Article Directory
1. Server preparation
| node name | Machine IP | OS version | haproxy version |
|---|---|---|---|
| node1 | 192.168.0.145 | Cents 7.9 | haproxy-2.6.1 |
| node2 | 192.168.0.200 | Cents 7.9 | haproxy-2.6.1 |
| node3 | 192.168.0.233 | Cents 7.9 | haproxy-2.6.1 |
2. haproxy installation and deployment
Deploy the haproxy service on the above three machines, and perform the following operations on each machine.
2.1 Parameter adjustment
- Basic environment configuration Modify the /etc/sysctl.conf configuration file and add the following content to the file
net.ipv4.ip_nonlocal_bind=1
After saving the /etc/sysctl.conf file, execute on the command line
sysctl -p
2.2 Download haproxy source code
su - root
cd /opt
wget https://www.haproxy.org/download/2.6/src/haproxy-2.6.1.tar.gz
- Compile and install the haproxy service
cd /opt
tar -xvf haproxy-2.6.1.tar.gz
cd haproxy-2.6.1
make clean
make -j $(nproc) TARGET=linux-glibc USE_OPENSSL=1
make install
- haproxy initialization configuration
cd /opt/haproxy-2.6.1
mkdir /etc/haproxy
cp examples/basic-config-edge.cfg /etc/haproxy/haproxy.cfg
cp examples/haproxy.init /etc/init.d/haproxy
chmod +x /etc/init.d/haproxy
ln -s /usr/local/sbin/haproxy /usr/sbin/haproxy
mkdir /usr/share/haproxy
- haproxy business rule configuration The haproxy business rule configuration file is in /etc/haproxy/haproxy.cfg. Set the content in the configuration file to the following:
global
log 127.0.0.1 local0
log 127.0.0.1 local1 notice
maxconn 8192
chroot /usr/share/haproxy
user root
group root
daemon
# default settings common to all HTTP proxies below
defaults http
mode http
option httplog
log global
option dontlognull
maxconn 8192
timeout client 1m
timeout server 1m
timeout connect 10s
timeout http-keep-alive 2m
timeout queue 15s
timeout tunnel 4h # for websocket
frontend k8sfrontend
bind 192.168.0.110:8443
mode tcp
option tcplog
tcp-request inspect-delay 5s
default_backend k8scluster
backend k8scluster
mode tcp
option tcplog
option tcp-check
balance roundrobin
default-server inter 10s downinter 5s rise 2 fall 2 slowstart 60s maxconn 250 maxqueue 256 weight 100
server k8s-cluster-145 192.168.0.145:6443 check
server k8s-cluster-200 192.168.0.200:6443 check
In the configuration above, 192.168.0.110 is the vip in keepalived. 192.168.0.200:6443 and 192.168.0.145:6443 are the background service address information that needs to be load balanced, and are the subsequent kube-spiserver port addresses.
2.3 Start the haproxy service
systemctl enable haproxy
systemctl start haproxy
After the service starts, haproxy will start the load balancing service through 8443. The access initiated to 192.168.0.1108443 will be automatically load balanced to any service in 192.168.0.200:6443, 192.168.0.145:6443.
2.4 Service Status Check
systemctl status haproxy
3. Load balancing application
Add maintenance configuration information in /etc/haproxy/haproxy.cfg to allow HAProxy to provide load balancing services for more services.