当前位置：网站首页>kubesphere haproxy+keepalived （一）

echo -e "10.10.10.60 lb1\n10.10.10.70 lb2\n10.10.10.88 kube-apiserver-1\n10.10.10.89 kube-apiserver-2\n10.10.10.90 kube-apiserver-3\n10.10.10.91 worker1\n10.10.10.92 worker2\n" >>/etc/hosts

0、1设置hostname

hostnamectl set-hostname 名称

1、yum源设置

mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.backup
curl -o /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-7.repo
sed -i -e '/mirrors.cloud.aliyuncs.com/d' -e '/mirrors.aliyuncs.com/d' /etc/yum.repos.d/CentOS-Base.repo
yum clean all && yum makecache
yum install net-tools -y
systemctl stop firewalld
systemctl disable firewalld
sudo sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config
setenforce 0
yum install -y vim wget git

2、Yum 安装 Keepalived + HAProxy

在主机为 lb1 和 lb2 中部署 Keepalived + HAProxy 即 IP 为10.10.10.60与10.10.10.70的服务器上安装部署 HAProxy 和 psmisc。

安装命令

yum install keepalived haproxy psmisc -y

3、配置Keepalived 和 HAProxy

3.1、配置l(b110.10.10.60)的HAProxy()

3.11、lb1的/etc/haproxy/haproxy.cfg

#---------------------------------------------------------------------
# Example configuration for a possible web application. See the
# full configuration options online.
#
# http://haproxy.1wt.eu/download/1.4/doc/configuration.txt
#
#---------------------------------------------------------------------

#---------------------------------------------------------------------
# Global settings
#---------------------------------------------------------------------
global
# to have these messages end up in /var/log/haproxy.log you will
# need to:
#
# 1) configure syslog to accept network log events. This is done
# by adding the '-r' option to the SYSLOGD_OPTIONS in
# /etc/sysconfig/syslog
#
# 2) configure local2 events to go to the /var/log/haproxy.log
# file. A line like the following can be added to
# /etc/sysconfig/syslog
#
# local2.* /var/log/haproxy.log
#
log 127.0.0.1 local2

chroot /var/lib/haproxy
pidfile /var/run/haproxy.pid
maxconn 4000
user haproxy
group haproxy
daemon

# turn on stats unix socket
stats socket /var/lib/haproxy/stats

#---------------------------------------------------------------------
# common defaults that all the 'listen' and 'backend' sections will
# use if not designated in their block
#---------------------------------------------------------------------
defaults
mode http
log global
option httplog
option dontlognull
option http-server-close
option forwardfor except 127.0.0.0/8
option redispatch
retries 3
timeout http-request 10s
timeout queue 1m
timeout connect 10s
timeout client 1m
timeout server 1m
timeout http-keep-alive 10s
timeout check 10s
maxconn 3000

#---------------------------------------------------------------------
# main frontend which proxys to the backends
#---------------------------------------------------------------------
frontend kube-apiserver
bind *:6443
mode tcp
option tcplog
default_backend kube-apiserver
#---------------------------------------------------------------------
# round robin balancing between the various backends
#---------------------------------------------------------------------
backend kube-apiserver
mode tcp
option tcplog
balance roundrobin
default-server inter 10s downinter 5s rise 2 fall 2 slowstart 60s maxconn 250 maxqueue 256 weight 100
server kube-apiserver-1 10.10.10.88:6443 check
server kube-apiserver-2 10.10.10.89:6443 check

3.2配置l(b2 10.10.10.70)的HAProxy

3.21、lb2的/etc/haproxy/haproxy.cfg

chroot /var/lib/haproxy
pidfile /var/run/haproxy.pid
maxconn 4000
user haproxy
group haproxy
daemon

# turn on stats unix socket
stats socket /var/lib/haproxy/stats

3.3配置(lb1:10.10.10.60)的Keepalived

3.3.1、lb1的/etc/keepalived/keepalived.conf

global_defs {
notification_email {
}
smtp_connect_timeout 30
router_id LVS_DEVEL60
vrrp_skip_check_adv_addr
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_script chk_haproxy {
script "killall -0 haproxy"
interval 2
weight 20
}
vrrp_instance haproxy-vip {
state MASTER
priority 100
interface ens33
virtual_router_id 60
advert_int 1
authentication {
auth_type PASS
auth_pass liebe
}
unicast_src_ip 10.10.10.60
unicast_peer {
10.10.10.70
}
virtual_ipaddress {
10.10.10.10/24
}
track_script {
chk_haproxy
}
}

3.4、配置l(b2:10.10.10.70)的Keepalived

3.4.1、lb2的/etc/keepalived/keepalived.conf

global_defs {
notification_email {
}
router_id LVS_DEVEL70
vrrp_skip_check_adv_addr
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_script chk_haproxy {
script "killall -0 haproxy"
interval 2
weight 20
}
vrrp_instance haproxy-vip {
state BACKUP
priority 90
interface ens33
virtual_router_id 60
advert_int 1
authentication {
auth_type PASS
auth_pass liebe
}
unicast_src_ip 10.10.10.70
unicast_peer {
10.10.10.60
}
virtual_ipaddress {
10.10.10.10/24
}
track_script {
chk_haproxy
}
}