一键快速部署Kubernetes高可用集群
原创 刘新元 knowclub 2022-12-08 08:15 发表于北京 收录于合集 #kubernetes40个 #k8s7个 #云原生31个 knowclub 专注于Linux运维自动化、云原生、DevOps、SRE、Kubernetes、Python、数据库等技术分享 115篇原创内容 公众号关注公众号,技术道路不迷路
三个主节点、三个Node节点、两个用于负载平衡的节点以及一个虚拟IP地址。此示例中的虚拟IP地址也称为浮动IP地址。也就是说,即使节点发生故障,也可以在节点之间交换IP地址,实现故障切换,实现高可用性。
由于资源限制服务器进行了复用,如下:
1初始化操作
所有机器操作如下:
修改主机名
hostnamectl set-hostname k8s-master01
hostnamectl set-hostname k8s-master02
hostnamectl set-hostname k8s-master03
hostnamectl set-hostname k8s-node01
hostnamectl set-hostname k8s-node02
[root@k8s-master01 ~]# MasterNodes='k8s-master01 k8s-master02 k8s-master03'
[root@k8s-master01 ~]# WorkNodes='k8s-node01 k8s-node02'
[root@k8s-master01 ~]# for NODE in $MasterNodes; do ssh-copy-id $NODE ;done
[root@k8s-master01 ~]# for NODE in $WorkNodes; do ssh-copy-id $NODE ;done
执行初始化脚本
[root@k8s-master01 ~]# vim init.sh
#!/bin/sh
echo "192.168.102.71 k8s-master01" >> /etc/hosts
echo "192.168.102.72 k8s-master02" >> /etc/hosts
echo "192.168.102.73 k8s-master03" >> /etc/hosts
echo "192.168.102.74 k8s-node01" >> /etc/hosts
echo "192.168.102.75 k8s-node02" >> /etc/hosts
systemctl stop firewalld
systemctl disable firewalld
swapoff -a
sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config
setenforce 0
sed -ri 's/.*swap.*/#&/' /etc/fstab
curl -o /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-7.repo
yum install -y yum-utils device-mapper-persistent-data lvm2 epel-release install ipvsadm ipset sysstat conntrack libseccomp socat git conntrack ebtables ipset
yum install -y ntp
ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
echo 'Asia/Shanghai' > /etc/timezone
ntpdate time2.aliyun.com
echo "*/1 * * * * ntpdate time2.aliyun.com" >> /etc/crontab
yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
yum install -y docker-ce-20.10.7 docker-ce-cli-20.10.7 containerd.io-1.4.6
mkdir -p /opt/docker && mkdir /etc/docker
cat > /etc/docker/daemon.json <<-EOF
{
"exec-opts": ["native.cgroupdriver=systemd"],
"log-driver": "json-file",
"log-opts": {
"max-size": "100m"
},
"storage-driver": "overlay2",
"storage-opts": [
"overlay2.override_kernel_check=true"
],
"registry-mirrors": ["https://7uuu3esz.mirror.aliyuncs.com","https://moefhjht.mirror.aliyuncs.com"],
"data-root": "/opt/docker"
}
EOF
systemctl daemon-reload && systemctl enable --now docker
[root@k8s-master01 ~]# Nodes='k8s-master02 k8s-master03 k8s-node01 k8s-node02'
[root@k8s-master01 ~]# for node in $Nodes;do scp init.sh $node:/root/ ;done
[root@k8s-master01 ~]# Nodes='k8s-master01 k8s-master02 k8s-master03 k8s-node01 k8s-node02'
[root@k8s-master01 ~]# for node in $Nodes;do ssh $node 'sh /root/init.sh' ;done
所有节点内核升级
[root@k8s-master01 ~]# vim kernel.sh
#!/bin/sh
rpm --import https://www.elrepo.org/RPM-GPG-KEY-elrepo.org
rpm -Uvh http://www.elrepo.org/elrepo-release-7.0-2.el7.elrepo.noarch.rpm
yum --enablerepo=elrepo-kernel install kernel-ml kernel-ml-devel -y
[root@k8s-master01 ~]# Nodes='k8s-master02 k8s-master03 k8s-node01 k8s-node02'
[root@k8s-master01 ~]# for node in $Nodes;do scp kernel.sh $node:/root/ ;done
[root@k8s-master01 ~]# Nodes='k8s-master01 k8s-master02 k8s-master03 k8s-node01 k8s-node02'
[root@k8s-master01 ~]# for node in $Nodes;do ssh $node 'sh /root/kernel.sh' ;done
2 Node节点安装高可用 keepalived、haproxy
K8s-node01 192.168.102.74 操作下
[root@k8s-node01 ~]# yum install keepalived haproxy psmisc -y
[root@k8s-node01 ~]# cat /etc/haproxy/haproxy.cfg
global
log /dev/log local0 warning
chroot /var/lib/haproxy
pidfile /var/run/haproxy.pid
maxconn 4000
user haproxy
group haproxy
daemon
stats socket /var/lib/haproxy/stats
defaults
log global
option httplog
option dontlognull
timeout connect 5000
timeout client 50000
timeout server 50000
frontend kube-apiserver
bind *:6443
mode tcp
option tcplog
default_backend kube-apiserver
backend kube-apiserver
mode tcp
option tcplog
option tcp-check
balance roundrobin
default-server inter 10s downinter 5s rise 2 fall 2 slowstart 60s maxconn 250 maxqueue 256 weight 100
server kube-apiserver-1 192.168.102.71:6443 check # Replace the IP address
server kube-apiserver-2 192.168.102.72:6443 check # Replace the IP address
server kube-apiserver-3 192.168.102.73:6443 check # Replace the IP address
[root@k8s-node01 ~]# systemctl restart haproxy
[root@k8s-node01 ~]# systemctl enable haproxy
#配置keepalived
[root@k8s-node01 ~]# vim /etc/keepalived/keepalived.conf
global_defs {
notification_email {
}
router_id LVS_DEVEL
vrrp_skip_check_adv_addr
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_script chk_haproxy {
script "killall -0 haproxy"
interval 2
weight -30
}
vrrp_instance haproxy-vip {
state MASTER
priority 100
interface eth0 # 网卡设备名
virtual_router_id 60
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
unicast_src_ip 192.168.102.74 # node01IP
unicast_peer {
192.168.102.75 # node02IP
}
virtual_ipaddress {
192.168.102.77/24 # The VIP address
}
track_script {
chk_haproxy
}
}
[root@k8s-node01 ~]# systemctl restart keepalived
[root@k8s-node01 ~]# systemctl enable keepalived
K8s-node02 192.168.102.74 操作下
[root@k8s-node02 ~]# yum install keepalived haproxy psmisc -y
[root@k8s-node02 ~]# cat /etc/haproxy/haproxy.cfg
global
log /dev/log local0 warning
chroot /var/lib/haproxy
pidfile /var/run/haproxy.pid
maxconn 4000
user haproxy
group haproxy
daemon
stats socket /var/lib/haproxy/stats
defaults
log global
option httplog
option dontlognull
timeout connect 5000
timeout client 50000
timeout server 50000
frontend kube-apiserver
bind *:6443
mode tcp
option tcplog
default_backend kube-apiserver
backend kube-apiserver
mode tcp
option tcplog
option tcp-check
balance roundrobin
default-server inter 10s downinter 5s rise 2 fall 2 slowstart 60s maxconn 250 maxqueue 256 weight 100
server kube-apiserver-1 192.168.102.71:6443 check # Replace the IP address
server kube-apiserver-2 192.168.102.72:6443 check # Replace the IP address
server kube-apiserver-3 192.168.102.73:6443 check # Replace the IP address
[root@k8s-node02 ~]# systemctl restart haproxy
[root@k8s-node02 ~]# systemctl enable haproxy
[root@k8s-node02 ~]# cat /etc/keepalived/keepalived.conf
global_defs {
notification_email {
}
router_id LVS_DEVEL
vrrp_skip_check_adv_addr
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_script chk_haproxy {
script "killall -0 haproxy"
interval 2
weight -30
}
vrrp_instance haproxy-vip {
state BACKUP
priority 90
interface eth0 # 网卡设备名
virtual_router_id 60
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
unicast_src_ip 192.168.102.75 # node02IP
unicast_peer {
192.168.102.74 # node01IP
}
virtual_ipaddress {
192.168.102.77/24 # The VIP address
}
track_script {
chk_haproxy
}
}
[root@k8s-node02 ~]# systemctl restart keepalived
[root@k8s-node02 ~]# systemctl restart keepalived
检查VIP是否生成
[root@k8s-node01 ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 00:50:56:bb:85:de brd ff:ff:ff:ff:ff:ff
inet 192.168.102.74/24 brd 192.168.102.255 scope global noprefixroute eth0
valid_lft forever preferred_lft forever
inet 192.168.102.77/24 scope global secondary eth0
valid_lft forever preferred_lft forever
3: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default
link/ether 02:42:f4:99:5a:28 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
valid_lft forever preferred_lft forever
[root@k8s-node01 ~]# ping 192.168.102.77
PING 192.168.102.77 (192.168.102.77) 56(84) bytes of data.
64 bytes from 192.168.102.77: icmp_seq=1 ttl=64 time=0.051 ms
64 bytes from 192.168.102.77: icmp_seq=2 ttl=64 time=0.043 ms
3 K8s-master01执行一键部署
KubeKey(由 Go 语言开发)是一种全新的安装工具,替代了以前使用的基于 ansible 的安装程序。KubeKey 为您提供灵活的安装选择,您可以一条命令安装 Kubernetes集群。(底层基于kubeadm方式)
下载一键安装工具并配置
[root@k8s-master01 ~]# export KKZONE=cn
[root@k8s-master01 ~]# curl -sfL https://get-kk.kubesphere.io | sh -
#生成安装集群的配置清单
[root@k8s-master KubeKey]# ./kk create config --with-kubernetes v1.21.5 -f k8s-cluster.yaml
#修改如下
apiVersion: kubekey.kubesphere.io/v1alpha2
kind: Cluster
metadata:
name: sample
spec:
hosts:
- {name: k8s-master01, address: 192.168.102.71, internalAddress: 192.168.102.71, user: root, password: "123.com"}
- {name: k8s-master02, address: 192.168.102.72, internalAddress: 192.168.102.72, user: root, password: "123.com"}
- {name: k8s-master03, address: 192.168.102.73, internalAddress: 192.168.102.73, user: root, password: "123.com"}
- {name: k8s-node01, address: 192.168.102.74, internalAddress: 192.168.102.74, user: root, password: "123.com"}
- {name: k8s-node02, address: 192.168.102.75, internalAddress: 192.168.102.75, user: root, password: "123.com"}
roleGroups:
etcd:
- k8s-master01
- k8s-master02
- k8s-master03
control-plane:
- k8s-master01
- k8s-master02
- k8s-master03
worker:
- k8s-node01
- k8s-node02
controlPlaneEndpoint:
## Internal loadbalancer for apiservers
# internalLoadbalancer: haproxy
domain: lb.kubesphere.local
address: "192.168.102.77" #添加你的VIP
port: 6443
kubernetes:
version: v1.21.5
clusterName: cluster.local
autoRenewCerts: true
containerManager: docker
etcd:
type: kubekey
network:
plugin: calico
kubePodsCIDR: 10.233.64.0/18
kubeServiceCIDR: 10.233.0.0/18
## multus support. https://github.com/k8snetworkplumbingwg/multus-cni
multusCNI:
enabled: false
registry:
privateRegistry: ""
namespaceOverride: ""
registryMirrors: []
insecureRegistries: []
addons: []
[root@k8s-master01 ~]# ./kk create cluster -f k8s-cluster.yaml
4 安装完查看集群状态
[root@k8s-master01 ~]# kubectl get node
NAME STATUS ROLES AGE VERSION
k8s-master01 Ready control-plane,master 22m v1.21.5
k8s-master02 Ready control-plane,master 21m v1.21.5
k8s-master03 Ready control-plane,master 21m v1.21.5
k8s-node01 Ready worker 21m v1.21.5
k8s-node02 Ready worker 21m v1.21.5
[root@k8s-master01 .kube]# cat /root/.kube/config
apiVersion: v1
clusters:
- cluster:
............
server: https://lb.kubesphere.local:6443 #次地址在hosts中做了映射就是我们的VIP
name: cluster.local
[root@k8s-master01 .kube]# cat /etc/hosts
.......
192.168.102.77 lb.kubesphere.local
往期推荐
收录于合集 #kubernetes 40个 上一篇K8s运维-高级网络策略介绍及实践下一篇K8s运维-服务发布Ingress进阶 阅读 178 knowclub 115篇原创内容
在Linux中使用Bash For循环你会嘛!
原创 入门小站 入门小站 2022-12-09 21:50 发表于湖北 收录于合集#Linux645个 入门小站 分享运维技巧及10k+Stars的开源项目 212篇原创内容 公众号【Linux250个常用命令速查手册】关注【入门小站】,后台回复 「1001」 自取。
在
Bash
脚本,有3种类型loops
:for loop
,while loop
, 和until loop
. 这三个用于迭代值列表并执行一组给定的命令。
Bash For 循环语法
for loop
遍历一系列值并执行一组命令。
For loop
采用以下语法:
for variable_name in value1 value2 value3 .. n
do
command1
command2
commandn
done
Bash 简单的 For 循环
在其最简单的形式中,
For loop
采用以下基本格式。在此示例中,变量n
遍历一组用花括号括起来的数值,并将它们的值打印到标准输出。
for n in {1 2 3 4 5 6 7};
do
echo $n
done
带有范围的 Bash For 循环
在此示例中,1 是第一个值,而 7 是范围中的最后一个值。
for n in {1..7};
do
echo $n
done
执行 shell 脚本后,将列出范围内的所有值,类似于我们在
simple loops
.
此外,我们可以在范围的末尾包含一个值,该值将导致
for loop
以增量步骤迭代这些值。
以下 bash 脚本打印 1 到 7 之间的值,从第一个值开始在这些值之间增加 2 个步长。
#!/bin/bash
for n in {1..7..2};
do
echo $n
done
从上面的例子可以看出
loop
将花括号内的值增加 2 个值。
Bash For 数组循环
你还可以使用
For Loop
. 在下面的示例中,for loop
遍历内部的所有值fruits array
并将它们打印到标准输出。
#!/bin/bash
fruits=("blueberry" "peach" "mango" "pineapple" "papaya")
for n in ${fruits[@]};
do
echo $n
done
操作员访问或定位所有
@
元素。这使得一个一个地遍历所有元素成为可能。
此外,你可以通过指定其在数组中的位置来访问单个元素。
例如访问
mango
元素,将@
运算符替换为元素在数组中的位置(第一个元素从0开始,所以在这种情况下,mango
将由 2) 表示。
这就是 for 循环的样子。
#!/bin/bash
fruits=("blueberry" "peach" "mango" "pineapple" "papaya")
for n in ${fruits[2]};
do
echo $n
done
Bash C 风格的 For 循环
你可以在循环内使用变量来迭代一系列元素。这是哪里
C-styled for loops
进来。下面的例子说明了一个C-style for loop
打印出从 1 到 7 的数值列表。
#!/bin/bash
n=7
for (( n=1 ; n<=$n ; n++ ));
do
echo $n
done
Bash C 风格的带有条件语句的循环
你可以在里面包含条件语句
C-styled for loops
. 在下面的示例中,我们包含了一个 if-else 语句,用于检查并打印出 1 到 7 之间的偶数和奇数。
#!/bin/bash
for (( n=1; n<=7; n++ ))
do
# Check if the number is even or not
if (( $n%2==0 ))
then
echo "$n is even"
else
echo "$n is odd"
fi
done
在 Bash For Loop 中使用“Continue”语句
这
continue
语句是控制脚本运行方式的内置命令。除了 bash 脚本之外,它还用于Python和 Java 等编程语言。
这
continue statement
停止 a 内的当前迭代loop
当满足特定条件时,然后恢复迭代。
考虑
for loop
如下所示。
#!/bin/bash
for n in {1..10}
do
if [[ $n -eq '6' ]]
then
echo "Target $n has been reached"
continue
fi
echo $n
done
代码说明:
Line 2
: 标记 for 循环的开始,并将变量 n 从 1 迭代到 10。Line 4
:检查 n 的值,如果变量等于 6,则脚本将消息回显到标准输出并在第 2 行的下一次迭代中重新启动循环。Line 9
:仅当第 4 行中的条件为 false 时才将值打印到屏幕。
在 Bash For 循环中使用“break”语句
这
break
语句,顾名思义,在满足条件时停止或结束迭代。
考虑
For loop
以下。
#!/bin/bash
for n in {1..10}
do
if [[ $n -eq '6' ]]
then
echo "Target $n has been reached"
break
fi
echo $n
done
echo "All done"
代码说明
Line 2
: 标记 for 循环的开始,并将变量 n 从 1 迭代到 10。Line 4
:检查 n 的值,如果变量等于 6,则脚本向标准输出回显一条消息并停止迭代。Line 9
:仅当第 4 行的条件为假时才将数字打印到屏幕上。
【Linux250个常用命令速查手册】关注【入门小站】,后台回复 「1001」 自取。
近期热文
入门小站 分享运维技巧及10k+Stars的开源项目 212篇原创内容 公众号 收录于合集 #Linux 645个 下一篇CPU负载与CPU使用率可不是一回事 阅读 581 写下你的留言 标签:haproxy,k8s,部署,master01,一键,192.168,node01,K8S,root From: https://www.cnblogs.com/cherishthepresent/p/16971270.html