Bootstrap

k8s容器云平台入门(下)

第二章 Kubernetes生产级高可用集群部署

2.11 多master集群-部署Master02组件

在Maste!01的基础上创建Master02

2.11.1 拷贝Master01上/opt/kubernetes目录所有内容到Master02的/opt下

[root@k8s-master01 ~]# scp -r /opt/kubernetes/ 192.168.200.208:/opt/
kube-apiserver                                               100%  184MB 130.1MB/s   00:01    
kubectl                                                      100%   55MB 131.6MB/s   00:00    
kube-controller-manager                                      100%  155MB 136.2MB/s   00:01    
kube-scheduler                                               100%   55MB 137.5MB/s   00:00    
kube-apiserver                                               100%  958     1.7MB/s   00:00    
token.csv                                                    100%   84   187.7KB/s   00:00    
kube-controller-manager                                      100%  483   821.5KB/s   00:00    
kube-scheduler                                               100%   93   222.3KB/s   00:00    
ca.pem                                                       100% 1359     1.1MB/s   00:00    
ca-key.pem                                                   100% 1679     3.2MB/s   00:00    
server-key.pem                                               100% 1675     3.0MB/s   00:00    
server.pem                                                   100% 1643     1.5MB/s   00:00

2.11.2 拷贝Master01上的systemd管理的启动脚本到Master02上

[root@k8s-master01 ~]# cd /usr/lib/systemd/system
[root@k8s-master01 system]# pwd
/usr/lib/systemd/system
[root@k8s-master01 system]# ls kube-apiserver.service kube-scheduler.service kube-controller-manager.service 
kube-apiserver.service  kube-controller-manager.service  kube-scheduler.service
[root@k8s-master01 system]# scp kube-apiserver.service kube-scheduler.service kube-controller-manager.service 192.168.200.208:/usr/lib/systemd/system
kube-apiserver.service                                       100%  282   505.1KB/s   00:00    
kube-scheduler.service                                       100%  282   254.1KB/s   00:00    
kube-controller-manager.service                              100%  317   556.5KB/s   00:00

2.11.3 在Master02上修改刚才拷贝的kube-apiserver文件里涉及到IP地址部分的代码

#修改kube-apiserver配置文件
[root@k8s-master02 ~]# cd /opt/kubernetes/
[root@k8s-master02 kubernetes]# cd cfg/
[root@k8s-master02 cfg]# sed -n '5p;7p' kube-apiserver 
--bind-address=192.168.200.207 \
--advertise-address=192.168.200.207 \
[root@k8s-master02 cfg]# vim kube-apiserver 
[root@k8s-master02 cfg]# sed -n '5p;7p' kube-apiserver 
--bind-address=192.168.200.208 \
--advertise-address=192.168.200.208 \

2.11.4 启动Master02的各个组件服务,并设置开机自动启动

#启动kube-apiserver服务
[root@k8s-master02 cfg]# systemctl start kube-apiserver
[root@k8s-master02 cfg]# systemctl enable kube-apiserver
Created symlink from /etc/systemd/system/multi-user.target.wants/kube-apiserver.service to /usr/lib/systemd/system/kube-apiserver.service.
[root@k8s-master02 cfg]# ps -ef |grep kube-apiserver|grep -v grep
root     117024      1 19 21:51 ?        00:00:07 /opt/kubernetes/bin/kube-apiserver --logtostderr=true --v=4 --etcd-servers=https://192.168.200.207:2379,https://192.168.200.208:2379,https://192.168.200.209:2379 --bind-address=192.168.200.208 --secure-port=6443 --advertise-address=192.168.200.208 --allow-privileged=true --service-cluster-ip-range=10.0.0.0/24 --enable-admission-plugins=NamespaceLifecycle,LimitRanger,SecurityContextDeny,ServiceAccount,ResourceQuota,NodeRestriction --authorization-mode=RBAC,Node --kubelet-https=true --enable-bootstrap-token-auth --token-auth-file=/opt/kubernetes/cfg/token.csv --service-node-port-range=30000-50000 --tls-cert-file=/opt/kubernetes/ssl/server.pem --tls-private-key-file=/opt/kubernetes/ssl/server-key.pem --client-ca-file=/opt/kubernetes/ssl/ca.pem --service-account-key-file=/opt/kubernetes/ssl/ca-key.pem --etcd-cafile=/opt/etcd/ssl/ca.pem --etcd-certfile=/opt/etcd/ssl/server.pem --etcd-keyfile=/opt/etcd/ssl/server-key.pem

#启动kube-scheduler服务
[root@k8s-master02 cfg]# systemctl start kube-scheduler
[root@k8s-master02 cfg]# systemctl enable kube-scheduler
Created symlink from /etc/systemd/system/multi-user.target.wants/kube-scheduler.service to /usr/lib/systemd/system/kube-scheduler.service.
[root@k8s-master02 cfg]# ps -ef | grep kube-scheduler |grep -v grep
root     119071      1  1 21:53 ?        00:00:00 /opt/kubernetes/bin/kube-scheduler --logtostderr=true --v=4 --master=127.0.0.1:8080 --leader-elect

#启动kube-controller-manager股务
[root@k8s-master02 cfg]# systemctl start kube-controller-manager 
[root@k8s-master02 cfg]# systemctl enable kube-controller-manager 
Created symlink from /etc/systemd/system/multi-user.target.wants/kube-controller-manager.service to /usr/lib/systemd/system/kube-controller-manager.service.
[root@k8s-master02 cfg]# ps -ef |grep kube-controller-manager |grep -v grep
root     120307      1  2 21:54 ?        00:00:00 /opt/kubernetes/bin/kube-controller-manager --logtostderr=true --v=4 --master=127.0.0.1:8080 --leader-elect=true --address=127.0.0.1 --service-cluster-ip-range=10.10.10.0/24 --cluster-name=kubernetes --cluster-signing-cert-file=/opt/kubernetes/ssl/ca.pem --cluster-signing-key-file=/opt/kubernetes/ssl/ca-key.pem --root-ca-file=/opt/kubernetes/ssl/ca.pem --service-account-private-key-file=/opt/kubernetes/ssl/ca-key.pem --experimental-cluster-signing-duration=87600h0m0s

2.11.5 在Master02上进行集群状态检查

[root@k8s-master02 ~]# ln -s /opt/kubernetes/bin/kubectl  /usr/local/bin/
[root@k8s-master02 ~]# which kubectl
/usr/local/bin/kubectl

[root@k8s-master02 ~]# kubectl get cs
NAME                 STATUS    MESSAGE             ERROR
controller-manager   Healthy   ok                  
scheduler            Healthy   ok                  
etcd-2               Healthy   {
   "health":"true"}   
etcd-1               Healthy   {
   "health":"true"}   
etcd-0               Healthy   {
   "health":"true"}   

[root@k8s-master02 ~]# kubectl get node
NAME              STATUS   ROLES    AGE     VERSION
192.168.200.209   Ready    <none>   2d17h   v1.12.1
192.168.200.210   Ready    <none>   2d17h   v1.12.1

2.12 多master集群-Nginx+keepalived(高可用)

Nginx很常用,而且现在的Yum安装版的配置很全,已经无需源码编译而且,从1.9.10版本开始,Nginx在编译时只需要加上–with-stream,即可支持四层负载均衡
那么,我们如何从官网找到我们需要的yum安装源呢?
http://nginx.org
:::




:::tips
需要注意的是,Yum源代码里的$releaserver需要修改成我们用的操作系统的版本,我们用Centos7那么就写7即可。
:::

2.12.1 Yum安装Nginx

#配置Nginx的Yum源文件
[root@k8s-LB-master ~]# vim /etc/yum.repos.d/nginx.repo
[root@k8s-LB-master ~]# cat /etc/yum.repos.d/nginx.repo
[nginx-stable]
name=nginx stable repo
baseurl=http://nginx.org/packages/centos/7/$basearch/
gpgcheck=1
enabled=1
gpgkey=https://nginx.org/keys/nginx_signing.key
module_hotfixes=true

[nginx-mainline]
name=nginx mainline repo
baseurl=http://nginx.org/packages/mainline/centos/7/$basearch/
gpgcheck=1
enabled=0
gpgkey=https://nginx.org/keys/nginx_signing.key
module_hotfixes=true

[root@k8s-LB-master ~]# yum clean all
已加载插件:fastestmirror
正在清理软件源: base extras nginx-stable updates
Cleaning up list of fastest mirrors
Other repos take up 51 M of disk space (use --verbose for details)
[root@k8s-LB-master ~]# yum makecache

[root@k8s-LB-master ~]# yum -y install nginx
[root@k8s-LB-master ~]# nginx -v
nginx version: nginx/1.24.0

2.12.2 修改Nginx配置文件

#修改一下配置文件的参数,添加stream负载均衡池
#配置文件修改后的结果如下所示:
[root@k8s-LB-master ~]# vim /etc/nginx/nginx.conf 
[root@k8s-LB-master ~]# cat /etc/nginx/nginx.conf 

user  nginx

悦读

道可道,非常道;名可名,非常名。 无名,天地之始,有名,万物之母。 故常无欲,以观其妙,常有欲,以观其徼。 此两者,同出而异名,同谓之玄,玄之又玄,众妙之门。

最新收录
用友NC pagesServlet SQL注入漏洞复现
HashSet 和 TreeSet的区别
大数据分析应用有哪些机遇与挑战
vue用复选框实现组件,支持单选和多选操作
大模型成本效益对比:DeepSeek 2.5 VS Claude 3.5 Sonnet VS GPT-4o
Puppeteer——爬虫工具&自动化利器
【网站项目】SpringBoot587视频点播系统
python提供了( )、( )和( )型三种基本的数值类型。_三、Python数值类型
Python | Leetcode Python题解之第297题二叉树的序列化与反序列化
Ubuntu下用Lean源码编译openwrt及一行命令u盘启动openwrt安装x86硬盘上
;