Kubernetes Ingress-Nginx实现高可用_程序开发

Kubernetes Ingress-Nginx实现高可用

admin

2023-02-25 03:40:08

0次

假定我们在Kubernetes 指定两个worker节点中部署了ingress nginx来为后端的pod做proxy，这时候我们就需要通过keepalived实现高可用，提供对外的VIP

Kubernetes Ingress-Nginx实现高可用

首先我们要先确保有两个worker节点部署了ingress nginx
在本实验中，环境如下：

IP地址	主机名	描述
10.0.0.31	k8s-master01
10.0.0.34	k8s-node02	ingress nginx、keepalived
10.0.0.35	k8s-node03	ingress nginx、keepalived

1、查看ingress nginx状态

[root@k8s-master01 Ingress]# kubectl get pod -n ingress-nginx -o wide
NAME                                        READY   STATUS    RESTARTS   AGE     IP          NODE         NOMINATED NODE   READINESS GATES
nginx-ingress-controller-85bd8789cd-8c4xh   1/1     Running   0          62s     10.0.0.34   k8s-node02              
nginx-ingress-controller-85bd8789cd-mhd8n   0/1     Pending   0          3s                              
nginx-ingress-controller-85ff8dfd88-vqkhx   1/1     Running   0          3m56s   10.0.0.35   k8s-node03

创建一个用于测试环境的namespace

 kubectl  create namespace test

2、部署一个Deployment（用于测试）

apiVersion: apps/v1
kind: Deployment
metadata:
  name: myweb-deploy
  # 部署在测试环境
  namespace: test
spec:
  replicas: 3
  selector:
    matchLabels:
      name: myweb
      type: test
  template:
    metadata:
      labels:
        name: myweb
        type: test
    spec:
      containers:
      - name: nginx
        image: nginx:1.13
        imagePullPolicy: IfNotPresent
        ports:
          - containerPort: 80
---
# service
apiVersion: v1
kind: Service
metadata:
  name: myweb-svc
spec:
  selector:
    name: myweb
    type: test
  ports:
  - port: 80
    targetPort: 80
    protocol: TCP
---
# ingress

执行kubectl create 创建deployment

kubectl  create -f myweb-demo.yaml

查看deployment是否部署成功

[root@k8s-master01 Project]# kubectl get pods -n test -o wide | grep "myweb"
myweb-deploy-6d586d7db4-2g5ll   1/1     Running   0          23s     10.244.3.240   k8s-node02              
myweb-deploy-6d586d7db4-cf7w7   1/1     Running   0          4m2s    10.244.1.132   k8s-node01              
myweb-deploy-6d586d7db4-rp5zc   1/1     Running   0          3m59s   10.244.2.5     k8s-node03

3、在两个worker节点部署keepalived
VIP：10.0.0.130，接口：eth0

1.安装keepalived

yum -y install keepalived

1.k8s-node03节点作为master配置keepalived

[root@k8s-node03 ~]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived

global_defs {
   notification_email_from Alexandre.Cassen@firewall.loc
   router_id k8s-node03
   vrrp_skip_check_adv_addr
   vrrp_strict
   vrrp_garp_interval 0
   vrrp_gna_interval 0
}

vrrp_instance VI_1 {
    state MASTER
    interface eth0
    virtual_router_id 51
    priority 110
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        10.0.0.130/24 dev eth0 label eth0:1
    }
}

2.k8s-node03节点作为配置keepalived

[root@k8s-node03 ~]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived

global_defs {
   router_id k8s-node03
   vrrp_skip_check_adv_addr
   vrrp_strict
   vrrp_garp_interval 0
   vrrp_gna_interval 0
}

vrrp_instance VI_1 {
    state MASTER
    interface eth0
    virtual_router_id 51
    priority 110
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        10.0.0.130/24 dev eth0 label eth0:1
    }
}

3.k8s-node02节点配置keeplived

[root@k8s-node02 ~]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived

global_defs {
   router_id k8s-node02
   vrrp_skip_check_adv_addr
   vrrp_strict
   vrrp_garp_interval 0
   vrrp_gna_interval 0
}

vrrp_instance VI_1 {
    state BACKUP
    interface eth0
    virtual_router_id 51
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
      10.0.0.130/24 dev eth0 label eth0:1
    }
}

4.两个节点启动keepalived并加入开机启动

systemctl start keepalived.service
systemctl enable keepalived.service

启动完成后检查k8s-node03的IP地址是否已有VIP

[root@k8s-node03 ~]# ip add | grep "130"
    inet 10.0.0.130/24 scope global secondary eth0:1

5.在宿主机上配置hosts文件，实现IP和域名的解析

10.0.0.130 myweb.app.com

6.浏览器测试访问
Kubernetes Ingress-Nginx实现高可用

4.测试vip漂移
现在我将k8s-node03的keepalived进程关闭，那么vip就会漂移到k8s-node02

[root@k8s-node03 ~]# systemctl stop keepalived.service

// 在k8s-node02上查看VIP
[root@k8s-node02 ~]# ip add | grep "130"
    inet 10.0.0.130/24 scope global secondary eth0:1

再次访问
Kubernetes Ingress-Nginx实现高可用

上一篇：shell脚本编程之正则表达式（三）（awk、sort、uniq工具）

下一篇：Centos 7 修改主机名称

Kubernetes Ingress-Nginx实现高可用

相关内容

热门资讯