FreezeJ' Blog

为K8S-ApiServer部署高可用负载均衡

2025-09-16

安装HAproxy和keepalived

在所有节点上执行

yum install -y haproxy keepalived

# 配置文件
cat > /etc/haproxy/haproxy.cfg << EOF
global
    log /dev/log local0
    chroot      /var/lib/haproxy
    pidfile     /var/run/haproxy.pid
    maxconn 4000
    user haproxy
    group haproxy
    daemon
    # turn on stats unix socket
    stats socket /var/lib/haproxy/stats

defaults
    mode tcp
    timeout connect 2s
    timeout client 30s
    timeout server 30s
    retries 3

frontend k8s-api
    bind *:8443
    default_backend k8s-servers

backend k8s-servers
    balance roundrobin
    server k8s-master1 192.168.13.221:6443 check inter 3s fall 3 rise 2
    server k8s-master2 192.168.13.222:6443 check inter 3s fall 3 rise 2
    server k8s-master3 192.168.13.223:6443 check inter 3s fall 3 rise 2
EOF

# 启动haproxy
systemctl enable --now haproxy

master1上配置keepalived

cat > /etc/keepalived/keepalived.conf << EOF
vrrp_script chk_haproxy {
    script "echo show info | socat unix-connect:/var/lib/haproxy/stats stdio"
    interval 2
    timeout 2
    weight -20
}

vrrp_instance VI_1 {
    state MASTER
    interface ens192
    virtual_router_id 51
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass a9Bz6T27x!2
    }
    virtual_ipaddress {
        192.168.13.229/24
    }
    track_script {
        chk_haproxy
    }
    nopreempt
}
EOF

master2上配置keepalived(按照实际修改interface接口名称、state状态、priority优先级)

cat > /etc/keepalived/keepalived.conf << EOF
vrrp_script chk_haproxy {
    script "/usr/bin/curl -sSf http://127.0.0.1:8404/stats >/dev/null || exit 1"
    interval 2
    timeout 2
    weight -20
}

vrrp_instance VI_1 {
    state BACKUP
    interface ens192
    virtual_router_id 51
    priority 90
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass a9Bz6T27x!2
    }
    virtual_ipaddress {
        192.168.13.229/24
    }
    track_script {
        chk_haproxy
    }
    nopreempt
}
EOF

master3上配置keepalived(按照实际修改interface接口名称、state状态、priority优先级)

cat > /etc/keepalived/keepalived.conf << EOF
vrrp_script chk_haproxy {
    script "/usr/bin/curl -sSf http://127.0.0.1:8404/stats >/dev/null || exit 1"
    interval 2
    timeout 2
    weight -20
}

vrrp_instance VI_1 {
    state BACKUP
    interface ens192
    virtual_router_id 51
    priority 80
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass a9Bz6T27x!2
    }
    virtual_ipaddress {
        192.168.13.229/24
    }
    track_script {
        chk_haproxy
    }
    nopreempt
}
EOF

# 启动Keepalived
systemctl enable --now keepalived
标签: Linux
K8Sv1.32多Master高可用集群部署
使用支付宝打赏
使用微信打赏

若你觉得我的文章对你有帮助,欢迎点击上方按钮对我打赏