1、安装nginx、keepalived
yum install nginx keepalived -y
2、更新nginx配置文件
stream {
log_format main '$remote_addr $upstream_addr - [$time_local] $status $upstream_bytes_sent';
access_log /var/log/nginx/k8s-access.log main;
upstream k8s-apiserver {
server 192.168.0.180:6443; # Master1 APISERVER IP:PORT
server 192.168.0.181:6443; # Master2 APISERVER IP:PORT
}
server {
listen 16443; # 由于nginx与master节点复用,这个监听端口不能是6443,否则会冲突
proxy_pass k8s-apiserver;
}
}
2.1如果安装报错,安装插件
yum -y install nginx-all-modules.noarch
3、安装配置keepalived
keepalive配置,主从节点只有优先级的差异
[root@k8smaster1 keepalived]# vim /etc/keepalived/keepalived.conf
global_defs {
notification_email {
}
notification_email_from [email protected]
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id NGINX_MASTER
}
vrrp_script check_nginx {
script "/etc/keepalived/check_nginx.sh"
}
vrrp_instance VI_1 {
state MASTER #备机需要改为BACKUP
interface ens33 # 修改为实际网卡名
virtual_router_id 51 # VRRP 路由 ID实例,每个实例是唯一的
priority 100 # 优先级,备服务器设置 90需要低于100
advert_int 1 # 指定VRRP 心跳包通告间隔时间,默认1秒
authentication {
auth_type PASS
auth_pass 1111
}
# 虚拟IP
virtual_ipaddress {
192.168.0.199/24
}
track_script {
check_nginx
}
}
4、启动服务
在两个控制节点执行以下操作
[root@k8smaster1 ]# chmod +x /etc/keepalived/check_nginx.sh
[root@k8smaster1 ]# systemctl daemon-reload
[root@k8smaster1 ]# systemctl start nginx
[root@k8smaster1 ]# systemctl start keepalived
[root@k8smaster1 ]# systemctl enable nginx keepalived
[root@k8smaster1 ]# systemctl status keepalived