K8s high availability architecture 01/19 Update SLTechnology News&Howtos

K8s high availability architecture

2025-01-19 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Servers >

Shulou(Shulou.com)06/02 Report--

Overview

Address sealos, so that kubernetes high availability no longer need keepalived haproxy and ansible,sealyun customized Super Edition kubeadm through ipvs proxy multiple master, elegant solution to K8s high availability problem.

Environment introduction ip role10.103.97.200 master010.103.97.201 master010.103.97.202 master010.103.97.2 virtulIP

Apiserver.cluster.local apiserver resolution name

Download kubernetes1.14.0+ offline package

Initialize on each node

Tar zxvf kube1.14.0.tar.gz & & cd kube/shell & & sh init.sh

Replace the kubeadm in the replacement package with the downloaded kubeadm:

Cp kubeadm / usr/bin/kubeadmkubeadm configuration file

Cat kubeadm-config.yaml:

ApiVersion: kubeadm.k8s.io/v1beta1kind: ClusterConfigurationkubernetesVersion: v1.14.0controlPlaneEndpoint: "apiserver.cluster.local:6443" # use the resolution name to access APIserverapiServer: certSANs:-127.0.0.1-apiserver.cluster.local-172.20.241.205-172.20.241.206-172.20.241.207-172.20.241.208 -10.103.97.2 # Virtual IP is added to the certificate-apiVersion: kubeproxy.config.k8s.io/v1alpha1kind: KubeProxyConfigurationmode: "ipvs" ipvs: excludeCIDRs:-"10.103.97.2 IPVS 32" # if this k8s is not added, the user-created IPVS rules will be cleaned regularly Cause the agent to fail

On master0 10.103.97.200

Echo "10.103.97.200 apiserver.cluster.local" > > / etc/hostskubeadm init-- config=kubeadm-config.yaml-- experimental-upload-certs mkdir ~ / .kube & & cp / etc/kubernetes/admin.conf ~ / .kube/configkubectl apply-f https://docs.projectcalico.org/v3.6/getting-started/kubernetes/installation/hosted/kubernetes-datastore/calico-networking/1.7/calico.yaml # install calico

After execution, some logs are output, which contain the commands needed by join.

On master1 10.103.97.201

# attention Parse to master0 before installation, and change it to yourself after successful installation, because kubelet kube-proxy is configured with this resolution name Echo "10.103.97.200 apiserver.cluster.local" > > / etc/hosts kubeadm join 10.103.97.200 apiserver.cluster.local 6443-- token 9vr73a.a8uxyaju799qwdjv\-- discovery-token-ca-cert-hash sha256:7c2e69131a36ae2a042a339b33381c6d0d43887e2de83720eff5359e26aec866\-- experimental-control-plane\-- certificate-key f8902e114ef118304e561c3ecd4d0b543adc226b7a07f675f56564185ffe0c07 sed "s certificate-key f8902e114ef118304e561c3ecd4d0b543adc226b7a07f675f56564185ffe0c07 sed 10.103.97.200 echo g"-I / etc/hosts is not available if the whole cluster is down without changing the resolution. # parsing and changing your own local address

On master2 10.103.97.202, same as master1

Echo "10.103.97.200 apiserver.cluster.local" > > / etc/hostskubeadm join 10.103.97.200 etc/hostskubeadm join 6443-- token 9vr73a.a8uxyaju799qwdjv\-- discovery-token-ca-cert-hash sha256:7c2e69131a36ae2a042a339b33381c6d0d43887e2de83720eff5359e26aec866\-- experimental-control-plane\-- certificate-key f8902e114ef118304e561c3ecd4d0b543adc226b7a07f675f56564185ffe0c07 sed "s use 10.103.97.200 apiserver.cluster.local 10.103.97.200 apiserver.cluster.local"-I / etc/hosts on the Node node

Through the virtual IP join to the master, this command creates an ipvs rule on the node node, virturl server is the virtual IP and realserver is the three master. Then start a daemon to protect these rules with a static pod. Once which apiserver is inaccessible, clear the realserver, and add it back after the apiserver is connected.

Echo "10.103.97.2 apiserver.cluster.local" > > / etc/hosts # using vipkubeadm join 10.103.97.2 using vipkubeadm join 6443-- token 9vr73a.a8uxyaju799qwdjv\-- master 10.103.97.200 echo 6443\-- master 10.103.97.201purl 6443\-- master 10.103.97.202 Vol 6443\-- discovery-token-ca-cert-hash sha256:7c2e69131a36ae2a042a339b33381c6d0d43887e2de83720eff5359e26aec866 Architecture +-+ +-+ virturl server: 10.103.97.2 ipvs nodes 6443 | mater0 | <-| ipvs nodes | real servers: +-+ | +-+ 10.103.97 .200Plus 6443 | 10.103.97.201pur6443 +-+ | 10.103.97.202Pluto 6443 | mater1 |

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.