VIP、keepalive、L4反向代理 node10、node11、node12
相关资料: Keepalived之——Keepalived + Nginx 实现高可用 Web 负载均衡 高可用实践——Keepalived踩坑记录 Keepalived原理
nginx http段中是7L代理配置,注意不要配置到http段下 vi /etc/nginx/nginx.conf
vi /etc/nginx/nginx.conf
stream {upstream kube-apiserver {server 172.10.10.21:6443 max_fails=3 fail_timeout=30s;server 172.10.10.22:6443 max_fails=3 fail_timeout=30s;}server {listen 7443;proxy_connect_timeout 2s;proxy_timeout 900s;proxy_pass kube-apiserver;}}
node11和node12上分别配置4L代理,负载node21和node22的kube-apiserver
vi /etc/keepalived/check_port.sh
#!/bin/bashCHK_PORT=$1if [ -n "$CHK_PORT" ];thenPORT_PROCESS=`ss -lnt|grep $CHK_PORT|wc -l`if [ $PORT_PROCESS -eq 0 ];thenecho "Port $CHK_PORT Is Not Used,End."exit 1fielseecho "Check Port Cant Be Empty!"fi
该脚本用于keepalived调用,通过ss命令查看7443端口是否监听,判断上文nginx是否正常
yum install keepalived
vi /etc/keepalived/keepalived.conf
! Configuration File for keepalivedglobal_defs {## 标识本节点的字条串,通常为 hostnamerouter_id 172.10.10.12}vrrp_script chk_nginx {script "/etc/keepalived/check_port.sh 7443"interval 2weight -20}## 定义虚拟路由, VI_1 为虚拟路由的标示符,自己定义名称vrrp_instance VI_1 {state BACKUPinterface ens33virtual_router_id 251mcast_src_ip 172.10.10.12priority 90advert_int 1authentication {auth_type PASSauth_pass 11111111}track_script {chk_nginx}virtual_ipaddress {172.10.10.10}}
注意state参数,主节点配置成MASTER,备节点配置成BACKUP vrrp_script chk_nginx 配置一个名为chk_nginx的脚本,在后续vrrp_instance虚拟路由中配置使用 上数配置,正常情况下MASTER服务器接管VIP成为【主】,当M服务器宕机后,BACKUP服务器接管VIP成为【主】,已达到灾备的效果,如果M服务器再次恢复正常,那么M服务器会重新抢回VIP成为【主】 B服务器变成【备】。 若需VIP不随意飘动需配置nopreempt参数 vrrp_instance下配置项:nopreempt设置当前节点为非抢占式的 资料:Keepalived 设置master故障恢复后不重新抢回VIP(解决nopreempt无效)
state
MASTER
BACKUP
vrrp_script chk_nginx
nopreempt
systemctl start keepalived 启动keepalived nginx reload
systemctl start keepalived
nginx reload
说明:
![[翻译]微服务设计模式5. 服务发现服务端服务发现](https://img7.php1.cn/3cdc5/ca23/525/3af55d7cf19345b9.jpeg)
京公网安备 11010802041100号