#云原生征文#k8s高可用三台master部署 图文并茂

#云原生征文#k8s高可用三台master部署 图文并茂

每台机器都要部署nginx

1.前提：k8s相关服务必须安装完

关闭每台机器防火墙,postfix，selinux，swap

systemctl disable firewalld && systemctl stop firewalldsystemctl disable postfix && systemctl stop postfixsetenforce 0 && sed -i "s/^SELINUX=enforcing/SELINUX=disabled/g" /etc/selinux/configswapoff -a && sed -i 's/.*swap.*/#&/' /etc/fstab

修改k8s文件，将桥接的IPv4流量传递到iptables的链

cat > /etc/sysctl.d/k8s.conf << EOFnet.bridge.bridge-nf-call-ip6tables = 1net.bridge.bridge-nf-call-iptables = 1EOF# 生效sysctl --system

安装配置docker

mkdir -p /etc/docker/

vim /etc/docker/daemon.json#添加如下配置{    "hosts":[        "tcp://0.0.0.0:9998",        "unix:///var/run/docker.sock"    ],    "insecure-registries":["192.168.146.101:5005"],    "registry-mirrors": ["install nginx keepalived -y​

```​

在所有节点上使用 nginx 来作为一个负载均衡器​

```shell​

vim /etc/kubernetes/nginx.conf​

```​

添加如下内容​

```shell​

error_log stderr notice;​

worker_processes 2;​

worker_rlimit_nofile 130048;​

worker_shutdown_timeout 10s;​

events {​

multi_accept on;​

use epoll;​

worker_connections 16384;​

}​

stream {​

upstream kube_apiserver {​

least_conn;​

server 10.0.0.215:6443;​

server 10.0.0.128:6443;​

server 10.0.0.29:6443;​

}​

server {​

listen 8443;​

proxy_pass kube_apiserver;​

proxy_timeout 10m;​

proxy_connect_timeout 1s;​

}​

}​

{​

aio threads;​

aio_write on;​

tcp_nopush on;​

tcp_nodelay on;​

keepalive_timeout 5m;​

keepalive_requests 100;​

reset_timedout_connection on;​

server_tokens off;​

autoindex off;​

server {​

listen 8081;​

location /stub_status {​

stub_status on;​

access_log off;​

}​

}​

}​

```​

部署keepalived服务​

yum install keepalived -y

2.更新master节点配置

**修改 kubelet 配置：**

```shell​

vim /etc/kubernetes/kubelet.conf​

```​

将原有的ip改成nginx的代理配置​

```yaml​

......​

server: kubernetes​

......​

```​

重启服务​

```shell​

systemctl restart kubelet​

```​

**修改 controller-manager 配置：**

```shell​

vim /etc/kubernetes/controller-manager.conf​

```​

将原有的ip改成nginx的代理配置​

```yaml​

......​

server: kubernetes​

......​

```​

重启服务​

```shell​

docker kill $(docker ps | grep kube-controller-manager | grep -v pause | cut -d' ' -f1)​

```​

**修改 scheduler 配置：**​

```shell​

vim /etc/kubernetes/scheduler.conf​

```​

将原有的ip改成nginx的代理配置​

```yaml​

......​

server: kubernetes​

......​

```​

重启服务​

```shell​

docker kill $(docker ps | grep kube-scheduler | grep -v pause | cut -d' ' -f1)​

```​

**更新kube客户端配置**

```​

vim ~/.kube/config​

```​

将原有的ip改成nginx的代理配置​

```yaml​

......​

server: kubernetes​

......​

```​

**更新 kube-proxy 配置**

```shell​

kubectl -n kube-system edit cm kube-proxy​

```​

将原有的ip改成nginx的代理配置​

```yaml​

......​

kubeconfig.conf: |-​

apiVersion: v1​

kind: Config​

clusters:​

- cluster:​

certificate-authority: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt​

server: default​

......​

```​

重启各个节点的 kube-proxy​

3.更新控制平面(master)配置

从集群中的 ConfigMap 中获取当前配置​

```shell​

kubectl -n kube-system get configmap kubeadm-config -o jsonpath='{.data.ClusterConfiguration}' > kubeadm.yaml​

```​

然后在当前配置文件里面里面添加 `controlPlaneEndpoint` 属性，用于指定控制面板的负载均衡器的地址。​

```yaml​

controlPlaneEndpoint: localhost:8443 #在首行添加该配置​

```​

使用以下命令将其上传回集群​

```shell​

kubeadm config upload from-file --config kubeadm.yaml​

```​

然后需要在 `kube-public` 命名空间中更新 `cluster-info` 这个 ConfigMap，该命名空间包含一个Kubeconfig 文件，该文件的 `server:` 一行指向单个控制平面节点。只需使用`kubectl -n kube-public edit cm cluster-info` 更新该 `server:` 行以指向控制平面的负载均衡器即可。​

```shell​

kubectl -n kube-public edit cm cluster-info​

```​

将原有的ip改成nginx的代理配置​

```yaml​

......​

server: ""​

......​

```​

更新完成就可以看到 cluster-info 的信息变成了负载均衡器的地址了。​

```shell​

kubectl cluster-info​

```​

4.生成token

kubeadm init phase upload-certs --upload-certs​

kubeadm token create --print-join-command --config kubeadm.yaml​

5.添加master节点

kubeadm reset​

rm -rf /var/lib/etcd​

kubeadm join localhost:8443 --token 4pi1b4.ngn8krw0aonwpnzd --discovery-token-ca-cert-hash sha256:e94427a152103d795535f5ec783f5f4dbaf2f92419682326d8716332d493f683 --control-plane --certificate-key 653c8a46198e675bee0b7b0183049b7e9ee08a2ff567bc5c36b82c28553ad484​

```​

6.修改etcd组件配置

登录各个master节点，修改etcd配置​

```shell​

vim /etc/kubernetes/manifests/etcd.yaml​

```​

增加所有master的连接​

```yaml​

......​

- --initial-cluster=hw-prd-dtp-hue-server-10-4-46-215=https://10.4.46.215:2380,hw-prd-dtp-k8s-master-10-4-46-128=https://10.4.46.128:2380,hw-prd-dtp-k8s-master-10-4-46-29=https://10.4.46.29:2380​

......

【本文正在参加云原生有奖征文活动】，活动链接：https://ost./posts/12598”；

版权声明：本文内容由网络用户投稿，版权归原作者所有，本站不拥有其著作权，亦不承担相应法律责任。如果您发现本站中有涉嫌抄袭或描述失实的内容，请联系我们jiasou666@gmail.com 处理，核实后本网站将在24小时内删除侵权内容。