快速搭建K8s高可用集群实战攻略

1、准备环境

服务器要求：

● 建议最小硬件配置：2核CPU、2G内存、20G硬盘。

● 服务器最好可以访问外网，会有从网上拉取镜像需求，如果服务器不能上网，需要提前下载对应镜像并导入节点。

软件环境：

服务器整体规划：

架构图：

2、系统初始化

# 关闭防火墙

systemctl stop firewalld

systemctl disable firewalld

# 关闭selinux

sed -i 's/enforcing/disabled/' /etc/selinux/config  #永久

setenforce 0  # 临时

# 关闭swap

swapoff -a  # 临时

sed -ri 's/.*swap.*/#&/' /etc/fstab    #永久

#分别在各节点设置主机名称

hostnamectl set-hostname k8s-master1 && bash

hostnamectl set-hostname k8s-master2 && bash

hostnamectl set-hostname k8s-node1 && bash

# 在所有主机添加hosts

cat >> /etc/hosts << EOF

192.168.52.15 k8s-master1

192.168.52.16 k8s-master2

192.168.52.17 k8s-node1

EOF

# 配置主机之间无密码登录

ssh-keygen

ssh-copy-id k8s-master1

ssh-copy-id k8s-master2

ssh-copy-id k8s-node1

# 将桥接的IPv4流量传递到iptables的链

modprobe br_netfilter

echo "modprobe br_netfilter" >> /etc/profile  

cat > /etc/sysctl.d/k8s.conf << EOF

net.bridge.bridge-nf-call-ip6tables = 1

net.bridge.bridge-nf-call-iptables = 1

EOF

sysctl -p /etc/sysctl.d/k8s.conf

#同步系统时间

yum install -y chrony

systemctl restart chronyd

systemctl status chronyd

chronyc sources

3、部署Nginx+Keepalived高可用负载均衡器

1、安装nginx主备:

在k8s-master1和 k8s-master2上做nginx主备安装:

yum install epel-release vim -y

yum install nginx keepalived -y

1. 修改nginx配置文件,主备一样

vim /etc/nginx/nginx.conf

user nginx;

worker_processes auto;

error_log /var/log/nginx/error.log;

pid /run/nginx.pid;

include /usr/share/nginx/modules/*.conf;

events {

   worker_connections 1024;

}

# 四层负载均衡，为两台Master apiserver组件提供负载均衡

stream {

 log_format main '$remote_addr $upstream_addr - [$time_local] $status

$upstream_bytes_sent';

 access_log /var/log/nginx/k8s-access.log main;

 upstream k8s-apiserver {

    server 192.168.52.15:6443; # Master1 APISERVER IP:PORT

    server 192.168.52.16:6443; # Master2 APISERVER IP:PORT

 }

 server {

 listen 16443; # 由于nginx与master节点复用，这个监听端口不能是6443，否则会冲突

 proxy_pass k8s-apiserver;

 }

}