Updated the ha support for kubernetesx

This commit is contained in:
Sambo Chea 2021-10-13 09:16:31 +07:00
parent f2f37a7eed
commit a6fb63cc3b
Signed by: sombochea
GPG Key ID: 3C7CF22A05D95490

View File

@ -4,6 +4,11 @@
- HAProxy - HAProxy
- Kubernetes - Kubernetes
### Nodes
- 2 servers for HA/Keepalived
- 3 servers for k8s master
- 5 servers for k8s worker
### Keepalived ### Keepalived
- Install and start service - Install and start service
@ -15,7 +20,7 @@ sudo systemctl start keepalived
``` ```
- Configuration for master nodes - Configuration for master nodes
- k8s-master-1 `/etc/keepalived/keepalived.conf` - ha-master-1 `/etc/keepalived/keepalived.conf`
```config ```config
global_defs { global_defs {
@ -23,7 +28,7 @@ global_defs {
sysadmin@cubetiqhost.net sysadmin@cubetiqhost.net
support@cubetiqhost.net support@cubetiqhost.net
} }
notification_email_from k8s-master-1@cubetiqhost.net notification_email_from ha-master-1@cubetiqhost.net
smtp_server localhost smtp_server localhost
smtp_connect_timeout 30 smtp_connect_timeout 30
} }
@ -32,35 +37,6 @@ vrrp_instance VI_1 {
state MASTER state MASTER
interface ens18 interface ens18
virtual_router_id 101 virtual_router_id 101
priority 101
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.0.10
}
}
```
- k8s-master-2 (BACKUP) `/etc/keepalived/keepalived.conf`
```config
global_defs {
notification_email {
sysadmin@cubetiqhost.net
support@cubetiqhost.net
}
notification_email_from k8s-master-2@cubetiqhost.net
smtp_server localhost
smtp_connect_timeout 30
}
vrrp_instance VI_1 {
state BACKUP
interface ens18
virtual_router_id 101
priority 100 priority 100
advert_int 1 advert_int 1
authentication { authentication {
@ -73,7 +49,7 @@ vrrp_instance VI_1 {
} }
``` ```
- k8s-master-3 (BACKUP) `/etc/keepalived/keepalived.conf` - ha-master-2 (BACKUP) `/etc/keepalived/keepalived.conf`
```config ```config
global_defs { global_defs {
@ -81,7 +57,7 @@ global_defs {
sysadmin@cubetiqhost.net sysadmin@cubetiqhost.net
support@cubetiqhost.net support@cubetiqhost.net
} }
notification_email_from k8s-master-3@cubetiqhost.net notification_email_from ha-master-2@cubetiqhost.net
smtp_server localhost smtp_server localhost
smtp_connect_timeout 30 smtp_connect_timeout 30
} }
@ -107,7 +83,7 @@ vrrp_instance VI_1 {
sudo systemctl restart keepalived sudo systemctl restart keepalived
``` ```
- Edit HAProxy config (for all nodes) - Edit HAProxy config (for all ha nodes)
```shell ```shell
sudo nano /etc/haproxy/haproxy.cfg sudo nano /etc/haproxy/haproxy.cfg
``` ```
@ -152,3 +128,36 @@ sudo sysctl --system
```shell ```shell
sudo systemctl restart haproxy.service sudo systemctl restart haproxy.service
``` ```
- Use SSH Authentication (Copy Pub for nodes)
```shell
for i in $(seq 1 3); do \
ssh-copy-id -f -i $HOME/.ssh/id_rsa.pub 192.168.0.1${i};\
done;
```
#### Initialize cluster with kubeadm
- Setup k8s-master-1
```shell
sudo kubeadm init \
--pod-network-cidr "10.16.1.0/8" \
--service-dns-domain "apps-lb.cubetiqhost.net" \
--control-plane-endpoint "k8s-lb.cubetiqhost.net:6443" \
--upload-certs
```
- Cluster network with calico
```shell
kubectl apply -f https://docs.projectcalico.org/manifests/calico.yaml
```
- Join control-plane
```shell
sudo kubeadm join k8s-lb.cubetiqhost.net:6443 --token $TOKEN --discovery-token-ca-cert-hash $HASH b20a5a71d --control-plane --certificate-key $CERT_KEY
```
- Join worker
```shell
sudo kubeadm join k8s-lb.cubetiqhost.net:6443 --token $TOKEN --discovery-token-ca-cert-hash $HASH
```