四、添加master和keepalived
<h4>添加master2 和 master3 做为master节点</h4>
<ul>
<li>官方高可用结构1:
<img src="https://www.showdoc.cc/server/api/common/visitfile/sign/b038ba458fe9c3b4ba548b99168d84ea?showdoc=.jpg" alt="" /></li>
<li>官方高可用结构2:
<img src="https://www.showdoc.cc/server/api/common/visitfile/sign/30508de8e18838439a9d2085d863a029?showdoc=.jpg" alt="" /></li>
</ul>
<h6>1.从master1节点copy pki 证书文件</h6>
<pre><code class="language-shell">#/bin/bash
USER=root
CONTROL_PLANE_IPS="10.0.0.112 10.0.0.113"
for host in ${CONTROL_PLANE_IPS}; do
scp /etc/kubernetes/pki/ca.crt "${USER}"@$host:/etc/kubernetes/pki/ca.crt
scp /etc/kubernetes/pki/ca.key "${USER}"@$host:/etc/kubernetes/pki/ca.key
scp /etc/kubernetes/pki/sa.key "${USER}"@$host:/etc/kubernetes/pki/sa.key
scp /etc/kubernetes/pki/sa.pub "${USER}"@$host:/etc/kubernetes/pki/sa.pub
scp /etc/kubernetes/pki/front-proxy-ca.crt "${USER}"@$host:/etc/kubernetes/pki/front-proxy-ca.crt
scp /etc/kubernetes/pki/front-proxy-ca.key "${USER}"@$host:/etc/kubernetes/pki/front-proxy-ca.key
scp /etc/kubernetes/pki/etcd/ca.crt "${USER}"@$host:/etc/kubernetes/pki/etcd/ca.crt
scp /etc/kubernetes/pki/etcd/ca.key "${USER}"@$host:/etc/kubernetes/pki/etcd/ca.key
scp /etc/kubernetes/admin.conf "${USER}"@$host:/etc/kubernetes
done</code></pre>
<h6>2.在master2和master3节点上使用kubeadm join 的--experimental-control-plane参数添加master节点到集群中:</h6>
<p><code>kubeadm join 10.0.0.110:6443 --token ypngih.0pnlnb3gmjlw1pea --discovery-token-ca-cert-hash sha256:95c5646666f6736009fb6380f22ed0514491599b498023f0a4a3cb82c6f61719 --experimental-control-plane</code></p>
<h6>3.配置集群高可用:</h6>
<ul>
<li>1.所有master节点安装keepalived</li>
<li>
<p>2.修改配置文件 根据注释,每个节点上都要修改:</p>
<pre><code class="language-shell">global_defs {
router_id LVS_k8s
}
vrrp_script CheckK8sMaster {
script "curl -k https://10.0.0.110:6443" #vip地址 不需要修改
interval 3
timeout 9
fall 2
rise 2
}
vrrp_instance VI_1 {
state BACKUP #主备,master1 设置为MASTER,其他节点设置为BACKUP 根据节点修改
interface ens192
virtual_router_id 61
priority 100
advert_int 1
mcast_src_ip 10.0.0.112 #当前节点的ip 根据节点修改
nopreempt
authentication {
auth_type PASS
auth_pass dcos2019
}
unicast_peer { #不包含当前节点的ip,填其他两个节点的ip 根据节点修改
10.0.0.111
10.0.0.113
}
virtual_ipaddress {
10.0.0.110 #vip 地址 不需要修改
}
track_script {
CheckK8sMaster
}
}</code></pre>
</li>
<li>3.启动keepalived,启动之前请先删除添加的ip </li>
</ul>