标签:实战 log Kubernetes keepalived server nginx 集群 k8sm1 root
安装nginx
安装依赖
[root@k8sm1 ~]# yum install -y epel-release
安装nginx keepalived
[root@k8sm1 ~]# yum install -y nginx keepalived nginx-mod-stream
配置nginx
[root@k8sm1 ~]# cat /etc/nginx/nginx.conf
# For more information on configuration, see:
# * Official English Documentation: http://nginx.org/en/docs/
# * Official Russian Documentation: http://nginx.org/ru/docs/
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;
# Load dynamic modules. See /usr/share/doc/nginx/README.dynamic.
include /usr/share/nginx/modules/*.conf;
events {
worker_connections 1024;
}
stream {
log_format main '$remote_addr $upstream_addr - [$time_local] $status $upstream_bytes_sent';
access_log /var/log/nginx/k8s-access.log main;
upstream k8s-apiserver {
server 192.168.1.180:6443 weight=5 max_fails=3 fail_timeout=30s;
server 192.168.1.181:6443 weight=5 max_fails=3 fail_timeout=30s;
server 192.168.1.182:6443 weight=5 max_fails=3 fail_timeout=30s;
}
server {
listen 16443; # 由于nginx与master节点复用,这个监听端口不能是6443,否则会冲突
proxy_pass k8s-apiserver;
}
}
http {
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 4096;
include /etc/nginx/mime.types;
default_type application/octet-stream;
# Load modular configuration files from the /etc/nginx/conf.d directory.
# See http://nginx.org/en/docs/ngx_core_module.html#include
# for more information.
include /etc/nginx/conf.d/*.conf;
server {
listen 80;
# listen [::]:80;
server_name _;
# root /usr/share/nginx/html;
# Load configuration files for the default server block.
# include /etc/nginx/default.d/*.conf;
# error_page 404 /404.html;
location / {
}
location = /404.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}
配置keepalived
[root@k8sm1 keepalived]# cat keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
[email protected]
[email protected]
[email protected]
}
notification_email_from [email protected]
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id NGINX_MASTER
}
vrrp_script check_nginx {
script "/etc/keepalived/check_nginx.sh"
}
vrrp_instance VI_1 {
state MASTER
interface ens192
virtual_router_id 51
priority 100
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.1.188/24
}
}
配置nginx 进程检测脚本
[root@k8sm1 keepalived]# cat check_nginx.sh
#!/bin/bash
counter=$(ps -ef |grep nginx | grep sbin | egrep -cv "grep|$$" )
if [ $counter -eq 0 ]; then
service nginx start
sleep 2
counter=$(ps -ef |grep nginx | grep sbin | egrep -cv "grep|$$" )
if [ $counter -eq 0 ]; then
service keepalived stop
fi
fi
配置nginx 检测脚本权限
[root@k8sm1 keepalived]# chmod +x check_nginx.sh
启动高可用
重载配置
[root@k8sm1 keepalived]# systemctl daemon-reload
启动nginx 并配置开机自启
[root@k8sm1 keepalived]# systemctl enable nginx --now
启动keepalived并配置开机自启
[root@k8sm1 keepalived]# systemctl enable keepalived --now
标签:实战,
log,
Kubernetes,
keepalived,
server,
nginx,
集群,
k8sm1,
root
From: https://blog.51cto.com/u_11726705/7654900