CCE使用node节点使用VIP
背景:想在节点上使用VIP,将nodeport服务做到高可用。启动VIP后发现访问失败
部署
! Configuration File for keepalived
global_defs {
router_id master-node
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
mcast_src_ip 10.1.0.60
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
unicast_src_ip 10.1.0.60
virtual_ipaddress {
10.1.0.88/24
}
}
! Configuration File for keepalived
global_defs {
router_id master-node
}
vrrp_instance VI_1 {
state MASTER
interface eth0
mcast_src_ip 10.1.0.175
virtual_router_id 51
priority 101
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
unicast_src_ip 10.1.0.175
virtual_ipaddress {
10.1.0.88
}
}
[root@cce-node3-dev ~]# ip a show eth0
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether fa:16:3e:46:43:df brd ff:ff:ff:ff:ff:ff
inet 10.1.0.60/24 brd 10.3.0.255 scope global dynamic noprefixroute eth0
valid_lft 100122990sec preferred_lft 100122990sec
inet 10.1.0.88/32 scope global eth0
valid_lft forever preferred_lft forever
inet6 fe80::f816:3eff:fe46:43df/64 scope link
valid_lft forever preferred_lft forever
启动服务
-- 30007集群nodeport服务,8080 NGINX,任意一个节点启动
# 测试结果如下
-- RIP
10.1.0.60:80 OK
10.1.0.60:30007 OK
-- VIP
10.1.0.88:80 OK
10.1.0.88:30007 NOT OK
检查发现node节点并没有监听30007端口,而是通过ipvs添加了被负载均衡的虚拟地址。
[root@recovery-test-28141 ~]# ipvsadm -Ln | grep 30007 -A3
TCP 10.1.0.60:30007 rr
-> 10.244.0.89:80 Masq 1 0
标签:node,10.1,30007,--,0.60,lft,ff,hostPort,eth0
From: https://blog.csdn.net/weixin_60092693/article/details/137979941