/haproxy/haproxy.cfg << EOF global maxconn 5000 log 127.0.0.1 local0 err defaults log global mode http option httplog timeout connect 5000 timeout client 50000 timeout server 50000 frontend monitor-in bind *:9442 mode http option httplog monitor-uri /monitor frontend k8s-master bind 0.0.0.0:9443 mode tcp option tcplog default_backend k8s-master backend k8s-master mode tcp option tcplog option tcp-check balance roundrobin server k8s-master01 192.168.110.21:6443 check server k8s-master02 192.168.110.22:6443 check server k8s-master03 192.168.110.23:6443 check EOF
三、配置keepalived
1、k8s-master01配置
mv /etc/keepalived/keepalived.conf /etc/keepalived/keepalived.conf.bak cat > /etc/keepalived/keepalived.conf << EOF ! Configuration File for keepalived global_defs { router_id k8s } vrrp_script check_haproxy { script "/data/shell/check_ha.sh" interval 5 fall 2 rise 1 } vrrp_instance VI_1 { state MASTER interface ens160 mcast_src_ip 192.168.110.21 virtual_router_id 55 priority 100 nopreempt advert_int 2 authentication { auth_type PASS auth_pass K8S_AUTH } virtual_ipaddress { 192.168.110.20 } track_script { check_haproxy } } EOF
2、k8s-master02配置
mv /etc/keepalived/keepalived.conf /etc/keepalived/keepalived.conf.bak cat > /etc/keepalived/keepalived.conf << EOF ! Configuration File for keepalived global_defs { router_id k8s } vrrp_script check_haproxy { script "/data/shell/check_ha.sh" interval 5 fall 2 rise 1 } vrrp_instance VI_1 { state BACKUP interface ens160 mcast_src_ip 192.168.110.22 virtual_router_id 55 priority 75 nopreempt advert_int 2 authentication { auth_type PASS auth_pass K8S_AUTH } virtual_ipaddress { 192.168.110.20 } track_script { check_haproxy } } EOF
3、k8s-master03配置
mv /etc/keepalived/keepalived.conf /etc/keepalived/keepalived.conf.bak cat > /etc/keepalived/keepalived.conf << EOF ! Configuration File for keepalived global_defs { router_id k8s } vrrp_script check_haproxy { script "/data/shell/check_ha.sh" interval 5 fall 2 rise 1 } vrrp_instance VI_1 { state BACKUP interface ens160 mcast_src_ip 192.168.110.23 virtual_router_id 55 priority 50 nopreempt advert_int 2 authentication { auth_type PASS auth_pass K8S_AUTH } virtual_ipaddress { 192.168.110.20 } track_script { check_haproxy } } EOF
四、创建健康检查脚本
cat > /data/shell/check_ha.sh << EOF #!/bin/bash err=0 for k in \$(seq 1 3) do check_code=\$(pgrep haproxy) if [[ \$check_code == "" ]]; then err=\$(expr \$err + 1) sleep 1 continue else err=0 break fi done if [[ \$err != "0" ]]; then systemctl stop keepalived exit 1 else exit 0 fi EOF
chmod +x /data/shell/check_ha.sh
五、启动服务并设置开机启动
systemctl start haproxy
systemctl enable haproxy
systemctl start keepalived
systemctl enable keepalived
浙公网安备 33010602011771号