做网站在经营范围内属于什么一链一网一平台

当前位置： 首页 > news >正文

做网站在经营范围内属于什么,一链一网一平台,wordpress pdf文章,中信建设有限责任公司农业事业部高可用架构 本文采用kubeadm方式搭建k8s高可用集群#xff0c;k8s高可用集群主要是对apiserver、etcd、controller-manager、scheduler做的高可用#xff1b;高可用形式只要是为#xff1a;

1. apiserver利用haproxykeepalived做的负载#xff0c;多apiserver节点同时工作… 高可用架构 本文采用kubeadm方式搭建k8s高可用集群k8s高可用集群主要是对apiserver、etcd、controller-manager、scheduler做的高可用高可用形式只要是为
2. apiserver利用haproxykeepalived做的负载多apiserver节点同时工作
3. etcd利用k8s内部提供的解决方案做的高可用最多容忍一台etcd服务宕机
4. controller-manager、scheduler的高可用机制为如果多个服务同时存在则会选举一个leader工作另外两个处于sleep的状态 集群信息规划 主机名称 系统版本 主机IP 备注 K8s-master01 Centos7.6 192.168.0.101 Master01/registry K8s-master02 Centos7.6 192.168.0.102 Master02 K8s-master03 Centos7.6 192.168.0.103 Master03 K8s-node01 Centos7.6 192.168.0.111 Node01 K8s-node02 Centos7.6 192.168.0.112 Node02 K8s-node03 Centos7.6 192.168.0.113 Node03 Apiserver-keepalived Centos7.6 192.168.0.100 HA-apiserver 服务器的初始化 #此些操作根据实际需求所有服务器都需要操作  修改hosts文件  192.168.0.101 k8s-master01 192.168.0.102 k8s-master02  192.168.0.103 k8s-master03 192.168.0.111 k8s-node01 192.168.0.112 k8s-node02 192.168.0.113 k8s-node03 修改主机名称 hostnamectl set-hostname k8s-master01 hostname -b k8s-master01 #其余服务器按照此方式进行修改 关闭NetworkManager服务 [rootk8s-master01 ~]# systemctl stop NetworkManager [rootk8s-master01 ~]# systemctl disable NetworkManager Removed symlink /etc/systemd/system/multi-user.target.wants/NetworkManager.service. Removed symlink /etc/systemd/system/dbus-org.freedesktop.nm-dispatcher.service. Removed symlink /etc/systemd/system/network-online.target.wants/NetworkManager-wait-online.service.修改服务器的IP地址 [rootk8s-master01 ~]# sed -i /IP/d /etc/sysconfig/network-scripts/ifcfg-ens33 [rootk8s-master01 ~]# sed -i s/BOOTPROTOdhcp/BOOTPROTOstatic/g /etc/sysconfig/network-scripts/ifcfg-ens33 [rootk8s-master01 ~]# sed -i s/ONBOOTno/ONBOOTyes/g /etc/sysconfig/network-scripts/ifcfg-ens33 [rootk8s-master01 ~]# sed -i /UUID/d /etc/sysconfig/network-scripts/ifcfg-ens33 [rootk8s-master01 ~]# echo -e IPADDR192.168.0.101\nNETMASK255.255.255.0\nGATEWAY192.168.0.1 /etc/sysconfig/network-scripts/ifcfg-ens33 [rootk8s-master01 ~]# systemctl restart network安装依赖包 [rootk8s-master01 ~]# yum install -y conntrack ntpdate ntp ipvsadm ipset jq iptables curl sysstat libseccomp wgetvimnet-tools git设置防火墙并且清空规则 [rootk8s-master01 ~]# systemctl stop firewalld systemctl disable firewalld [rootk8s-master01 ~]#yum -y install iptables-services systemctl start iptables systemctl enable iptables iptables -F service iptables save关闭selinux [rootk8s-master02 ~]# swapoff -a sed -i / swap / s/^(.)$/#\1/g /etc/fstab [rootk8s-master01 ~]# setenforce 0 sed -i s/^SELINUX./SELINUXdisabled/ /etc/selinux/config服务器之间免密配置 #生成密钥 [rootk8s-master01 ~]# ssh-keygen -t rsa#将密钥传到其他服务器上面 [rootk8s-master01 ~]# ssh-copy-id -i /root/.ssh/id_rsa.pub root192.168.0.102Docker依赖安装 [rootk8s-master01 ~]# yum install -y yum-utils device-mapper-persistent-data lvm2安装Docker源 [rootk8s-master01 ~]# yum-config-manager –add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo安装Docker [rootk8s-master01 ~]# yum update -y yum install -y docker-ce配置daemon配置文件 [rootk8s-master01 ~]# mkdir -p /etc/docker [rootk8s-master01 ~]# mkdir -p /etc/systemd/system/docker.service.d [rootk8s-master01 ~]# cat /etc/docker/daemon.json {exec-opts: [native.cgroupdriversystemd], #着重注意标红字体log-driver: json-file,log-opts: {max-size: 100m},insecure-registries:[http://registry.k8s-test.com] #后面会使用到私有镜像仓库}EOF启动docker并且设置开机自启动 [rootk8s-master01 ~]# systemctl daemon-reload systemctl restart docker systemctl enable docker安装kubelet [rootk8s-master01 ~]# cat /etc/yum.repos.d/kubernetes.repo[kubernetes]nameKubernetesbaseurlhttp://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64enabled1gpgcheck0repo_gpgcheck0gpgkeyhttp://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpghttp://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpgEOF[rootk8s-master01 ~]# yum install -y kubelet-1.16.4 kubeadm-1.16.4 kubectl-1.16.4启动kubelet并且设置为开机启动 [rootk8s-master01 ~]# systemctl enable kubelet systemctl start kubeletKeepalive安装 [rootk8s-master01 ~]# yum -y install keepalived修改配置文件: master01和master02和master03配置一样只是routerid记得变一下 [rootk8s-master01 ~]# more /etc/keepa hived/keepalhived.Conf ! Configuration File for keepalived global defs{router_id master01 } vrrp_instance VI_1 {state BACKUPinterface ens33virtual_router_id 5priority 90advert_int 1authentication {auth type PASSauth pass 1111}virtual ipaddress {192.168.0.100} }启动keepalived [rootk8s-master02 ~]# systemctl enable keepalived systemctl start keepalived验证 master01 master02 master03 k8s安装 下载镜像 [rootk8s-master01 tools]# sh get_images.sh部署镜像中心 [rootk8s-master01 images]# docker images | grep k8s-registry.com/registry[rootk8s-master01 images]# docker run -d -p 80:5000 -v /home/registry:/var/lib/registry –restartalways –name registry k8s-registry.com/registry:1.0将镜像push到镜像中心 [rootk8s-master01 images]# docker images | awk {print \(1:\)2} | xargs -i docker push {}创建kubeadm-config.yaml的配置文件 [rootk8s-master01 install-master]# more kubeadm-config.yaml apiVersion: kubeadm.k8s.io/v1beta2 kind: ClusterConfiguration kubernetesVersion: v1.16.4 apiServer:certSANs:- k8s-master01- k8s-master02- k8s-master03- k8s-node01- k8s-node02- k8s-node03- 192.168.0.100- 192.168.0.101- 192.168.0.102- 192.168.0.103- 192.168.0.111- 192.168.0.112- 192.168.0.113 controlPlaneEndpoint: 192.168.0.100:6443 networking:podSubnet: 10.244.0.0/16初始化master [rootk8s-master01 install-master]# kubeadm init –configkubeadm-config.yaml验证安装 创建flannel网络 下载flannel的yaml文件 [rootk8s-master01 flannel]# wget https://raw.githubusercontent.com/coreos/flannel/2140ac876ef134e0ed5af15c65e414cf26827915/Documentation/kube-flannel.yml创建flannel网络 [rootk8s-master01 flannel]# kubectl app -f kube-flannel.yml 验证安装 master节点添加至集群 master01向其他两个节点颁发证书 [rootk8s-master01 tools]# cat cert-amin-master.sh [rootk8s-master01 tools]# sh cert-amin-master.sh其他节点将证书放到指定目录 [rootk8s-master02 ~]# sh cert-other-master.sh [rootk8s-master02 ~]# more cert-other-master.sh加入集群 kubeadm join 192.168.0.100:6443 –token lllil4.2wm1u6ocuxmysn7l --discovery-token-ca-cert-hash sha256:fa5075ba896b8dbfdaf19125dee28817fdd349b7c4cea9ab243ad4224eb90892 --control-plane查看布置的节点