k8s-多master-nginx-keepalived配置

结构图(提交规划好虚拟vip地址)

 1、Nginx主备配置(4层复制)在http外面加一个stream

stream {

   log_format  main  '$remote_addr $upstream_addr - [$time_local] $status $upstream_bytes_sent';
    access_log  /var/log/nginx/k8s-access.log  main;

    upstream k8s-apiserver {
        server 192.168.56.11:6443;
        server 192.168.56.14:6443;
    }
    server {
                listen 6443;
                proxy_pass k8s-apiserver;
    }
    } 
 1 user  nginx;
 2 worker_processes  1;
 3 
 4 error_log  /var/log/nginx/error.log warn;
 5 pid        /var/run/nginx.pid;
 6 
 7 
 8 events {
 9     worker_connections  1024;
10 }
11 
12 stream {
13 
14    log_format  main  '$remote_addr $upstream_addr - [$time_local] $status $upstream_bytes_sent';
15     access_log  /var/log/nginx/k8s-access.log  main;
16 
17     upstream k8s-apiserver {
18         server 192.168.56.11:6443;
19         server 192.168.56.14:6443;
20     }
21     server {
22                 listen 6443;
23                 proxy_pass k8s-apiserver;
24     }
25     }
26 
27 http {
28     include       /etc/nginx/mime.types;
29     default_type  application/octet-stream;
30 
31     log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
32                       '$status $body_bytes_sent "$http_referer" '
33                       '"$http_user_agent" "$http_x_forwarded_for"';
34 
35     access_log  /var/log/nginx/access.log  main;
36 
37     sendfile        on;
38     #tcp_nopush     on;
39 
40     keepalive_timeout  65;
41 
42     #gzip  on;
43 
44     include /etc/nginx/conf.d/*.conf;
45 }
完整配置

2、主keepalived配置

! Configuration File for keepalived 
 
global_defs { 
   # 接收邮件地址 
   notification_email { 
     acassen@firewall.loc 
     failover@firewall.loc 
     sysadmin@firewall.loc 
   } 
   # 邮件发送地址 
   notification_email_from Alexandre.Cassen@firewall.loc  
   smtp_server 127.0.0.1 
   smtp_connect_timeout 30 
   router_id NGINX_MASTER 
} 

vrrp_script check_nginx {
    script "/usr/local/nginx/sbin/check_nginx.sh"
}

vrrp_instance VI_1 { 
    state MASTER 
    interface eth0
    virtual_router_id 51 # VRRP 路由 ID实例,每个实例是唯一的 
    priority 100    # 优先级,备服务器设置 90 
    advert_int 1    # 指定VRRP 心跳包通告间隔时间,默认1秒 
    authentication { 
        auth_type PASS      
        auth_pass 1111 
    }  
    virtual_ipaddress { 
        192.168.56.17/24 
    } 
    track_script {
        check_nginx
    } 
}

3、备keepalived配置

! Configuration File for keepalived 
 
global_defs { 
   # 接收邮件地址 
   notification_email { 
     acassen@firewall.loc 
     failover@firewall.loc 
     sysadmin@firewall.loc 
   } 
   # 邮件发送地址 
   notification_email_from Alexandre.Cassen@firewall.loc  
   smtp_server 127.0.0.1 
   smtp_connect_timeout 30 
   router_id NGINX_MASTER 
} 

vrrp_script check_nginx {
    script "/usr/local/nginx/sbin/check_nginx.sh"
}

vrrp_instance VI_1 { 
    state BACKUP
    interface eth0
    virtual_router_id 51 # VRRP 路由 ID实例,每个实例是唯一的 
    priority 90    # 优先级,备服务器设置 90 
    advert_int 1    # 指定VRRP 心跳包通告间隔时间,默认1秒 
    authentication { 
        auth_type PASS      
        auth_pass 1111 
    }  
    virtual_ipaddress { 
        192.168.56.17/24 
    } 
    track_script {
        check_nginx
    } 
}

4、主备检查脚本

check_nginx.sh

count=$(ps -ef|grep nginx |egrep -cv "grep|$$")

if [ "$count" -eq 0 ];then
    systemctl stop keepalived
fi
posted @ 2020-01-16 15:33  随心朝阳  阅读(1343)  评论(0编辑  收藏  举报