高可用架构配置(haproxy+keepalived)

Posted xuexinhuan

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了高可用架构配置(haproxy+keepalived)相关的知识,希望对你有一定的参考价值。

一、架构

3台 k8s-master主机:192.168.100.6,192.168.100.7, 192.168.100.8

VIP: 192.168.100.100

二、haproxy

1. yum install keepalived haproxy -y

2.vim /etc/haproxy/haproxy.cfg配置如下

global

  maxconn  2000

  ulimit-n  16384

  log  127.0.0.1 local0 err

  stats timeout 30s

defaults

  log global

  mode  http

  option  httplog

  timeout connect 5000

  timeout client  50000

  timeout server  50000

  timeout http-request 15s

  timeout http-keep-alive 15s

frontend k8s-master

  bind 0.0.0.0:8443

  bind 127.0.0.1:8443

  mode tcp

  option tcplog

  tcp-request inspect-delay 5s

  default_backend k8s-master

backend k8s-master

  mode tcp

  option tcplog

  option tcp-check

  balance roundrobin

  default-server inter 10s downinter 5s rise 2 fall 2 slowstart 60s maxconn 250 maxqueue 256 weight 100

  server k8s-master01    192.168.100.6:6443  check

  server k8s-master02    192.168.100.7:6443  check

  server k8s-master03    192.168.100.8:6443  check


三、keepalived

1.keepalived.conf文件主要配置解析

router_id HA_TEST_R1:本路由器(服务器)的名称、主备名称要不一样

vrrp_instance Vl_1∶定义VRRP热备实例

state MASTER:热备状态,MASTER表示主服务器

interface ens33:承载VIP地址的物理接口

virtual_router_id 1 :虚拟路由器的ID号,每个热备组保持一致

priority 100:优先级,数值越大优先级越高

advert_int 1:通告间隔秒数(心跳频率)

auth_type PASS:认证类型

auth_pass 123456:密码字串

virtual_ipaddress vip:指定漂移地址(VIP),可以有多个

2. k8s-master01配置如下vim /etc/keepalived/keepalived.conf

! Configuration File for keepalived

global_defs

    router_id LVS_DEVEL

vrrp_script chk_apiserver

    script "/etc/keepalived/check_apiserver.sh"

    interval 5 

    weight -5

    fall 2

    rise 1

vrrp_instance VI_1

    state MASTER

    interface ens33

    mcast_src_ip 192.168.100.6

    virtual_router_id 51

    priority 101

    nopreempt

    advert_int 2

    authentication

        auth_type PASS

        auth_pass K8SHA_KA_AUTH

    

    virtual_ipaddress

        192.168.100.100

    

    track_script       chk_apiserver

3.k8s-master02配置如下vim /etc/keepalived/keepalived.conf

! Configuration File for keepalived

global_defs

    router_id LVS_DEVEL

vrrp_script chk_apiserver

    script "/etc/keepalived/check_apiserver.sh"

    interval 5 

    weight -5

    fall 2

    rise 1

vrrp_instance VI_1

    state BACKUP

    interface ens33

    mcast_src_ip 192.168.100.7

    virtual_router_id 51

    priority 100

    nopreempt

    advert_int 2

    authentication

        auth_type PASS

        auth_pass K8SHA_KA_AUTH

    

    virtual_ipaddress

        192.168.100.100

    

    track_script       chk_apiserver

4.k8s-master03配置如下vim /etc/keepalived/keepalived.conf

! Configuration File for keepalived

global_defs

    router_id LVS_DEVEL

vrrp_script chk_apiserver

    script "/etc/keepalived/check_apiserver.sh"

    interval 5

    weight -5

    fall 2  

    rise 1

vrrp_instance VI_1

    state BACKUP

    interface ens33

    mcast_src_ip 192.168.100.7

    virtual_router_id 51

    priority 100

    nopreempt

    advert_int 2

    authentication

        auth_type PASS

        auth_pass K8SHA_KA_AUTH

    

    virtual_ipaddress

        192.168.100.100

    

    track_script       chk_apiserver

四、健康检查配置(3台主机都需要配置)

vim /etc/keepalived/check_apiserver.sh

#!/bin/bash

err=0

for k in $(seq 1 3)

do

    check_code=$(pgrep haproxy)

    if [[ $check_code == "" ]]; then

        err=$(expr $err + 1)

        sleep 1

        continue

    else

        err=0

        break

    fi

done

if [[ $err != "0" ]]; then

    echo "systemctl stop keepalived"

    /usr/bin/systemctl stop keepalived

    exit 1

else

    exit 0

fi

以上是关于高可用架构配置(haproxy+keepalived)的主要内容,如果未能解决你的问题,请参考以下文章

高可用haproxy调度varnish服务器缓存后端动静分离集群架构

基于haproxy+keepalive+varnish实现lnmp企业级架构

keepalive高可用haproxy实现URL资源的动静分离

keepalive && Nginx 高可用配置

haprox + keepalive 实现 高可用+ 四层负载均衡

高可用架构配置(haproxy+keepalived)