kubernetes-Kubeadm双活master安装(HA)

一、组件介绍

1. Kubeadm：官方一个安装k8s的工具，kubeadm init、kubeadm join
2. Kubelet：启动、删除pod
3. Kubectl：操作k8s资源，创建、删除、修改资源
4. 初始化环境

k8s集群角色	IP	主机名	组件
master1	192.168.56.129	anyu967master1	apiserver、controller-manager、scheduler、kunelet、etcd、docker、kube-proxy、keepalived、nginx、calico
master2	192.168.56.130	anyu967master2	apiserver、controller-manager、scheduler、kunelet、etcd、docker、kube-proxy、keepalived、nginx、calico
node1	192.168.56.131	anyu967node1	kubelet、kube-proxy、docker、calico、coredns
VIP	192.168.56.132	-	-

二、安装

2.1. keepalived + nginx (HA)

# master1,2 node1(v1.20.6)
yum install -y kubelet kubeadm kubectl
systemctl enable kubelet && systemct start kubelet

# keepalive+nginx 实现k8s apiserver HA
  ## master1,2
  yum install -y nginx keepalived
  ## ngxin四层负载均衡(IP:PORT)
  vim /etc/nginx/nginx.conf

  ## keepalived
  #!/bin/sh
  count=$(ps -ef |grep nginx |grep sbin |egrep -cv "grep|$$")
  if [ "$count" -eq 0 ]; then
      systemctl stop keepalived
  fi

  vim /etc/keepalived/keepalived.conf
  vrrp_script check_nginx {
      script "/etc/keepalived/check_nginx.sh"
  }
  vrrp_instance VI_1 {
      state MASTER/BACKUP
      interface ens33
      virtual_router_id 51
      priority 100/90
      advert_int 1
      authentication {
          auth_type PASS
          auth_pass 1111
      }
      virtual_ipaddress {
          192.168.56.132/24
      }
      track_script {
          check_nginx
      }
  }

2.2. Kubeadm初始化k8s集群

# master1,2 node1
# kubeadm-config.yaml
# kubeadm config print init-defaults  > kubeadm-config.yaml
kubeadm init --config kubeadm-config.yaml

# 添加控制节点master2
# 把master1 节点的证书拷贝到 master2上
kubeadm token create --print-join-command
kubeadm join ip:port --token token --discivery-token-ca-cert-hash shaxxxx --control-plane

# 添加工作节点node1
kubeadm join ip:port --token token --discivery-token-ca-cert-hash shaxxxx

# 安装calico网络插件(可以做网络策略)
kubectl apply -f calico.yaml

# kubectl 命令
kubeadm label node node1 node-role.kubernets.io/worker=worker
kubectl get nodes
kubectl get pods -n kube-system -o wide

三、测试

3.1. 测试k8s网络

docker load -i busybox-1.28.tar.gz
kubectl run busybox --image busybox:1.28 --restart=Never --rm -it busybox --sh

ping www.baidu.com
ping podip

3.2. 测试k8s集群部署Pod

# k8s部署tomcat服务
docker load -i tomcat.tar.gz
kubectl apply -f tomcat.yaml
curl -I podip:port

kubectl apply -f tomcat-service.yaml   # 四层负载均衡
kubectl get service

3.3. 测试Coredns域名

kubectl run busybox --image busybox:1.28 --restart=Never --rm -it busybox --sh
nslookup kubernetes.default.svc.cluster.local