KeepAlived 是一个高可用方案,通过 VIP(即虚拟 IP)和心跳检测来实现高可用。其原理是存在一组(两台)服务器,分别赋予 Master、Backup 两个角色,默认情况下Master 会绑定VIP 到自己的网卡上,对外提供服务。Master、Backup 会在一定的时间间隔向对方发送心跳数据包来检测对方的状态,这个时间间隔一般为 2 秒钟,如果Backup 发现Master 宕机,那么Backup 会发送ARP 包到网关,把VIP 绑定到自己的网卡,此时Backup 对外提供服务,实现自动化的故障转移,当Master 恢复的时候会重新接管服务。非常类似于路由器中的虚拟路由器冗余协议(VRRP)
开启路由转发,这里我们定义虚拟IP为:10.80.4.200
vi /etc/sysctl.conf
# 添加以下内容
net.ipv4.ip_forward = 1
net.ipv4.ip_nonlocal_bind = 1
# 验证并生效
sysctl -p
# 验证是否生效
cat /proc/sys/net/ipv4/ip_forward
1
安装keepalived:
yum install -y keepalived
我们这里将master01 设置为Master,master02 设置为Backup,配置如下:
master配置:
[root@master01 ~]# cat /etc/keepalived/keepalived.conf
global_defs {
notification_email {
root@localhost
}
notification_email_from keepalived@localhost
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id k8s-1
vrrp_mcast_group4 224.0.100.12
}
vrrp_script chk_K8s {
script "killall -0 kube-apiserver "
interval 3
weight -20
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 61
priority 115
advert_int 1
authentication {
auth_type PASS
auth_pass zhl123
}
virtual_ipaddress {
10.80.4.200/24
}
track_script {
chk_K8s
}
}
backup节点配置:
[root@master02 ~]# cat /etc/keepalived/keepalived.conf
global_defs {
notification_email {
root@localhost
}
notification_email_from keepalived@localhost
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id k8s-2
vrrp_mcast_group4 224.0.100.12
}
vrrp_script chk_K8s {
script "killall -0 kube-apiserver "
interval 3
weight -20
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 61
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass zhl123
}
virtual_ipaddress {
10.80.4.200/24
}
track_script {
chk_K8s
}
}
启动keepalived:
systemctl start keepalived && systemctl enable keepalived
验证apiserver:关闭master01 节点上的kube-apiserver 进程,然后查看虚拟ip是否漂移到了master02 节点。