1.1 在所有haproxy节点安装haproxy
yum -y install haproxy
1.2 在所有haproxy节点创建haproxy配置文件
cat > /etc/haproxy/haproxy.cfg << EOF
global
maxconn 3000
ulimit-n 16384
log 127.0.0.1 local0 err
stats timeout 30s
defaults
log global
mode http
option httplog
timeout connect 5000
timeout client 50000
timeout server 50000
timeout http-request 15s
timeout http-keep-alive 15s
listen status_page
bind *:8888
stats enable
stats uri /status
stats auth admin:admin
stats hide-version
stats admin if TRUE
frontend k8s-master
bind 0.0.0.0:6443
bind 127.0.0.1:6443
mode tcp
option tcplog
tcp-request inspect-delay 5s
default_backend k8s-master
backend k8s-master
mode tcp
option tcplog
option tcp-check
balance roundrobin
default-server inter 10s downinter 5s rise 2 fall 2 slowstart 60s maxconn 250 maxqueue 256 weight 100
server k8s-master1 192.168.83.210:6443 check
server k8s-master2 192.168.83.211:6443 check
EOF
1.3 所有haproxy节点启动haproxy
systemctl daemon-reload
systemctl enable --now haproxy
2.1 在所有haproxy节点安装keepalived
yum -y install keepalived
2.2 在k8s-haproxy01节点创建keepalived配置文件
cat > /etc/keepalived/keepalived.conf << EOF
global_defs {
router_id LVS_DEVEL
script_user root
enable_script_security
}
vrrp_script chk_haproxy {
script "/etc/keepalived/check_haproxy.sh"
interval 5
weight -5
fall 2
rise 1
}
vrrp_instance VI_1 {
state MASTER
interface ens33
mcast_src_ip 192.168.83.201
virtual_router_id 50
priority 100
advert_int 2
authentication {
auth_type PASS
auth_pass k8s666
}
virtual_ipaddress {
192.168.83.200
}
track_script {
chk_haproxy
}
}
EOF
2.3 在k8s-haproxy02节点创建keepalived配置文件
cat > /etc/keepalived/keepalived.conf << EOF
global_defs {
router_id LVS_DEVEL
script_user root
enable_script_security
}
vrrp_script chk_haproxy {
script "/etc/keepalived/check_haproxy.sh"
interval 5
weight -5
fall 2
rise 1
}
vrrp_instance VI_1 {
state BACKUP
interface ens33
mcast_src_ip 192.168.83.202
virtual_router_id 50
priority 80
advert_int 2
authentication {
auth_type PASS
auth_pass k8s666
}
virtual_ipaddress {
192.168.83.200
}
track_script {
chk_haproxy
}
}
EOF
2.4 在所有haproxy节点创建keepalived的haproxy检查文件
cat > /etc/keepalived/check_haproxy.sh << EOF
#!/bin/bash
err=0
for k in $(seq 1 3)
do
check_code=$(pgrep haproxy)
if [[ $check_code == "" ]]; then
err=$(expr $err + 1)
sleep 1
continue
else
err=0
break
fi
done
if [[ $err != "0" ]]; then
echo "systemctl stop keepalived"
/usr/bin/systemctl stop keepalived
exit 1
else
exit 0
fi
EOF
# chmod +x /etc/keepalived/check_haproxy.sh
2.5 在所有haproxy节点启动keepalived
systemctl enable --now keepalived
标签:haproxy,Kubernetes,--,keepalived,cat,etc,节点
From: https://www.cnblogs.com/cn-jasonho/p/18015338