170 lines
4.2 KiB
YAML
170 lines
4.2 KiB
YAML
apiVersion: v1
|
|
kind: Namespace
|
|
metadata:
|
|
name: keepalived
|
|
|
|
---
|
|
kind: ConfigMap
|
|
apiVersion: v1
|
|
metadata:
|
|
name: keepalived
|
|
namespace: keepalived
|
|
data:
|
|
keepalived-generic.conf: |-
|
|
global_defs {
|
|
default_interface $INTERFACE
|
|
enable_script_security
|
|
}
|
|
|
|
vrrp_instance VI_1 {
|
|
state BACKUP
|
|
interface $INTERFACE
|
|
virtual_router_id 172
|
|
priority 20
|
|
advert_int 3
|
|
authentication {
|
|
auth_type PASS
|
|
auth_pass $PASSWORD
|
|
}
|
|
|
|
virtual_ipaddress {
|
|
$VIP_PUB label $INTERFACE:PUB_VIP
|
|
}
|
|
|
|
virtual_ipaddress {
|
|
$VIP_PRIV label $INTERFACE:PUB_PRIV
|
|
}
|
|
}
|
|
|
|
init.sh: |-
|
|
#!/bin/sh
|
|
set -e
|
|
cat /keepalived-generic.conf | sed \
|
|
-e "s/\$INTERFACE/$INTERFACE/g" \
|
|
-e "s/\$PASSWORD/$PASSWORD/g" \
|
|
-e "s/\$VIP_PUB/$VIP_PUB/g" \
|
|
-e "s/\$VIP_PRIV/$VIP_PRIV/g" > /keepalived.conf
|
|
chown root /keepalived.conf && chmod 600 /keepalived.conf
|
|
|
|
---
|
|
|
|
apiVersion: v1
|
|
kind: Secret
|
|
metadata:
|
|
name: keepalived
|
|
namespace: keepalived
|
|
type: Opaque
|
|
data:
|
|
password: WXVjaDVkb28=
|
|
|
|
---
|
|
apiVersion: apps/v1
|
|
kind: DaemonSet
|
|
metadata:
|
|
labels:
|
|
app: keepalived
|
|
name: keepalived-public
|
|
namespace: keepalived
|
|
spec:
|
|
selector:
|
|
matchLabels:
|
|
app: keepalived
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app: keepalived
|
|
spec:
|
|
initContainers:
|
|
- image: lettore/keepalived:latest
|
|
imagePullPolicy: Always
|
|
name: generate-config
|
|
command: ["/bin/bash", "/init.sh"]
|
|
env:
|
|
- name: VIP_PUB
|
|
value: 192.168.123.240
|
|
- name: VIP_PRIV
|
|
value: 192.168.123.241
|
|
- name: INTERFACE
|
|
value: lan0
|
|
- name: PASSWORD
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: keepalived
|
|
key: password
|
|
volumeMounts:
|
|
- mountPath: /keepalived.conf
|
|
name: generated-config
|
|
- mountPath: /keepalived-generic.conf
|
|
name: generic-config
|
|
subPath: keepalived-generic.conf
|
|
- mountPath: /init.sh
|
|
name: init
|
|
subPath: init.sh
|
|
containers:
|
|
- image: lettore/keepalived:latest
|
|
imagePullPolicy: Always
|
|
livenessProbe:
|
|
exec:
|
|
command:
|
|
- pidof
|
|
- keepalived
|
|
failureThreshold: 3
|
|
initialDelaySeconds: 10
|
|
periodSeconds: 10
|
|
successThreshold: 1
|
|
timeoutSeconds: 1
|
|
name: keepalived
|
|
resources: {}
|
|
securityContext:
|
|
capabilities:
|
|
add:
|
|
- NET_ADMIN
|
|
privileged: true
|
|
terminationMessagePath: /dev/termination-log
|
|
terminationMessagePolicy: File
|
|
volumeMounts:
|
|
- mountPath: /etc/localtime
|
|
name: host-localtime
|
|
- mountPath: /usr/local/etc/keepalived/keepalived.conf
|
|
name: generated-config
|
|
dnsPolicy: ClusterFirstWithHostNet
|
|
hostNetwork: true
|
|
priorityClassName: system-cluster-critical
|
|
restartPolicy: Always
|
|
schedulerName: default-scheduler
|
|
securityContext: {}
|
|
terminationGracePeriodSeconds: 30
|
|
tolerations:
|
|
- key: CriticalAddonsOnly
|
|
operator: Exists
|
|
- effect: NoSchedule
|
|
key: node-role.kubernetes.io/master
|
|
- effect: NoSchedule
|
|
key: node-role.kubernetes.io/control-plane
|
|
volumes:
|
|
- name: generic-config
|
|
configMap:
|
|
name: keepalived
|
|
items:
|
|
- key: keepalived-generic.conf
|
|
path: keepalived-generic.conf
|
|
- name: init
|
|
configMap:
|
|
name: keepalived
|
|
items:
|
|
- key: init.sh
|
|
path: init.sh
|
|
- name: generated-config
|
|
hostPath:
|
|
path: /tmp/keepalived.conf
|
|
type: FileOrCreate
|
|
- name: host-localtime
|
|
hostPath:
|
|
path: /etc/localtime
|
|
type: ""
|
|
updateStrategy:
|
|
rollingUpdate:
|
|
maxSurge: 0
|
|
maxUnavailable: 100%
|
|
type: RollingUpdate
|