Kubernetes Ingress-Nginx实现高可用
admin
2023-02-25 03:40:08
0

假定我们在Kubernetes 指定两个worker节点中部署了ingress nginx来为后端的pod做proxy,这时候我们就需要通过keepalived实现高可用,提供对外的VIP

Kubernetes Ingress-Nginx实现高可用

首先我们要先确保有两个worker节点部署了ingress nginx
在本实验中,环境如下:

IP地址 主机名 描述
10.0.0.31 k8s-master01
10.0.0.34 k8s-node02 ingress nginx、keepalived
10.0.0.35 k8s-node03 ingress nginx、keepalived

1、查看ingress nginx状态

[root@k8s-master01 Ingress]# kubectl get pod -n ingress-nginx -o wide
NAME                                        READY   STATUS    RESTARTS   AGE     IP          NODE         NOMINATED NODE   READINESS GATES
nginx-ingress-controller-85bd8789cd-8c4xh   1/1     Running   0          62s     10.0.0.34   k8s-node02              
nginx-ingress-controller-85bd8789cd-mhd8n   0/1     Pending   0          3s                              
nginx-ingress-controller-85ff8dfd88-vqkhx   1/1     Running   0          3m56s   10.0.0.35   k8s-node03

创建一个用于测试环境的namespace

 kubectl  create namespace test

2、部署一个Deployment(用于测试)

apiVersion: apps/v1
kind: Deployment
metadata:
  name: myweb-deploy
  # 部署在测试环境
  namespace: test
spec:
  replicas: 3
  selector:
    matchLabels:
      name: myweb
      type: test
  template:
    metadata:
      labels:
        name: myweb
        type: test
    spec:
      containers:
      - name: nginx
        image: nginx:1.13
        imagePullPolicy: IfNotPresent
        ports:
          - containerPort: 80
---
# service
apiVersion: v1
kind: Service
metadata:
  name: myweb-svc
spec:
  selector:
    name: myweb
    type: test
  ports:
  - port: 80
    targetPort: 80
    protocol: TCP
---
# ingress

执行kubectl create 创建deployment

kubectl  create -f myweb-demo.yaml

查看deployment是否部署成功

[root@k8s-master01 Project]# kubectl get pods -n test -o wide | grep "myweb"
myweb-deploy-6d586d7db4-2g5ll   1/1     Running   0          23s     10.244.3.240   k8s-node02              
myweb-deploy-6d586d7db4-cf7w7   1/1     Running   0          4m2s    10.244.1.132   k8s-node01              
myweb-deploy-6d586d7db4-rp5zc   1/1     Running   0          3m59s   10.244.2.5     k8s-node03

3、在两个worker节点部署keepalived
VIP:10.0.0.130,接口:eth0

1.安装keepalived

yum -y install keepalived

1.k8s-node03节点作为master配置keepalived

[root@k8s-node03 ~]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived

global_defs {
   notification_email_from Alexandre.Cassen@firewall.loc
   router_id k8s-node03
   vrrp_skip_check_adv_addr
   vrrp_strict
   vrrp_garp_interval 0
   vrrp_gna_interval 0
}

vrrp_instance VI_1 {
    state MASTER
    interface eth0
    virtual_router_id 51
    priority 110
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        10.0.0.130/24 dev eth0 label eth0:1
    }
}

2.k8s-node03节点作为配置keepalived

[root@k8s-node03 ~]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived

global_defs {
   router_id k8s-node03
   vrrp_skip_check_adv_addr
   vrrp_strict
   vrrp_garp_interval 0
   vrrp_gna_interval 0
}

vrrp_instance VI_1 {
    state MASTER
    interface eth0
    virtual_router_id 51
    priority 110
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        10.0.0.130/24 dev eth0 label eth0:1
    }
}

3.k8s-node02节点配置keeplived

[root@k8s-node02 ~]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived

global_defs {
   router_id k8s-node02
   vrrp_skip_check_adv_addr
   vrrp_strict
   vrrp_garp_interval 0
   vrrp_gna_interval 0
}

vrrp_instance VI_1 {
    state BACKUP
    interface eth0
    virtual_router_id 51
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
      10.0.0.130/24 dev eth0 label eth0:1
    }
}

4.两个节点启动keepalived并加入开机启动

systemctl start keepalived.service
systemctl enable keepalived.service

启动完成后检查k8s-node03的IP地址是否已有VIP

[root@k8s-node03 ~]# ip add | grep "130"
    inet 10.0.0.130/24 scope global secondary eth0:1

5.在宿主机上配置hosts文件,实现IP和域名的解析

10.0.0.130 myweb.app.com

6.浏览器测试访问
Kubernetes Ingress-Nginx实现高可用

4.测试vip漂移
现在我将k8s-node03的keepalived进程关闭,那么vip就会漂移到k8s-node02

[root@k8s-node03 ~]# systemctl stop keepalived.service

// 在k8s-node02上查看VIP
[root@k8s-node02 ~]# ip add | grep "130"
    inet 10.0.0.130/24 scope global secondary eth0:1

再次访问
Kubernetes Ingress-Nginx实现高可用

上一篇:shell脚本编程之正则表达式(三)(awk、sort、uniq工具)

下一篇:Centos 7 修改主机名称

相关内容

热门资讯

最新引进“新皇豪炸金花.到底是... 有 亲,根据资深记者爆料新皇豪炸金花是可以开挂的,确实有挂(咨询软件无需...
终于懂了“新猴王牛牛.是不是有... 终于懂了“新猴王牛牛.是不是有挂?”详细开挂教程您好,新猴王牛牛这个游戏其实有挂的,确实是有挂的,需...
【第一资讯】“微友山西麻将.究... 有 亲,根据资深记者爆料微友山西麻将是可以开挂的,确实有挂(咨询软件无需...
终于明白“福州十八扑.怎么开挂... 终于明白“福州十八扑.怎么开挂?”太坑了果然有挂您好,福州十八扑这个游戏其实有挂的,确实是有挂的,需...
玩家分享攻略“新海贝之城拼三张... 有 亲,根据资深记者爆料新海贝之城拼三张是可以开挂的,确实有挂(咨询软件...
【第一资讯】“,17好友麻将.... 您好:,17好友麻将这款游戏可以开挂,确实是有挂的,需要了解加客服微信【9784099】很多玩家在这...
重磅消息“麦穗app推筒子.开... 有 亲,根据资深记者爆料麦穗app推筒子是可以开挂的,确实有挂(咨询软件...
我来教教您“问鼎娱乐.开挂神器... 有 亲,根据资深记者爆料问鼎娱乐是可以开挂的,确实有挂(咨询软件无需打开...
今日重大消息“兴义水鱼.到底有... 今日重大消息“兴义水鱼.到底有挂吗?”太坑了原来有挂您好,兴义水鱼这个游戏其实有挂的,确实是有挂的,...
玩家攻略科普“新皇豪牛牛.是不... 网上科普关于“新皇豪牛牛有没有挂”话题很是火热,小编也是针对新皇豪牛牛作*弊开挂的方法以及开挂对应的...