Network Security Internet Technology Development Database Servers Mobile Phone Android Software Apple Software Computer Software News IT Information

In addition to Weibo, there is also WeChat

Please pay attention

WeChat public account

Shulou

How to implement it with Keepalived+HAProxy High availability Cluster K8S

2025-04-02 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Development >

Share

Shulou(Shulou.com)06/01 Report--

Today, I would like to share with you how to use Keepalived+HAProxy high availability cluster K8S to achieve the relevant knowledge, detailed content, clear logic, I believe that most people still know too much about this knowledge, so share this article for your reference, I hope you can get something after reading this article, let's take a look at it.

Prepare the environment:

Host ipk8s-master01192.168.10.4k8s-master02192.168.10.5k8s-master03192.168.10.6VIP192.168.10.150

Architecture diagram

Note: master cluster uses odd number, 3, 5, 7.

All nodes parse hosts files

Tail-3 / etc/hosts192.168.10.4 k8s-master01192.168.10.5 k8s-master02192.168.10.6 k8s-master03

Keepalived and haproxy software should be installed on all nodes

Yum-y install haproxy keepalived

Modify the haproxy configuration file (all nodes have the same configuration)

It is best to choose 2.x version, of course, this version does not affect the use, but the function is not as many as 2.x version.

Vim / etc/haproxy/haproxy.cfgglobal maxconn 2000 ulimit-n 16384 log 127.0.0.1 local0 err stats timeout 30sdefaults log global mode http option httplog timeout connect 5000 timeout client 50000 timeout server 50000 timeout http-request 15s timeout http-keep-alive 15sfrontend monitor-in bind *: 33305 mode http option httplog monitor-uri / monitorlisten stats bind *: 8006 mode http stats enable stats hide-version stats uri / stats stats refresh 30s stats realm Haproxy\ Statistics stats auth admin:adminfrontend k8s- Master bind 0.0.0.0:16443 bind 127.0.0.1:16443 mode tcp option tcplog tcp-request inspect-delay 5s default_backend k8s-masterbackend k8s-master mode tcp option tcplog option tcp-check balance roundrobin default-server inter 10s downinter 5s rise 2 fall 2 slowstart 60s maxconn 250 maxqueue 256 weight 100 server k8s-master01 192.168.10.4:6443 check server k8s-master02 192.168.10.5:6443 check server k8s-master03 192.168.10.6:6443 check

Master01 node modifies keepalived configuration file

Vim / etc/keepalived/keepalived.conf! Configuration File for keepalivedglobal_defs {router_id LVS_DEVEL} vrrp_script chk_apiserver {script "/ etc/keepalived/check_apiserver.sh" interval 2 weight-5 fall 3 rise 2} vrrp_instance VI_1 {state MASTER interface eth0 mcast_src_ip 192.168.10.4 virtual_router_id 51 priority 100 advert_int 2 authentication {auth_type PASS auth_pass K8SHA_KA_AUTH } virtual_ipaddress {192.168.10.150/24} track_script {chk_apiserver}

Master02 node modifies keepalived configuration file

Vim / etc/keepalived/keepalived.conf! Configuration File for keepalivedglobal_defs {router_id LVS_DEVEL} vrrp_script chk_apiserver {script "/ etc/keepalived/check_apiserver.sh" interval 2 weight-5 fall 3 rise 2} vrrp_instance VI_1 {state BACKUP interface eth0 mcast_src_ip 192.168.10.5 virtual_router_id 51 priority 50 advert_int 2 authentication {auth_type PASS auth_pass K8SHA_KA_AUTH } virtual_ipaddress {192.168.10.150/24} track_script {chk_apiserver}}

Master03 node modifies keepalived configuration file

Vim / etc/keepalived/keepalived.conf! Configuration File for keepalivedglobal_defs {router_id LVS_DEVEL} vrrp_script chk_apiserver {script "/ etc/keepalived/check_apiserver.sh" interval 2 weight-5 fall 3 rise 2} vrrp_instance VI_1 {state BACKUP interface eth0 mcast_src_ip 192.168.10.6 virtual_router_id 51 priority 50 advert_int 2 authentication {auth_type PASS auth_pass K8SHA_KA_AUTH } virtual_ipaddress {192.168.10.150/24} track_script {chk_apiserver}}

All nodes create health check scripts

Vim / etcswap keepalivedracket checklists apiserver.shroud raceme binapherrants 0 for k in $(seq 1 5) do check_code=$ (pgrep haproxy) if [[$check_code= = "]]; then err=$ (expr $err + 1) sleep 5 continue else err=0 break fidoneif [[$err! =" 0 "]]; then echo" systemctl stop keepalived "/ usr/bin/systemctl stop keepalived exit 1else exit 0fi

Start the haproxy and keepalived services

Systemctl daemon-reload systemctl enable-now haproxysystemctl enable-now keepalived

You can test the availability of vip with the ping and telnet commands

Ping 192.168.10.150PING 192.168.10.150 (192.168.10.150) 56 (84) bytes of data.64 bytes from 192.168.10.150: icmp_seq=1 ttl=64 time=1.60 ms64 bytes from 192.168.10.150: icmp_seq=2 ttl=64 time=0.519 ms64 bytes from 192.168.10.150: icmp_seq=3 ttl=64 time=0.874 ms64 bytes from 192.168.10.150: icmp_seq=4 ttl=64 time=0.786 Ms ^ C-192.168.10.150 ping statistics-4 packets transmitted, 4 received, 0 packet loss Time 3009msrtt min/avg/max/mdev = 0.519max 0.946 16443Trying 192.168.10.150...Connected to 192.168.10.150.Escape character is 1.606 mstelnet 0.403 192.168.10.150 16443Trying 192.168.10.150...Connected to 192.168.10.150.Escape character is'^'. Connection closed by foreign host.

Try to disconnect the keepalived of the node where the vip is located to see if the ip is drifting. If the vip drifts to another node, it means success.

These are all the contents of the article "how to use Keepalived+HAProxy High availability Cluster K8S". Thank you for reading! I believe you will gain a lot after reading this article. The editor will update different knowledge for you every day. If you want to learn more knowledge, please pay attention to the industry information channel.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

Views: 0

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.

Share To

Development

Wechat

© 2024 shulou.com SLNews company. All rights reserved.

12
Report