search

cookeem / kubeadm-ha

通过kubeadm安装kubernetes高可用集群,使用docker/containerd容器运行时,适用v1.24.x以上版本
MIT License
678 stars 275 forks source link

keepalived and nginx-lb questions #65

Closed aruruka closed 5 years ago

aruruka commented 5 years ago

Hi cookeem, i used your guide v1.14 and v1.11 to deploy 2 clusters in different environment. but i have some questions about keepalived and nginx-lb.

Just some questions around keepalived and nginx-lb, if you happen to have time to answer, I'll really appreciate it.

  1. In v1.14, I stopped kubelet and docker on master-01 and I found return value of check_apiserver.sh was 1(apiserver error), but the vip just don't move to another master node. Meanwhile in v1.11, I did the same test and vip moved to another master node.

Question: which appearance is supposed to be expected and why?

  1. After doing step 1, I tried curl -k https://master-vip.local:16443 and got normal response in v1.14 cluster, but failed response in v1.11 cluster. Then I changed the upstream from 
    master-01.local:6443;
master-02.local:6443;
...

    to

    master-vip.local:6443;

    and got normal response in v1.11 cluster.

Question: Is it better to set "upstream" to "master-vip.local:6443" in nginx-lb conf and why?

cookeem commented 5 years ago

  1. It's weird, check_apiserver.sh only check the apiserver is available or not, is nothing to do with the kubernetes version. Maybe you should check your create-config.sh file, is it correct in your different environments.

  2. nginx upstream set to master-vip.local:6443 is not a good idea, it means nginx do nothing. nginx is a load-balancer of 3 masters, if you set master-vip.local:6443, it will always proxy the traffic to only one node.

aruruka commented 5 years ago
  1. It's weird, check_apiserver.sh only check the apiserver is available or not, is nothing to do with the kubernetes version. Maybe you should check your create-config.sh file, is it correct in your different environments.
  2. nginx upstream set to master-vip.local:6443 is not a good idea, it means nginx do nothing. nginx is a load-balancer of 3 masters, if you set master-vip.local:6443, it will always proxy the traffic to only one node.

Yes, you were right. I just found out the problem that vip not switching to another node is because the ip address was taken by another server in the vpc. It was a simple mistake... And about the nginx lb, I just realized that setting the upstream to vip does make nonsense to use nginx, just like you said. Appreciate for your reply.