High Availability (HA) Cluster using Kubeadm and Keepalived (Containerd/Docker container runtime)
This project provides a one-click script for rapidly deploying a highly available Kubernetes cluster (supports versions 1.24+) in production environments, utilizing Containerd/Docker as the container runtime and Calico as the CNI.
Core Features
- One-click deployment of a highly available Kubernetes control plane with multi-Master node load balancing.
- Automated TLS certificate issuance for components (etcd, apiserver, kubelet).
- Optimized configuration for the Containerd runtime / Compatible with Docker environments.
- Integration of CNI plugins (Calico/Flannel, etc.) with NetworkPolicy support.
Extended Capabilities
- Optional deployment of Ingress Controller (Nginx).
- Support for offline environment deployment with a shell-based installation script.
- Built-in Prometheus + Grafana monitoring suite for real-time cluster metrics collection.
- Highly available external etcd cluster for large-scale Kubernetes cluster data storage.
| Role | CPU | Memory | Disk |
|---|---|---|---|
| Master | 4cores | 6GB | 60GB |
| Backup | 4cores | 6GB | 60GB |
| Worker | 6cores | 8GB | 120GB |
| Kubernetes Versions | CNI Versions | Containerd Versions | Docker Version |
|---|---|---|---|
| 1.33.0 | Calico 3.29.3 Flannel 0.26.7 | 1.7+ | 3.28+ |
| 1.32.3 | Calico 3.29.2 Flannel 0.26.5 | 1.7+ | 3.28+ |
| 1.31.6 | Calico 3.29.1 Flannel 0.26.1 | 1.6+ | 3.27+ |
- OS: CentOS 7+ / Rocky Linux 8+ / Optional Ubuntu support
- Container Runtime: Containerd 1.6+ / Docker 3.27+ .
- Kernel: ≥ 5.4(recommended with
overlay2andipvsmodules enabled).
- Control plane nodes must open ports:
6443(apiserver),2379-2380(etcd). - Time synchronization between nodes with skew < 1ms (NTP service required).
wget https://github.com/jzlyy/kubernetes-binary-install/archive/refs/tags/v1.33.0.tar.gz
tar -xf v1.33.0.tar.gz
mv kubernetes-binary-install-1.33.0 kubernetes-binary-install
cd kubernetes-binary-install/scripts/execute-containerd
sh 01-host-master.sh
sh 02-cluster-master.sh
cd kubernetes-binary-install/scripts/execute-containerd
sh 01-host-master-backup.sh
sh 02-cluster-master-backup.sh
cd kubernetes-binary-install/scripts/execute-containerd
sh 01-host-worker.sh
sh 02-cluster-worker.sh
cd kubernetes-binary-install/scripts/execute-docker
sh 01-host-master.sh
sh 02-cluster-master.sh
cd kubernetes-binary-install/scripts/execute-docker
sh 01-host-master-backup.sh
sh 02-cluster-master-backup.sh
kubernetes-binary-install/scripts/execute-docker
sh 01-host-worker.sh
sh 02-cluster-worker.sh
Modify the core parameters in configs/kubeadm-config.yaml:
apiVersion: kubeadm.k8s.io/v1beta4
kind: ClusterConfiguration
kubernetesVersion: v1.33.0
controlPlaneEndpoint: "172.168.20.90:16443" # High Availability VIP Address
networking:
podSubnet: "192.168.0.0/16" # Must be compatible with the CNI plugin
apiServer:
certSANs: # Certificate SAN Extension (Subject Alternative Name)
- "172.168.20.110"
- "127.0.0.1"
- "kubernetes.default.svc"
sequenceDiagram
participant Client
participant VIP
participant Master1
participant Master2
participant etcd
Client->>VIP: kubectl API Server Port (6443)
VIP-->>Master1: Load Balancer
Master1->>etcd: Data Read/Write (Port 2379)
Master1-->>Client: Response
Master2->>etcd: Data Synchronization
Contribute this open-source solution to the school's Huawei Cloud Computing Laboratory, providing it as a learning and reference resource for teachers and students to enhance teaching quality and improve students' ability to rapidly apply knowledge in practice.
Welcome to contribute code! Please follow these steps:
- Fork this repository and create a branch.
- Run ./test_cluster-master to ensure all tests pass before submitting code.
- Submit a Pull Request with a description of your changes.
For detailed workflows, refer to CONTRIBUTING.md。
To report security vulnerabilities, please see SECURITY.md。