master \uc11c\ubc84\uc640 worker \uc11c\ubc84\uc5d0 \ub300\ud55c \ub85c\ub4dc\ubc38\ub7f0\uc2f1 \uae30\ub2a5\uc744 \uad6c\ud604\ud569\ub2c8\ub2e4.
\n\ubb38\uc11c\ub97c \uac04\ub2e8\ud558\uac8c \uc720\uc9c0\ud558\uae30 \uc704\ud574 keepalive \ubc0f failover \ub294 \uc124\uce58\ud558\uc9c0 \uc54a\uc2b5\ub2c8\ub2e4.<\/p>\n
3\ub300\uc758 master \uc11c\ubc84\uc640 2 \ub300\uc758 worker \uc11c\ubc84\ub97c \uc124\uce58\ud569\ub2c8\ub2e4.
\n(\uae30\uc874\uc5d0 \uc124\uce58\ub418\uc5b4 \uc788\ub294 Kubernetes \ud074\ub7ec\uc2a4\ud130\uc5d0\ub294 HAProxy \ub97c \uc5f0\ub3d9\ud560 \uc218 \uc5c6\uc2b5\ub2c8\ub2e4.)<\/p>\n
sudo apt-get install -y haproxy<\/code><\/pre>\n\ud638\uc2a4\ud2b8\ub97c \ub4f1\ub85d\ud574 \uc90d\ub2c8\ub2e4.<\/p>\n
sudo vi \/etc\/hosts\n---------------------------\n172.31.20.101 k8s-master1\n172.31.20.102 k8s-master2\n172.31.20.103 k8s-master3\n---------------------------<\/code><\/pre>\nmaster \uc11c\ubc84<\/h2>\nHAProxy \uc124\uc815<\/h3>\n
16443 \ud3ec\ud2b8\ub85c \ub4e4\uc5b4\uc624\ub294 \ud2b8\ub798\ud53d\uc744 master \uc11c\ubc84\uc758 6443 \ud3ec\ud2b8\ub85c \ud3ec\uc6cc\ub529\ud569\ub2c8\ub2e4.<\/p>\n
sudo vi \/etc\/haproxy\/haproxy.cfg\n---------------------------\nfrontend kubernetes-master-lb\n bind 0.0.0.0:16443\n option tcplog\n mode tcp\n default_backend kubernetes-master-nodes\n\nbackend kubernetes-master-nodes\n mode tcp\n balance roundrobin\n option tcp-check\n option tcplog\n server node1 k8s-master1:6443 check\n server node2 k8s-master2:6443 check\n server node3 k8s-master3:6443 check\n---------------------------<\/code><\/pre>\nsudo systemctl restart haproxy<\/code><\/pre>\nKubernetes \uc124\uc815<\/h3>\n
\uc5ec\uae30<\/a> \ub97c \ucc38\uc870\ud558\uc5ec master \uc11c\ubc84\ub97c \uc0dd\uc131\ud569\ub2c8\ub2e4.<\/p>\n\ub2e8, \uc544\ub798 \uba85\ub839\uc740 \ubcc0\uacbd\ud574 \uc90d\ub2c8\ub2e4.<\/p>\n
# sudo kubeadm init\nsudo kubeadm init --control-plane-endpoint "k8s-master1:16443" --upload-certs<\/code><\/pre>\ncontrol-plane-endpoint<\/code> \ub294 \ub85c\ub4dc\ubc38\ub7f0\uc11c\ub97c \uc9c0\uc815\ud558\ub294 \uac83\uc774 \uac00\uc7a5 \uc88b\uc9c0\ub9cc,
\n\uc704\uc5d0\uc11c\ub294 \uccab\ubc88\uc9f8 master \uc11c\ubc84\ub85c \uc124\uc815\ud569\ub2c8\ub2e4.
\n(k8s-master1 \uc774 SPOF \ub85c \uc791\ub3d9\ud569\ub2c8\ub2e4.)<\/p>\nmaster \uc11c\ubc84\uc640 worker \uc11c\ubc84 \ubaa8\ub450\ub97c \uc0dd\uc131\ud574 \uc90d\ub2c8\ub2e4.<\/p>\n
\uc774\uac83\uc73c\ub85c master \uc11c\ubc84\uc5d0 \ub300\ud55c HA \ub294 \uc124\uc815\uc774 \ub05d\ub0a9\ub2c8\ub2e4.<\/p>\n
worker \uc11c\ubc84 \uc124\uc815\ud558\uae30<\/h2>\n
ingress-nginx \ub97c \uc124\uce58\ud569\ub2c8\ub2e4.<\/p>\n
git clone https:\/\/github.com\/kubernetes\/ingress-nginx.git\ncd .\/ingress-nginx\/deploy\/static\/provider\/baremetal\nkubectl apply -f .\nkubectl get deploy -n ingress-nginx\nkubectl get svc -n ingress-nginx\n\n# \uc624\ub958\uac00 \ubc1c\uc0dd\ud558\uba74 \uc2e4\ud589\ud560 \uac83\n# kubectl delete -A ValidatingWebhookConfiguration ingress-nginx-admission<\/code><\/pre>\nkubectl get svc -n ingress-nginx\nNAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE\ningress-nginx-controller NodePort 10.106.157.74 <none> 80:31507\/TCP,443:30405\/TCP 164m\ningress-nginx-controller-admission ClusterIP 10.105.6.182 <none> 443\/TCP 164m<\/code><\/pre>\n\ubc29\ubc95 1 : \ubaa8\ub4e0 worker node \uc5d0 \uc124\uce58\ud558\uae30<\/h3>\n\n\uc774 \ubc29\uc2dd\uc740 cpu 100% \uc774\uc288\uac00 \ubc1c\uc0dd\ud558\ub294 \ub4ef \ud558\ub2e4.
\nArgoCD \uac00 \ub0b4\ubd80\uc801\uc73c\ub85c haproxy \ub97c \uc0ac\uc6a9\ud558\ub294\ub370 \ucad1\ub098\ub294 \ub4ef<\/p>\n<\/blockquote>\n
\ud638\uc2a4\ud2b8 \ud30c\uc77c\uc5d0 \ub3c4\uba54\uc778\uc744 \ub4f1\ub85d\ud569\ub2c8\ub2e4.
\n\uc544\uc774\ud53c\ub294 ingress-nginx-controller \uc758 CLUSTER-IP \uc785\ub2c8\ub2e4.<\/p>\n
sudo vi \/etc\/hosts\n---------------------------\n10.106.157.74 k8s-jenkins.skyer9.pe.kr\n---------------------------<\/code><\/pre>\nsudo vi \/etc\/haproxy\/haproxy.cfg\n---------------------------\nfrontend jenkins_frontend\n bind *:80\n use_backend jenkins_backend if { hdr(host) -i k8s-jenkins.skyer9.pe.kr }\n\nbackend jenkins_backend\n option tcp-check\n server jenkins k8s-jenkins.skyer9.pe.kr\n---------------------------<\/code><\/pre>\nsudo systemctl restart haproxy<\/code><\/pre>\nhttp:\/\/k8s-jenkins.skyer9.pe.kr\/<\/a> \ub85c \uc811\uc18d\ud560 \uc218 \uc788\uc2b5\ub2c8\ub2e4.<\/p>\n\ubc29\ubc95 2 : haproxy \uc11c\ubc84 \ubcc4\ub3c4 \uad6c\uc131<\/h3>\n
\ud638\uc2a4\ud2b8 \ud30c\uc77c\uc5d0 worker node \ub97c \ub4f1\ub85d\ud569\ub2c8\ub2e4.
\n\uc544\uc774\ud53c\ub294 worker node \uc758 private IP \uc785\ub2c8\ub2e4.(EC2 \uc778\uc2a4\ud134\uc2a4\uc758 \uacbd\uc6b0)<\/p>\n
sudo vi \/etc\/hosts\n---------------------------\n172.31.20.201 k8s-worker1\n172.31.20.202 k8s-worker2\n---------------------------<\/code><\/pre>\n\ud3ec\ud2b8\ub294 ingress-nginx-controller \uc758 NodePort \uc785\ub2c8\ub2e4.<\/p>\n
sudo vi \/etc\/haproxy\/haproxy.cfg\n---------------------------\nfrontend jenkins_frontend\n bind *:80\n use_backend jenkins_backend if { hdr(host) -i k8s-jenkins.skyer9.pe.kr }\n\nbackend jenkins_backend\n mode tcp\n balance roundrobin\n option tcp-check\n option tcplog\n server node1 k8s-worker1:31507 check\n server node2 k8s-worker2:31507 check\n---------------------------<\/code><\/pre>\nsudo systemctl restart haproxy<\/code><\/pre>\nhttp:\/\/k8s-jenkins.skyer9.pe.kr\/<\/a> \ub85c \uc811\uc18d\ud560 \uc218 \uc788\uc2b5\ub2c8\ub2e4.<\/p>\n","protected":false},"excerpt":{"rendered":"Kubernetes HA with HAProxy master \uc11c\ubc84\uc640 worker \uc11c\ubc84\uc5d0 \ub300\ud55c \ub85c\ub4dc\ubc38\ub7f0\uc2f1 \uae30\ub2a5\uc744 \uad6c\ud604\ud569\ub2c8\ub2e4. \ubb38\uc11c\ub97c \uac04\ub2e8\ud558\uac8c \uc720\uc9c0\ud558\uae30 \uc704\ud574 keepalive \ubc0f failover \ub294 \uc124\uce58\ud558\uc9c0 \uc54a\uc2b5\ub2c8\ub2e4. 3\ub300\uc758 master \uc11c\ubc84\uc640 2 \ub300\uc758 worker \uc11c\ubc84\ub97c \uc124\uce58\ud569\ub2c8\ub2e4. (\uae30\uc874\uc5d0 \uc124\uce58\ub418\uc5b4 \uc788\ub294 Kubernetes \ud074\ub7ec\uc2a4\ud130\uc5d0\ub294 HAProxy \ub97c \uc5f0\ub3d9\ud560 \uc218 \uc5c6\uc2b5\ub2c8\ub2e4.) HAProxy (\ubaa8\ub4e0 master, worker) sudo apt-get install -y haproxy \ud638\uc2a4\ud2b8\ub97c \ub4f1\ub85d\ud574 \uc90d\ub2c8\ub2e4. sudo vi \/etc\/hosts\u2026 Read More »<\/a><\/span><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[17],"tags":[],"class_list":["post-6739","post","type-post","status-publish","format-standard","hentry","category-kubernetes"],"_links":{"self":[{"href":"https:\/\/www.skyer9.pe.kr\/wordpress\/index.php?rest_route=\/wp\/v2\/posts\/6739","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.skyer9.pe.kr\/wordpress\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.skyer9.pe.kr\/wordpress\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.skyer9.pe.kr\/wordpress\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.skyer9.pe.kr\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=6739"}],"version-history":[{"count":19,"href":"https:\/\/www.skyer9.pe.kr\/wordpress\/index.php?rest_route=\/wp\/v2\/posts\/6739\/revisions"}],"predecessor-version":[{"id":7097,"href":"https:\/\/www.skyer9.pe.kr\/wordpress\/index.php?rest_route=\/wp\/v2\/posts\/6739\/revisions\/7097"}],"wp:attachment":[{"href":"https:\/\/www.skyer9.pe.kr\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=6739"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.skyer9.pe.kr\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=6739"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.skyer9.pe.kr\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=6739"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}