简介

本集群使用 nginx + keepalived 实现高可用

nginx 安装配置

下载编译nginx

nginx 只需要编译一次,把编译后的 文件拷贝到其他master机器上即可

cd /opt/k8s/work

wget http://nginx.org/download/nginx-1.15.3.tar.gz

tar -xzvf nginx-1.15.3.tar.gz

#编译

cd /opt/k8s/work/nginx-1.15.3

mkdir nginx-prefix

./configure --with-stream --without-http --prefix=$(pwd)/nginx-prefix --without-http_uwsgi_module

make && make install

#############

--without-http_scgi_module --without-http_fastcgi_module

--with-stream:开启 4 层透明转发(TCP Proxy)功能;

--without-xxx:关闭所有其他功能,这样生成的动态链接二进制程序依赖最小;

查看 nginx 动态链接的库:

[root@node01 nginx-1.15.3]# ldd ./nginx-prefix/sbin/nginx

	linux-vdso.so.1 =>  (0x00007ffee18cc000)

	libdl.so.2 => /lib64/libdl.so.2 (0x00007f5e89daa000)

	libpthread.so.0 => /lib64/libpthread.so.0 (0x00007f5e89b8e000)

	libc.so.6 => /lib64/libc.so.6 (0x00007f5e897c0000)

	/lib64/ld-linux-x86-64.so.2 (0x00007f5e89fae000)

由于只开启了 4 层透明转发功能,所以除了依赖 libc 等操作系统核心 lib 库外,没有对其它 lib 的依赖(如 libz、libssl 等),这样可以方便部署到各版本操作系统中

创建目录结构

cd /opt/k8s/work

source /opt/k8s/bin/environment.sh

for node_ip in ${MASTER_IPS[@]}

  do

    echo ">>> ${node_ip}"

    ssh root@${node_ip} "mkdir -p /opt/k8s/kube-nginx/{conf,logs,sbin}"

  done

拷贝二进制程序到其他主机 (有报错执行2遍就可以)

cd /opt/k8s/work

source /opt/k8s/bin/environment.sh

for node_ip in ${MASTER_IPS[@]}

  do

    echo ">>> ${node_ip}"

    scp /opt/k8s/work/nginx-1.15.3/nginx-prefix/sbin/nginx  root@${node_ip}:/opt/k8s/kube-nginx/sbin/kube-nginx

    ssh root@${node_ip} "chmod a+x /opt/k8s/kube-nginx/sbin/*"

  done

配置Nginx文件,开启4层透明转发

cd /opt/k8s/work

cat > kube-nginx.conf <<EOF

worker_processes 1;

events {

    worker_connections  1024;

}

stream {

    upstream backend {

        hash $remote_addr consistent;

        server 10.0.20.11:6443        max_fails=3 fail_timeout=30s;

        server 10.0.20.12:6443        max_fails=3 fail_timeout=30s;

        server 10.0.20.13:6443        max_fails=3 fail_timeout=30s;

    }

    server {

        listen *:8443;

        proxy_connect_timeout 1s;

        proxy_pass backend;

    }

}

EOF

#这里需要将server替换我们自己的地址

分发配置文件

cd /opt/k8s/work

source /opt/k8s/bin/environment.sh

for node_ip in ${MASTER_IPS[@]}

  do

    echo ">>> ${node_ip}"

    scp kube-nginx.conf  root@${node_ip}:/opt/k8s/kube-nginx/conf/kube-nginx.conf

  done

配置Nginx启动文件

cd /opt/k8s/work

cat > kube-nginx.service <<EOF

[Unit]

Description=kube-apiserver nginx proxy

After=network.target

After=network-online.target

Wants=network-online.target

[Service]

Type=forking

ExecStartPre=/opt/k8s/kube-nginx/sbin/kube-nginx -c /opt/k8s/kube-nginx/conf/kube-nginx.conf -p /opt/k8s/kube-nginx -t

ExecStart=/opt/k8s/kube-nginx/sbin/kube-nginx -c /opt/k8s/kube-nginx/conf/kube-nginx.conf -p /opt/k8s/kube-nginx

ExecReload=/opt/k8s/kube-nginx/sbin/kube-nginx -c /opt/k8s/kube-nginx/conf/kube-nginx.conf -p /opt/k8s/kube-nginx -s reload

PrivateTmp=true

Restart=always

RestartSec=5

StartLimitInterval=0

LimitNOFILE=65536

[Install]

WantedBy=multi-user.target

EOF

分发nginx启动文件

cd /opt/k8s/work

source /opt/k8s/bin/environment.sh

for node_ip in ${MASTER_IPS[@]}

  do

    echo ">>> ${node_ip}"

    scp kube-nginx.service  root@${node_ip}:/etc/systemd/system/

  done

启动 kube-nginx 服务

cd /opt/k8s/work

source /opt/k8s/bin/environment.sh

for node_ip in ${MASTER_IPS[@]}

  do

    echo ">>> ${node_ip}"

    ssh root@${node_ip} "systemctl daemon-reload && systemctl enable kube-nginx && systemctl start kube-nginx"

  done

检查 kube-nginx 服务运行状态

cd /opt/k8s/work

source /opt/k8s/bin/environment.sh

for node_ip in ${MASTER_IPS[@]}

  do

    echo ">>> ${node_ip}"

    ssh root@${node_ip} "systemctl status kube-nginx |grep 'Active:'"

  done


[root@node01 work]# for node_ip in ${MASTER_IPS[@]}

>   do

>     echo ">>> ${node_ip}"

>     ssh root@${node_ip} "systemctl status kube-nginx |grep 'Active:'"

>   done

>>> 10.0.20.11

   Active: active (running) since Thu 2019-12-05 15:13:19 CST; 3s ago

>>> 10.0.20.12

   Active: active (running) since Thu 2019-12-05 15:13:19 CST; 3s ago

>>> 10.0.20.13

   Active: active (running) since Thu 2019-12-05 15:13:19 CST; 3s ago

检查 kube-nginx 端口

cd /opt/k8s/work

source /opt/k8s/bin/environment.sh

for node_ip in ${MASTER_IPS[@]}

  do

    echo ">>> ${node_ip}"

    ssh root@${node_ip} "netstat -lntup | grep 8443"

  done


[root@node01 work]# for node_ip in ${MASTER_IPS[@]}

>   do

>     echo ">>> ${node_ip}"

>     ssh root@${node_ip} "netstat -lntup | grep 8443"

>   done

>>> 10.0.20.11

tcp        0      0 0.0.0.0:8443            0.0.0.0:*               LISTEN      5356/nginx: master

>>> 10.0.20.12

tcp        0      0 0.0.0.0:8443            0.0.0.0:*               LISTEN      2586/nginx: master

>>> 10.0.20.13

tcp        0      0 0.0.0.0:8443            0.0.0.0:*               LISTEN      2630/nginx: master

keepalived 安装配置

安装keeplive服务

前面我们也说了,高可用方案需要一个VIP,供集群内部访问

在所有master节点安装keeplived

yum  install -y keepalived

配置keeplive服务

配置文件模板

cd /opt/k8s/work

source /opt/k8s/bin/environment.sh

cat > keepalived.conf.template <<EOF

! Configuration File for keepalived

global_defs {

   router_id ##MASTER_IP##

}

vrrp_script chk_nginx {

    script "/etc/keepalived/check_port.sh 8443"

    interval 2

    weight -20

}

vrrp_instance VI_1 {

    state MASTER

    interface ##IFACE##

    virtual_router_id 251

    priority 100

    advert_int 1

    mcast_src_ip ##MASTER_IP##

    nopreempt

    authentication {

        auth_type PASS

        auth_pass 11111111

    }

    track_script {

         chk_nginx

    }

    virtual_ipaddress {

        ##KEEP_VIP##

    }

}

EOF

替换模板文件的变量,为各个节点生成配置文件

cd /opt/k8s/work

source /opt/k8s/bin/environment.sh

for (( i=0; i < 3; i++ ))

  do

    sed -e "s/##MASTER_IP##/${MASTER_IPS[i]}/" -e "s/##KEEP_VIP##/${KEEP_VIP_ADDR}/" -e "s/##IFACE##/${IFACE}/" keepalived.conf.template >  keepalived-${MASTER_IPS[i]}.conf

  done

ls keepalived-*.conf

将对应的keepalived配置文件拷贝到对应的节点上

cd /opt/k8s/work

source /opt/k8s/bin/environment.sh

for (( i=0; i < 3; i++ ))

  do

    echo ">>> ${node_ip}"

    scp  keepalived-${MASTER_IPS[i]}.conf ${MASTER_NAMES[i]}:/etc/keepalived/keepalived.conf

  done

创建健康检查脚本

cd /opt/k8s/work

cat > check_port.sh <<EOF

#!/bin/sh

CHK_PORT=\$1

if [ -n "\$CHK_PORT" ];then

  PORT_PROCESS=\`ss -lntup|grep \${CHK_PORT}|wc -l\`

    if [ \$PORT_PROCESS -eq 0 ];then

      echo -e "\033[31m ERROR: Port \$CHK_PORT Is Not Used,End. \033[0m"

      exit 1

  fi

fi

EOF

分发脚本到所有keepalived节点

cd /opt/k8s/work

source /opt/k8s/bin/environment.sh

for node in ${MASTER_IPS[@]}

do

  echo ">>> ${node}"

  scp check_port.sh ${node}:/etc/keepalived/

done

启动keeplived

cd /opt/k8s/work

source /opt/k8s/bin/environment.sh

for node in ${MASTER_IPS[@]}

do

  echo ">>> ${node}"

  ssh ${node} "systemctl enable keepalived && systemctl start keepalived && systemctl status keepalived | grep active"

done

查看VIP地址

cd /opt/k8s/work

source /opt/k8s/bin/environment.sh

for node in ${MASTER_IPS[@]}

do

  echo ">>> ${node}"

  ssh ${node} "ip a | grep 20.10"

done

输出结果

[root@node01 work]# for node in ${MASTER_IPS[@]}

> do

>   echo ">>> ${node}"

>   ssh ${node} "ip a | grep 20.10"

> done

>>> 10.0.20.11

>>> 10.0.20.12

>>> 10.0.20.13

    inet 10.0.20.10/32 scope global bond0

kube-nginx 和 keepalived 部署安装的更多相关文章

  1. docker 部署nginx 使用keepalived 部署高可用

    一.体系架构 在Keepalived + Nginx高可用负载均衡架构中,keepalived负责实现High-availability (HA) 功能控制前端机VIP(虚拟网络地址),当有设备发生故 ...

  2. FastDFS+Nginx分布式文件系统部署安装

    安装: ##安装tracker.storage参考:http://www.cnblogs.com/zclzhao/p/5025229.html nginx代理设置参考:http://www.cnblo ...

  3. Tomcat+nginx+Keepalived部署实现集群

    Tomcat+nginx+Keepalived部署实现集群 环境说明: 系统:Centos-7 主机:Centos-7 x3 IP地址: 服务器1(192.168.10.102/24) 服务器2(19 ...

  4. Nginx 集群部署(Keepalived)

    # Nginx集群部署 # 当我们的用户同时访问量达到一定量的时候,一台服务器是不够用的 # 这个时候我们需要解决这个问题肯定是要添加新的服务器去处理用户访问 # 多台服务器处理用户访问就需要我们集群 ...

  5. Linux、Debian、Jenkins、GIT、Nginx、码云安装,自动化部署前后端分离项目

    1.安装Jenkins i:下载Jenkins安装包(war文件):https://jenkins.io/download/ ii:这里采用Tomcat的war包方式安装,讲下载好的安装包放到Tomc ...

  6. Nginx+keepalived 脚本安装主从双机热备自动切换解决方案

    Nginx+keepalived 脚本安装主从双机热备自动切换解决方案 2013-07-02 19:24:13 标签:filesnginx keepalived 原创作品,允许转载,转载时请务必以超链 ...

  7. nginx部署安装

    首先需要下载Nginx软件包 nginx软件官方下载地址:[nginx官方下载连接](http://www.nginx.org) 建议选择稳定的软件版本,如果练习使用当然是无所谓,随便什么版本都可以, ...

  8. linux安装Nginx 以及 keepalived 管理Nginx

    linux安装Nginx 1.1将Nginx素材内容上传到/usr/local目录(pcre,zlib,openssl,nginx)(注意:必须登录用对这个文件具有操作权限的) 1.2安装pcre库 ...

  9. 阿里云安装Nginx+vue项目部署

    阿里云安装Nginx+vue项目部署 nginx安装包下载 http://nginx.org/en/download.html nginx安装 首先先安装PCRE pcre-devel 和Zlib,因 ...

随机推荐

  1. 【MySQL】MySQL 8.0.X的安装与卸载命令

    1.请读者自行下载MySQL Server https://dev.mysql.com/downloads/mysql/ 2.解压.zip文件 将mysql-8.0.12-winx64.zip解压到 ...

  2. 搭建邮件服务器,使用Postfix与Dovecot收发电子邮件

    小知识: 我们为什么要搭建邮件服务器呢?有时候我们处于一个局域网内,不能及时的分享各自的研究成果,迫切的需要一种能够借助于网络且建立在计算机之间的传输数据的方法.所以我们需要搭建邮件服务器,这样的话既 ...

  3. 学习笔记42_SpringMVC

    SpringMVC中,Global.axas发生变化,其中 1.原来是 public class MvcApplication:System.web.HttpApplication 现在是 publi ...

  4. CSPS模拟 68

    令人kuku的一场考试, T1 令人kuku的贪心,反工了好几次,耗费了1h之久. T2 令人kuku的数据结构,到死也没调出来,还是细节问题,要积累. T3 令人kuku的二分答案. 先二分第一个答 ...

  5. Java自动化测试框架-10 - TestNG之测试结果篇

    1.-测试结果 1.1-成功,失败和断言 测试被认为是成功的,如果它不引发任何异常完成,还是它扔的预期异常(请参阅文档expectedExceptions属性上找到的@Test注释). 您的测试方法通 ...

  6. 原生JS实现单向链表

    1.前言 用JS实现一个简单的单向链表,并完成相关的功能 2.功能说明 push(value):从链表尾部添加一个新的节点 insertAfer(value,item):向链表中的item节点之后插入 ...

  7. 参观路线——并查集+dfs

    题目描述 Lambdaland由N个城市组成,任两个城市间都有一条道路相连.  下个月TBL准备参观Lambdaland.他将从城市1开始,以深度优先搜索顺序参观能所有遍历到的城市. 由于TBL是一位 ...

  8. Kubernetes5-集群上搭建基于redis和docker的留言薄

    一.简介 1.环境依旧是kubernetes之前文章的架构 2.需要docker的镜像 1)php-forntend web 前端镜像 docker.io-kubeguide-guestbook-ph ...

  9. JSP——九大隐藏对象之四大域对象

    你一定在你的Jsp文件中的监本片段中使用过以下九个对象的几种:out.config.page.pageContext.exception.request.response.application.se ...

  10. 算法编程题积累(3)——腾讯笔试"构造回文“问题

    首先理解题意,回文串的特点:倒序后跟原串相同.故而可以将原串看成向一个回文串在任意位置添加任意字符后形成的字符串,也就是说原串中存在一段未必连续的回文序列. 通过分析可以知道AC本题的核心思路:求出回 ...