Giter Club home page Giter Club logo

k8s's Introduction

使用Ansible部署高可用Kubernetes集群

节点规划

ETCD节点 Master节点 Node节点 VIP
192.168.100.136 192.168.100.139 192.168.100.142
192.168.100.137 192.168.100.140 192.168.100.143 192.168.100.150
192.168.100.138 192.168.100.141 192.168.100.144

注: Master节点使用KeepAlived+HaProxy进行高可用负载均衡

  • Keepalived对Master节点的Kube-apiserver提供高可用VIP服务
  • Haproxy监听VIP对Kube-apiserver提供负载均衡服务,所有组件通过开放的8443端口访问

应用规划

系统 CFSSL ETCD KeepAlived HaProxy Kubernetes Containerd Crictl
CentOS 8 1.5.0 v3.4.14 2.1.5 2.3.2 v1.19.5 1.4.3 v1.19.0

注1:变量化配置更改项主要在"defaults/main.yaml"文件中,cfssl安装在ansible主机,kubernetes压缩在ansible主机,其他应用下载压缩包在ansible主机即可。

注2: 关于集群网络,可以选择使用yaml部署Calico、Cilium、Flannel(需安装cni-plugins[/opt/cni/bin/])等网络插件

安装ansible

# yum -y install ansible
# egrep -v "^#|^$" /etc/ansible/hosts
[etcd]
192.168.100.136  hostname=etcd1
192.168.100.137  hostname=etcd2
192.168.100.138  hostname=etcd3
[master]
192.168.100.139  hostname=master1
192.168.100.140  hostname=master2
192.168.100.141  hostname=master3
[node]
192.168.100.142  hostname=node1
192.168.100.143  hostname=node2
192.168.100.144  hostname=node3
[etcd:vars] 
ansible_ssh_user="root" 
ansible_ssh_pass="wangzhijian"
[master:vars] 
ansible_ssh_user="root" 
ansible_ssh_pass="wangzhijian"
[node:vars] 
ansible_ssh_user="root" 
ansible_ssh_pass="wangzhijian"

生成SSH认证所需的公钥和私钥文件

ssh-keygen -t rsa -P ''

复制hosts

ansible all -m copy -a "src=/etc/hosts dest=/etc/hosts"

签署证书

source cfssl.sh

部署集群

ansible-playbook k8s.yaml

查看集群状况

# ansible 192.168.100.136 -a "etcdctl --endpoints=https://192.168.100.136:2379 --cacert=/etc/ssl/etcd/ca.pem --key=/etc/ssl/etcd/etcd-key.pem --cert=/etc/ssl/etcd/etcd.pem -w=table member list"
192.168.100.136 | CHANGED | rc=0 >>
+------------------+---------+-------+------------------------------+------------------------------+------------+
|        ID        | STATUS  | NAME  |          PEER ADDRS          |         CLIENT ADDRS         | IS LEARNER |
+------------------+---------+-------+------------------------------+------------------------------+------------+
| 25d84952513e4c13 | started | etcd3 | https://192.168.100.138:2380 | https://192.168.100.138:2379 |      false |
| 5700b9ecd6ca26d0 | started | etcd2 | https://192.168.100.137:2380 | https://192.168.100.137:2379 |      false |
| 8c08a828e17afa88 | started | etcd1 | https://192.168.100.136:2380 | https://192.168.100.136:2379 |      false |
+------------------+---------+-------+------------------------------+------------------------------+------------+

# ansible 192.168.100.139 -a "kubectl cluster-info"
192.168.100.139 | CHANGED | rc=0 >>
Kubernetes control plane is running at https://192.168.100.150:8443

# ansible 192.168.100.139 -a "kubectl get cs"
192.168.100.139 | CHANGED | rc=0 >>
NAME                 STATUS    MESSAGE             ERROR
scheduler            Healthy   ok                  
controller-manager   Healthy   ok                  
etcd-0               Healthy   {"health":"true"}   
etcd-2               Healthy   {"health":"true"}   
etcd-1               Healthy   {"health":"true"}   

# ansible 192.168.100.139 -a "kubectl get nodes"
192.168.100.139 | CHANGED | rc=0 >>
NAME    STATUS   ROLES    AGE   VERSION
node1   Ready    <none>   14h   v1.20.2
node2   Ready    <none>   14h   v1.20.2
node3   Ready    <none>   14h   v1.20.2

清理集群

注:清除前请删除所有Pod

ansible-playbook clean-cluster.yaml

k8s's People

Contributors

zhijiansd avatar

Stargazers

avatar avatar avatar avatar

Forkers

c20031776 fuquanjun ifpython metadeng lsj188 uglyliu chanlewis kwlkwl tankke likejian jokerforweb banna2019 chencw2011 mushj

k8s's Issues

一些小问题

老哥你什么系统 ,你是不是截多了 7.5 需要改成ip addr|grep secondary|awk '{print $2}'|cut -c 1-13
1-15会把后面掩码截出来

建议把所有需要配置的ip 使用变量

镜像地址

能把用到的镜像地址及Dockerfile共享出来吗?谢谢

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.