kube-proxy主要负责Service Endpoint到POD实例的请求转发及负载均衡的规则管理。
kube-proxy本身并不负责请求转发和负载均衡,而是从kube-apiserver获取Service和POD的状态更新,生成对应的DNAT规则到本地的iptabels,最终转发和负载均衡动作由iptabels实施,所以kube-proxy组件即使出现问题,已经更新到iptabels的转发规则依然能够生效。
# 生成启动文件 配置文件 [k8s-n1, k8s-n2 ,k8s-n3 执行]
cat > /usr/lib/systemd/system/kube-proxy.service <<EOF
[Unit]
Description=Kubernetes Kube-Proxy Server
Documentation=https://github.com/GoogleCloudPlatform/kubernetes
After=network.target
[Service]
EnvironmentFile=-/etc/kubernetes/config
EnvironmentFile=-/etc/kubernetes/proxy
ExecStart=/usr/bin/kube-proxy \\
\$KUBE_LOGTOSTDERR \\
\$KUBE_LOG_LEVEL \\
\$KUBE_MASTER \\
\$KUBE_PROXY_ARGS
Restart=on-failure
LimitNOFILE=65536
[Install]
WantedBy=multi-user.target
EOF
cat > /etc/kubernetes/proxy <<EOF
###
# kubernetes proxy config
# default config should be adequate
# Add your own!
KUBE_PROXY_ARGS="--bind-address=${fn_ip} \\
--cluster-cidr=20.0.0.0/12 \\
--kubeconfig=/etc/kubernetes/kube-proxy.kubeconfig"
EOF
# 安装 conntrack-tools
yum install -y conntrack-tools # 此操作为解决问题: Jan 31 14:16:43 localhost kube-proxy: E0131 14:16:43.924024 30629 proxier.go:1716] Failed to delete stale service IP 20.0.0.10 connections, error: error deleting connection tracking state for UDP service IP: 20.0.0.10, error: error looking for path of conntrack: exec: "conntrack": executable file not found in $PATH
