kubelet - Running Kubernetes in multimaster mode -


i have set kubernetes (version 1.6.1) cluster 3 servers in control plane. apiserver running following config:

/usr/bin/kube-apiserver \   --admission-control=namespacelifecycle,limitranger,securitycontextdeny,serviceaccount,resourcequota \   --advertise-address=x.x.x.x \   --allow-privileged=true \   --audit-log-path=/var/lib/k8saudit.log \   --authorization-mode=abac \   --authorization-policy-file=/var/lib/kubernetes/authorization-policy.jsonl \   --bind-address=0.0.0.0 \   --etcd-servers=https://kube1:2379,https://kube2:2379,https://kube3:2379 \   --etcd-cafile=/etc/etcd/ca.pem \   --event-ttl=1h \   --insecure-bind-address=0.0.0.0 \   --kubelet-certificate-authority=/var/lib/kubernetes/ca.pem \   --kubelet-client-certificate=/var/lib/kubernetes/kubernetes.pem \   --kubelet-client-key=/var/lib/kubernetes/kubernetes-key.pem \   --kubelet-https=true \   --service-account-key-file=/var/lib/kubernetes/ca-key.pem \   --service-cluster-ip-range=10.32.0.0/24 \   --service-node-port-range=30000-32767 \   --tls-cert-file=/var/lib/kubernetes/kubernetes.pem \   --tls-private-key-file=/var/lib/kubernetes/kubernetes-key.pem \   --token-auth-file=/var/lib/kubernetes/token.csv \   --v=2 \   --apiserver-count=3 \   --storage-backend=etcd2

now running kubelet following config:

/usr/bin/kubelet \   --api-servers=https://kube1:6443,https://kube2:6443,https://kube3:6443 \   --allow-privileged=true \   --cluster-dns=10.32.0.10 \   --cluster-domain=cluster.local \   --container-runtime=docker \   --network-plugin=kubenet \   --kubeconfig=/var/lib/kubelet/kubeconfig \   --serialize-image-pulls=false \   --register-node=true \   --cert-dir=/var/lib/kubelet \   --tls-cert-file=/var/lib/kubernetes/kubelet.pem \   --tls-private-key-file=/var/lib/kubernetes/kubelet-key.pem \   --hostname-override=node1 \   --v=2

this works great long kube1 running. if take kube1 down, node not communicate kube2 or kube3. takes first apiserver passed --api-servers flag , not failover in case first apiserver crashes. correct way failover in case 1 of apiserver fails?

the --api-servers flag deprecated. it's no longer in documentation. kubeconfig brand new way point kubelet kube-apiserver.

the kosher way today deploy pod nginx on each worker node (ie. ones running kubelet) load-balances between 3 kube-apiservers. nginx know when 1 master goes down , not route traffic it; that's job. kubespray project uses method.

the 2nd, not way, use dns rr. create dns "a" record ips of 3 masters. point kubelet rr hostname instead of 3x ips. each time kubelet contacts master, routed ip in rr list. technique isn't robust because traffic still routed downed node, cluster experience intermittent outage.

the 3rd, , more complex method imho, use keepalived. keepalived uses vrrp ensure @ least 1 node owns virtual ip (vip). if master goes down, master hijack vip ensure continuity. bad thing method load-balancing doesn't come default. traffic routed 1 master (ie. primary vrrp node) until goes down. secondary vrrp node take over. can see nice write-up contributed @ page :)

more details kube-apiserver ha here. luck!


Comments

Post a Comment

Popular posts from this blog

python - Selenium remoteWebDriver (& SauceLabs) Firefox moseMoveTo action exception -

while performing simple hover test on firefox through selenium (3.4.0) python bindings (3.4.3) using of available os in saucelabs (except linux, latest available firefox version old), performing following actionchain: hover = actionchains(driver) hover.move_to_element(elm_men_menu).perform() it throws following error: taceback: file [...] in testhover hover.perform() file "/usr/local/lib/python2.7/dist-packages/selenium/webdriver/common/action_chains.py", line 80, in perform action() file "/usr/local/lib/python2.7/dist-packages/selenium/webdriver/common/action_chains.py", line 290, in <lambda> command.move_to, {'element': to_element.id})) file "/usr/local/lib/python2.7/dist-packages/selenium/webdriver/remote/webdriver.py", line 256, in execute self.error_handler.check_response(response) file "/usr/local/lib/python2.7/...
Read more

html - How to custom Bootstrap grid height? -

why bootstrap grid has height 591.067 ? did height came ? .main-post { padding: 20px; background-color: #fff; border: 1px solid #d8d8d8; margin-bottom: 100px; } .main-post .post-categories { margin-bottom: 10px } .main-post h3 { margin: 0 0 10px; color: #777; letter-spacing: -1px; font-weight: bold } .main-post .post-author, .main-post .post-date, .main-post .post-comments { font-size: 12px } .main-post img { display: block; margin: 10px 0; } .main-post .post-summary { line-height: 1.7; color: #888 } .main-post { color: #999 } <div class="col-sm-6"> <div class="main-post"> <h3 class="post-title"> <a href="#"> post title </a> </...
Read more

transpose - Maple isnt executing function but prints function term -

im using maple im in worksheetmode tried using maple input , 2d input , want transpose matrix a: := `<|>`(`<,>`(1, .5, -2), `<,>`(.5, 9/4+b, 5+3*b), `<,>`(-2, 5+3*b, 18+9*b+4*a)); b:= transpose(a); when exectute sheet dont translated values, there same input. matrix looks same input matrix plus function term. you can see picture in following link: why arent functions executed? meanwhile b:=a^+ doing right way , transposed matrix. other functions return function body instead needed values... if using 2d input mode (the default) space you've got between transpose , bracketed (b) interpreted multiplcation. rid of such space. also, either load package @ start of document like, with(linearalgebra): before calling transpose command package, or call it's full name like, linearalgebra:-transpose(b);
Read more