简介

本集群使用 nginx + keepalived 实现高可用

nginx 安装配置

下载编译nginx

nginx 只需要编译一次,把编译后的 文件拷贝到其他master机器上即可

cd /opt/k8s/work

wget http://nginx.org/download/nginx-1.15.3.tar.gz

tar -xzvf nginx-1.15.3.tar.gz

#编译

cd /opt/k8s/work/nginx-1.15.3

mkdir nginx-prefix

./configure --with-stream --without-http --prefix=$(pwd)/nginx-prefix --without-http_uwsgi_module

make && make install

#############

--without-http_scgi_module --without-http_fastcgi_module

--with-stream:开启 4 层透明转发(TCP Proxy)功能;

--without-xxx:关闭所有其他功能,这样生成的动态链接二进制程序依赖最小;

查看 nginx 动态链接的库:

[root@node01 nginx-1.15.3]# ldd ./nginx-prefix/sbin/nginx

	linux-vdso.so.1 =>  (0x00007ffee18cc000)

	libdl.so.2 => /lib64/libdl.so.2 (0x00007f5e89daa000)

	libpthread.so.0 => /lib64/libpthread.so.0 (0x00007f5e89b8e000)

	libc.so.6 => /lib64/libc.so.6 (0x00007f5e897c0000)

	/lib64/ld-linux-x86-64.so.2 (0x00007f5e89fae000)

由于只开启了 4 层透明转发功能,所以除了依赖 libc 等操作系统核心 lib 库外,没有对其它 lib 的依赖(如 libz、libssl 等),这样可以方便部署到各版本操作系统中

创建目录结构

cd /opt/k8s/work

source /opt/k8s/bin/environment.sh

for node_ip in ${MASTER_IPS[@]}

  do

    echo ">>> ${node_ip}"

    ssh root@${node_ip} "mkdir -p /opt/k8s/kube-nginx/{conf,logs,sbin}"

  done

拷贝二进制程序到其他主机 (有报错执行2遍就可以)

cd /opt/k8s/work

source /opt/k8s/bin/environment.sh

for node_ip in ${MASTER_IPS[@]}

  do

    echo ">>> ${node_ip}"

    scp /opt/k8s/work/nginx-1.15.3/nginx-prefix/sbin/nginx  root@${node_ip}:/opt/k8s/kube-nginx/sbin/kube-nginx

    ssh root@${node_ip} "chmod a+x /opt/k8s/kube-nginx/sbin/*"

  done

配置Nginx文件,开启4层透明转发

cd /opt/k8s/work

cat > kube-nginx.conf <<EOF

worker_processes 1;

events {

    worker_connections  1024;

}

stream {

    upstream backend {

        hash $remote_addr consistent;

        server 10.0.20.11:6443        max_fails=3 fail_timeout=30s;

        server 10.0.20.12:6443        max_fails=3 fail_timeout=30s;

        server 10.0.20.13:6443        max_fails=3 fail_timeout=30s;

    }

    server {

        listen *:8443;

        proxy_connect_timeout 1s;

        proxy_pass backend;

    }

}

EOF

#这里需要将server替换我们自己的地址

分发配置文件

cd /opt/k8s/work

source /opt/k8s/bin/environment.sh

for node_ip in ${MASTER_IPS[@]}

  do

    echo ">>> ${node_ip}"

    scp kube-nginx.conf  root@${node_ip}:/opt/k8s/kube-nginx/conf/kube-nginx.conf

  done

配置Nginx启动文件

cd /opt/k8s/work

cat > kube-nginx.service <<EOF

[Unit]

Description=kube-apiserver nginx proxy

After=network.target

After=network-online.target

Wants=network-online.target

[Service]

Type=forking

ExecStartPre=/opt/k8s/kube-nginx/sbin/kube-nginx -c /opt/k8s/kube-nginx/conf/kube-nginx.conf -p /opt/k8s/kube-nginx -t

ExecStart=/opt/k8s/kube-nginx/sbin/kube-nginx -c /opt/k8s/kube-nginx/conf/kube-nginx.conf -p /opt/k8s/kube-nginx

ExecReload=/opt/k8s/kube-nginx/sbin/kube-nginx -c /opt/k8s/kube-nginx/conf/kube-nginx.conf -p /opt/k8s/kube-nginx -s reload

PrivateTmp=true

Restart=always

RestartSec=5

StartLimitInterval=0

LimitNOFILE=65536

[Install]

WantedBy=multi-user.target

EOF

分发nginx启动文件

cd /opt/k8s/work

source /opt/k8s/bin/environment.sh

for node_ip in ${MASTER_IPS[@]}

  do

    echo ">>> ${node_ip}"

    scp kube-nginx.service  root@${node_ip}:/etc/systemd/system/

  done

启动 kube-nginx 服务

cd /opt/k8s/work

source /opt/k8s/bin/environment.sh

for node_ip in ${MASTER_IPS[@]}

  do

    echo ">>> ${node_ip}"

    ssh root@${node_ip} "systemctl daemon-reload && systemctl enable kube-nginx && systemctl start kube-nginx"

  done

检查 kube-nginx 服务运行状态

cd /opt/k8s/work

source /opt/k8s/bin/environment.sh

for node_ip in ${MASTER_IPS[@]}

  do

    echo ">>> ${node_ip}"

    ssh root@${node_ip} "systemctl status kube-nginx |grep 'Active:'"

  done


[root@node01 work]# for node_ip in ${MASTER_IPS[@]}

>   do

>     echo ">>> ${node_ip}"

>     ssh root@${node_ip} "systemctl status kube-nginx |grep 'Active:'"

>   done

>>> 10.0.20.11

   Active: active (running) since Thu 2019-12-05 15:13:19 CST; 3s ago

>>> 10.0.20.12

   Active: active (running) since Thu 2019-12-05 15:13:19 CST; 3s ago

>>> 10.0.20.13

   Active: active (running) since Thu 2019-12-05 15:13:19 CST; 3s ago

检查 kube-nginx 端口

cd /opt/k8s/work

source /opt/k8s/bin/environment.sh

for node_ip in ${MASTER_IPS[@]}

  do

    echo ">>> ${node_ip}"

    ssh root@${node_ip} "netstat -lntup | grep 8443"

  done


[root@node01 work]# for node_ip in ${MASTER_IPS[@]}

>   do

>     echo ">>> ${node_ip}"

>     ssh root@${node_ip} "netstat -lntup | grep 8443"

>   done

>>> 10.0.20.11

tcp        0      0 0.0.0.0:8443            0.0.0.0:*               LISTEN      5356/nginx: master

>>> 10.0.20.12

tcp        0      0 0.0.0.0:8443            0.0.0.0:*               LISTEN      2586/nginx: master

>>> 10.0.20.13

tcp        0      0 0.0.0.0:8443            0.0.0.0:*               LISTEN      2630/nginx: master

keepalived 安装配置

安装keeplive服务

前面我们也说了,高可用方案需要一个VIP,供集群内部访问

在所有master节点安装keeplived

yum  install -y keepalived

配置keeplive服务

配置文件模板

cd /opt/k8s/work

source /opt/k8s/bin/environment.sh

cat > keepalived.conf.template <<EOF

! Configuration File for keepalived

global_defs {

   router_id ##MASTER_IP##

}

vrrp_script chk_nginx {

    script "/etc/keepalived/check_port.sh 8443"

    interval 2

    weight -20

}

vrrp_instance VI_1 {

    state MASTER

    interface ##IFACE##

    virtual_router_id 251

    priority 100

    advert_int 1

    mcast_src_ip ##MASTER_IP##

    nopreempt

    authentication {

        auth_type PASS

        auth_pass 11111111

    }

    track_script {

         chk_nginx

    }

    virtual_ipaddress {

        ##KEEP_VIP##

    }

}

EOF

替换模板文件的变量,为各个节点生成配置文件

cd /opt/k8s/work

source /opt/k8s/bin/environment.sh

for (( i=0; i < 3; i++ ))

  do

    sed -e "s/##MASTER_IP##/${MASTER_IPS[i]}/" -e "s/##KEEP_VIP##/${KEEP_VIP_ADDR}/" -e "s/##IFACE##/${IFACE}/" keepalived.conf.template >  keepalived-${MASTER_IPS[i]}.conf

  done

ls keepalived-*.conf

将对应的keepalived配置文件拷贝到对应的节点上

cd /opt/k8s/work

source /opt/k8s/bin/environment.sh

for (( i=0; i < 3; i++ ))

  do

    echo ">>> ${node_ip}"

    scp  keepalived-${MASTER_IPS[i]}.conf ${MASTER_NAMES[i]}:/etc/keepalived/keepalived.conf

  done

创建健康检查脚本

cd /opt/k8s/work

cat > check_port.sh <<EOF

#!/bin/sh

CHK_PORT=\$1

if [ -n "\$CHK_PORT" ];then

  PORT_PROCESS=\`ss -lntup|grep \${CHK_PORT}|wc -l\`

    if [ \$PORT_PROCESS -eq 0 ];then

      echo -e "\033[31m ERROR: Port \$CHK_PORT Is Not Used,End. \033[0m"

      exit 1

  fi

fi

EOF

分发脚本到所有keepalived节点

cd /opt/k8s/work

source /opt/k8s/bin/environment.sh

for node in ${MASTER_IPS[@]}

do

  echo ">>> ${node}"

  scp check_port.sh ${node}:/etc/keepalived/

done

启动keeplived

cd /opt/k8s/work

source /opt/k8s/bin/environment.sh

for node in ${MASTER_IPS[@]}

do

  echo ">>> ${node}"

  ssh ${node} "systemctl enable keepalived && systemctl start keepalived && systemctl status keepalived | grep active"

done

查看VIP地址

cd /opt/k8s/work

source /opt/k8s/bin/environment.sh

for node in ${MASTER_IPS[@]}

do

  echo ">>> ${node}"

  ssh ${node} "ip a | grep 20.10"

done

输出结果

[root@node01 work]# for node in ${MASTER_IPS[@]}

> do

>   echo ">>> ${node}"

>   ssh ${node} "ip a | grep 20.10"

> done

>>> 10.0.20.11

>>> 10.0.20.12

>>> 10.0.20.13

    inet 10.0.20.10/32 scope global bond0

kube-nginx 和 keepalived 部署安装的更多相关文章

  1. docker 部署nginx 使用keepalived 部署高可用

    一.体系架构 在Keepalived + Nginx高可用负载均衡架构中,keepalived负责实现High-availability (HA) 功能控制前端机VIP(虚拟网络地址),当有设备发生故 ...

  2. FastDFS+Nginx分布式文件系统部署安装

    安装: ##安装tracker.storage参考:http://www.cnblogs.com/zclzhao/p/5025229.html nginx代理设置参考:http://www.cnblo ...

  3. Tomcat+nginx+Keepalived部署实现集群

    Tomcat+nginx+Keepalived部署实现集群 环境说明: 系统:Centos-7 主机:Centos-7 x3 IP地址: 服务器1(192.168.10.102/24) 服务器2(19 ...

  4. Nginx 集群部署(Keepalived)

    # Nginx集群部署 # 当我们的用户同时访问量达到一定量的时候,一台服务器是不够用的 # 这个时候我们需要解决这个问题肯定是要添加新的服务器去处理用户访问 # 多台服务器处理用户访问就需要我们集群 ...

  5. Linux、Debian、Jenkins、GIT、Nginx、码云安装,自动化部署前后端分离项目

    1.安装Jenkins i:下载Jenkins安装包(war文件):https://jenkins.io/download/ ii:这里采用Tomcat的war包方式安装,讲下载好的安装包放到Tomc ...

  6. Nginx+keepalived 脚本安装主从双机热备自动切换解决方案

    Nginx+keepalived 脚本安装主从双机热备自动切换解决方案 2013-07-02 19:24:13 标签:filesnginx keepalived 原创作品,允许转载,转载时请务必以超链 ...

  7. nginx部署安装

    首先需要下载Nginx软件包 nginx软件官方下载地址:[nginx官方下载连接](http://www.nginx.org) 建议选择稳定的软件版本,如果练习使用当然是无所谓,随便什么版本都可以, ...

  8. linux安装Nginx 以及 keepalived 管理Nginx

    linux安装Nginx 1.1将Nginx素材内容上传到/usr/local目录(pcre,zlib,openssl,nginx)(注意:必须登录用对这个文件具有操作权限的) 1.2安装pcre库 ...

  9. 阿里云安装Nginx+vue项目部署

    阿里云安装Nginx+vue项目部署 nginx安装包下载 http://nginx.org/en/download.html nginx安装 首先先安装PCRE pcre-devel 和Zlib,因 ...

随机推荐

  1. LeetCode刷题总结-数组篇(中)

    本文接着上一篇文章<LeetCode刷题总结-数组篇(上)>,继续讲第二个常考问题:矩阵问题. 矩阵也可以称为二维数组.在LeetCode相关习题中,作者总结发现主要考点有:矩阵元素的遍历 ...

  2. SpringCloud番外篇-服务治理之Nacos

    一.Nacos概述 Nacos是阿里巴巴开源的服务注册中心,官方文档:https://nacos.io/zh-cn/docs/what-is-nacos.html 从个人使用体验上看,nacos要比e ...

  3. Java 干货之深入理解Java泛型

    一般的类和方法,只能使用具体的类型,要么是基本类型,要么是自定义的类.如果要编写可以应用多中类型的代码,这种刻板的限制对代码得束缚会就会很大. ---<Thinking in Java> ...

  4. Go服务监控

    使用Golang可以开发出高性能的HTTP.GRPC服务.一般项目运行后,我们也需要监控服务的性能或者进行调试.除了打日志,还有没有其他可视化的方案呢?答案是有的. 本文将会介绍几种常用的监控方案. ...

  5. [考试反思]0908NOIP模拟测试40:颠簸

    怎么说呢?好像也没什么可说的. 把我的优缺点都表现出来了的一场考试. T3是个小的dp想出来就能打,打出来就能A.我上来过了一遍题目觉得T3最简单(然而也并不是很简单) 然后就开始打,交,其实已经A了 ...

  6. 小白学 Python(18):基础文件操作

    人生苦短,我选Python 前文传送门 小白学 Python(1):开篇 小白学 Python(2):基础数据类型(上) 小白学 Python(3):基础数据类型(下) 小白学 Python(4):变 ...

  7. java架构之路-(NoSql专题)MongoDB快速上手

    NoSQL(NoSQL = Not Only SQL ),意即"不仅仅是SQL".在现代的计算系统上每天网络上都会产生庞大的数据量.这些数据有很大一部分是由关系数据库管理系统(RD ...

  8. day 2上午 elect 选举 背包

    #include<iostream> using namespace std; int n; ; ]; long long p[maxn]; long long dp[maxn][maxn ...

  9. 数据可视化:绘图库-Matplotlib

    为什么要绘图? 一个图表数据的直观分析,下面先看一组北京和上海上午十一点到十二点的气温变化数据: 数据: 这里我用一段代码生成北京和上海的一个小时内每分钟的温度如下: import random co ...

  10. day5-字典专区

    # 字典# dict 1.fromkeys()根据序列,创建字典,并指定统一的值 v = dict.fromkeys(["],123) print(v) {': 123} 2.get()根据 ...