cookeem
commented
6 years ago @epasham sorry for reply late, keepalived needs to installed on masters only. keepalived will create a virtual ip, workers just connect this vip.
Closed epasham closed 6 years ago
cookeem
commented
6 years ago @epasham sorry for reply late, keepalived needs to installed on masters only. keepalived will create a virtual ip, workers just connect this vip.
epasham
commented
6 years ago @cookeem thanks for the reply. I have installed keepalived on all the masters. the virtual ip is also working fine across the master servers. but i cant reach the Virtual IP from workers? any changes to be done on worker to be able to reach the virtual ip enabled on masters?
epasham
commented
6 years ago I see that you have used below network interface local machine keepalived network interface name config, for example: eth0 export K8SHA_KA_INTF=nm-bond
am using eth0. would that make a difference?
cookeem
commented
6 years ago @epasham nm-bond is my network interface name, if yours is eth0, just set eth0 in file create-config.sh and run it again.
keepalived will create a virtual ip, this ip can access by other nodes, if not just check your workers route settings. Make sure your masters and workers and vip is the same subnet.
motecshine
commented
6 years ago @cookeem hi,our company used aliyun vps . no slb ,no vip. can use this repo to implement api-server HA?
cookeem
commented
6 years ago @motecshine 阿里云有专门的负载均衡,可以直接购买的。
或者你看看这篇文章,关于HAVIP的,不过是2016年的,不知道现在还是否支持。 https://yq.aliyun.com/articles/24155
motecshine
commented
6 years ago @cookeem 谢谢啦 我的英文是不是贼烂 😁
cookeem
commented
6 years ago @motecshine 是因为我英文差
epasham
commented
6 years ago keepalived vip works perfectly in masters. but it doesnt work on nodes though masters and nodes are in same subnet
cookeem
commented
6 years ago @epasham nodes can't connect the masters vip? Can you show me the command result on nodes?
curl -k -v https://vip:6443` onnginx is running on all masters on port 8443 for load balancing api servers. when i hit vip http on master
[root@kha-lab-node1 keepalived]# curl -k https://10.0.1.10:8443 { "kind": "Status", "apiVersion": "v1", "metadata": {
}, "status": "Failure", "message": "forbidden: User \"system:anonymous\" cannot get path \"/\"", "reason": "Forbidden", "details": {
}, "code": 403 }
and here is the output from one of the node
[root@kha-lab-node5 ~]# curl -k https://10.0.1.10:8443 curl: (7) Failed connect to 10.0.1.10:8443; No route to host
it seems to be a routing issue that am not able to figure it out.
In your post you mentioned the below steps for workers. on all kubernetes worker nodes: set the /etc/kubernetes/bootstrap-kubelet.conf server settings, make sure this settings use the keepalived virtual IP and nginx load balancer port (here is: https://192.168.20.10:16443)
does keepalived needs to be installed on workers too? without that how would the workers reach the virtual up?