forked from easzlab/kubeasz
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
7 changed files
with
109 additions
and
35 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,41 @@ | ||
# chrony 时间同步 | ||
|
||
在安装k8s集群前需确保各节点时间同步;`chrony` 是一个优秀的 `NTP` 实现,性能比ntp好,且配置管理方便;它既可作时间服务器服务端,也可作客户端。 | ||
|
||
- `OpenStack` 社区也推荐使用 `chrony`实现各节点之间的时间同步 | ||
|
||
## 安装配置介绍 | ||
|
||
项目中选定一个节点(`deploy` )作为集群内部其他节点的时间同步源,而 deploy节点本身从公网源同步;当然如果整个集群都无法访问公网,那么请手动校准deploy 节点的时间后,仍旧可以作为内部集群的时间源服务器。 | ||
|
||
- 配置 chrony server, 在`/etc/chrony.conf` 配置以下几项,其他项默认值即可 | ||
|
||
``` bash | ||
# 1. 配置时间源,国内可以增加阿里的时间源 ntp1.aliyun.com | ||
server {{ ntp_server }} iburst | ||
|
||
# 2. 配置允许同步的客户端网段 | ||
allow {{ local_network }} | ||
|
||
# 3. 配置离线也能作为源服务器 | ||
local stratum 10 | ||
``` | ||
|
||
- 配置 chrony client | ||
|
||
``` bash | ||
# 1. 清除所有其他时间源,只配置一个本地 deploy节点作为源 | ||
server {{ groups.deploy[0] }} iburst | ||
|
||
# 2. 其他所有项可以默认配置 | ||
``` | ||
|
||
## `kubeasz` 集成安装 | ||
|
||
- 修改 ansible hosts 文件,在 `deploy` 节点配置 `NTP_ENABLED=yes` (默认: no) | ||
- [可选] 修改 roles/chrony/var/main.yml 中的变量定义,关于文件 roles/chrony/var/main.yml 的由来请看[这里](../config_guide.md) | ||
|
||
对于新集群或者新节点,`chrony` 的安装配置已经集成到 `90.setup.yml` `01.prepare.yml` `20.addnode.yml` `21.addmaster.yml` 等脚本中;对于已运行中的集群请执行如下命令进行安装: | ||
|
||
`ansible-playbook /etc/ansible/roles/chrony/chrony.yml ` | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,55 @@ | ||
## 前言 | ||
|
||
`kubeasz`项目开始于`2017.11`,半年多时间以来,从最开始单一的ansible部署脚本朝着提供部署高可用 K8S集群的完整解决方案的目标不断前进,接下去项目的发展需要各位的共同参与和贡献,希望越做越好,为国内k8s学习、实践者提供更多帮助。 | ||
|
||
### 项目已完成部分 | ||
|
||
<table border="0"> | ||
<tr> | ||
<th>类型</th> | ||
<th>描述</th> | ||
<th>备注</th> | ||
</tr> | ||
<tr> | ||
<td>集群部署</td> | ||
<td>服务器基础安全加固与参数优化</td> | ||
<td>已完成</td> | ||
</tr> | ||
<tr> | ||
<td>基础服务</td> | ||
<td>集群监控告警-prometheus</td> | ||
<td>已完成基础,待优化</td> | ||
</tr> | ||
<tr> | ||
<td>应用服务</td> | ||
<td>jenkins集成</td> | ||
<td>已完成</td> | ||
</tr> | ||
<tr> | ||
<td>集群部署</td> | ||
<td>kube-router网络插件</td> | ||
<td>已完成</td> | ||
</tr> | ||
<tr> | ||
<td>基础服务</td> | ||
<td>metrics server</td> | ||
<td>已完成</td> | ||
</tr> | ||
<tr> | ||
<td>集群部署</td> | ||
<td>ipvs代理模式跟进</td> | ||
<td>已完成</td> | ||
</tr> | ||
<tr> | ||
<td>集群部署</td> | ||
<td>cilium网络插件</td> | ||
<td>已完成</td> | ||
</tr> | ||
<tr> | ||
<td>集群部署</td> | ||
<td>集群内时间同步-Chrony</td> | ||
<td>已完成</td> | ||
</tr> | ||
</table> | ||
|
||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters