三台机器都安装keepalived
1
| sudo yum install -y ipvsadm keepalived
|
配置keepalived
三个 master 节点使用 MASTER-BACKUP-BACKUP 模式,192.168.17.101 为 主 master。
修改 192.168.17.101 上 /etc/keepalived/keepalived.conf 内容如下
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
| global_defs {
router_id LVS_k8s
}
vrrp_script CheckK8sMaster {
script "curl -k https://127.0.0.1:6443/api"
interval 3
weight -10
fall 2
rise 2
}
vrrp_instance VI_1 {
virtual_router_id 66
advert_int 1
state MASTER ## 状态
priority 100 ## 优先级
interface eth0
mcast_src_ip 192.168.17.101 ##这里需要改成当前机器ip
authentication {
auth_type PASS
auth_pass 4743
}
unicast_peer {
192.168.17.101
192.168.17.102
192.168.17.103
}
virtual_ipaddress {
192.168.17.100 ## vip地址,不需要自己创建ip了,keepalived会自动帮我们创建
}
track_script {
CheckK8sMaster
}
}
virtual_server 192.168.17.100 6443 {
lb_algo rr
lb_kind DR
persistence_timeout 0
delay_loop 20
protocol TCP
real_server 192.168.17.101 6443 {
weight 10
TCP_CHECK {
connect_timeout 10
}
}
real_server 192.168.17.102 6443 {
weight 10
TCP_CHECK {
connect_timeout 10
}
}
real_server 192.168.17.103 6443 {
weight 10
TCP_CHECK {
connect_timeout 10
}
}
}
|
另外两台节点配置与第一台基本相同,仅需要修改以下几处:
- state 改为 BACKUP
- priority 改为比100小的数
- mcast_src_ip 改为当前节点ip
修改内核参数,将以下内容追加到 /etc/sysctl.conf 文件中并执行sudo sysctl -p1
2
3
4
5
6
7
| net.ipv4.conf.lo.arp_ignore = 1
net.ipv4.conf.lo.arp_announce = 2
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2
net.ipv4.ip_forward = 1
net.ipv4.nf_conntrack_max = 2048000
net.netfilter.nf_conntrack_max = 2048000
|
启动 keepalived 并配置开机启动
1
2
| systemctl start keepalived
systemctl enable keepalived
|
验证
- 在三台机器上分别执行
kubectl get no均工作正常
- 重启主 master 节点 162.168.17.101,在其他两台机器上查看节点状态,发现 162.168.17.101 很快变为 NotReady ,稍后又变为 Ready
