不忘初心,
牢记使命。

harbor-ha高可用负载均衡

2021-08-21 大聪明 0评论 105 1喜欢

harbor-ha高可用负载均衡

  1. harbor-ha用nginx-ingress方式暴露

    下边的ApiSix部署出问题了,这里先尝试用nginx-ingress运行起来再解决下边的问题

    http://harbor.liboer.top

    ```bash
    helm repo add nginx-stable https://helm.nginx.com/stable

helm install gateway . \
--set controller.service.type=NodePort \
--set controller.service.httpPort.nodePort=30080 \
--set controller.service.httpsPort.nodePort=30443 \
-n kube-public

harbor-ha

外部访问URL可以根据需要设定,然后使用nginx转发proxypass到core.liboer.top即可。如果不设定就只能使用core.liboer.top来访问

推送镜像时时显示
unauthorized: unauthorized to access repository: test/busybox, action: push: unauthorized to access repository: test/busybox, action: push

问题解决中
https://github.com/goharbor/harbor-helm/issues/840

Setting the registry.relativeurls property to true fix this issue.

成功解决
[root@k8s-node01 ~]# docker push harbor.liboer.top/public/busybox:1.28
The push refers to repository [harbor.liboer.top/public/busybox]
432b65032b94: Pushed
1.28: digest:
sha256:74f634b1bc1bd74535d5209589734efbd44a25f4e2dc96d78784576a3eb5b335 size: 527
[root@k8s-node01 ~]#


   ![image-20210809140929080](http://yun.liboer.top/typora/images/20210809140930.png)

2. 尝试做最后一个(接入负载均衡问题)

   github:[Apache APISIX for Kubernetes](https://github.com/apache/apisix-ingress-controller)

   ![module-0](http://yun.liboer.top/typora/images/20210809092942.png)

   部署:https://github.com/apache/apisix-helm-chart/blob/master/docs/en/latest/apisix.md

```bash
$ helm repo add apisix https://charts.apiseven.com
$ helm repo update


helm install apisix . \
  --set admin.allow.ipList="{0.0.0.0/0}" \
  --namespace kube-public

helm install apisix-ingress-controller apisix/apisix-ingress-controller --namespace kube-public


目前pod一直跑不起来,显示需要PVC。在查能不能改为本地hostPath



helm install apisix . \
    --set etcd.enabled=false \
    --set etcd.host={http://etcd-k8s-master:2379} \
    --set admin.allow.ipList=""  \
    --namespace kube-public

helm install apisix . --set admin.allow.ipList=""
  1. keepalived配置
yum install -y keepalived

vi /etc/keepalived/keepalived.conf 

# 主
global_defs {
   smtp_connect_timeout 30   
   router_id 192.168.12.10
}


vrrp_instance VI_1 {
    state MASTER    
    interface ens33
    virtual_router_id 51   
    priority 100          
    advert_int 1 
    mcast_src_ip 192.168.12.10
    authentication {
        auth_type PASS    
        auth_pass 1111    
    }
    unicast_peer {
        192.168.12.10/22
        192.168.12.11/22
    }
    virtual_ipaddress {
        192.168.12.100
    }
}

# 备
global_defs {
   smtp_connect_timeout 30   
   router_id 192.168.12.11
}


vrrp_instance VI_1 {
    state BACKUP    
    interface ens33
    virtual_router_id 51   
    priority 90          
    advert_int 1 
    mcast_src_ip 192.168.12.11
    authentication {
        auth_type PASS    
        auth_pass 1111    
    }
    unicast_peer {
        192.168.12.10/22
        192.168.12.11/22
    }
    virtual_ipaddress {
        192.168.12.100
    }
}



systemctl enable keepalived
systemctl start keepalived



haproxy提供负载均衡,功能上来讲比nginx更强大。
用nginx或者haproxy来代理keepalived的vip
ecs的两台机器同时出现了vip,网上说可能是发的包从节点没有收到,但是两台机器在一个内网中。一番搜查未果。
# 设置为单播可以解决
unicast_peer {
        172.26.192.112/24
        172.26.192.113/24
    }

发表评论 取消回复

电子邮件地址不会被公开。

请输入正确格式的qq邮箱
请输入以http或https开头的URL,格式如:https://libo_sober.top