二进制高可用-etcd--粉丝服务平台-粉丝头条-fensifuwu.com

二进制高可用-etcd

科技 09-07 来源： iter1146

wget https://github.com/etcd-io/etcd/releases/download/v3.5.2/etcd-v3.5.2-linux-amd64.tar.gz

cd /mnt/hgfs/gx/
cp etcd-v3.5.2-linux-amd64.tar.gz /root/k8s-work/
cd  /root/k8s-work/ && ls etcd-v3.5.2-linux-amd64.tar.gz

systemctl stop etcd
cd /usr/local/bin
rm -f etcd*

tar xf etcd-v3.5.2-linux-amd64.tar.gz

cp etcd-v3.5.2-linux-amd64/etcd* /usr/local/bin

 for node in master02 master03 worker01;
   do scp etcd-v3.5.2-linux-amd64/etcd* $node:/usr/local/bin/;
 done
ls /usr/local/bin

etcdctl version

mkdir /etc/etcd

cat > /etc/etcd/etcd.conf << EOF
#[Member]
ETCD_NAME="etcd3"
ETCD_DATA_DIR="/var/lib/etcd/default.etcd"
ETCD_LISTEN_PEER_URLS="https://192.168.187.103:2380"
ETCD_LISTEN_CLIENT_URLS="https://192.168.187.103:2379,http://127.0.0.1:2379"

#[Clustering]
ETCD_INITIAL_ADVERTISE_PEER_URLS="https://192.168.187.103:2380"
ETCD_ADVERTISE_CLIENT_URLS="https://192.168.187.103:2379"
ETCD_INITIAL_CLUSTER="etcd-1=https://192.168.187.101:2380,etcd-2=https://192.168.187.102:2380,etcd-3=https://192.168.187.103:2380"
ETCD_INITIAL_CLUSTER_TOKEN="etcd-cluster"
ETCD_INITIAL_CLUSTER_STATE="new"
EOF

cat /etc/etcd/etcd.conf

5创建服务配置文件

mkdir -p /etc/etcd/ssl
mkdir -p /var/lib/etcd/default.etcd


cd /data/k8s-work
cp ca*.pem /etc/etcd/ssl
cp etcd*.pem /etc/etcd/ssl

for node in master02 master03;
   do scp ca*.pem $node:/etc/etcd/ssl;
 done
 
 for node in master02 master03;
   do scp etcd*.pem $node:/etc/etcd/ssl;
 done
 
 ls /etc/etcd/ssl
 ls /var/lib/etcd/default.etcd

6 创建service

cat > /usr/lib/systemd/system/etcd.service << "EOF"
[Unit]
Description=Etcd Server
After=network.target
After=network-online.target
Wants=network-online.target

[Service]
Type=notify
EnvironmentFile=-/etc/etcd/etcd.conf
WorkingDirectory=/var/lib/etcd/
ExecStart=/usr/local/bin/etcd \
--cert-file=/etc/etcd/ssl/etcd.pem \
--key-file=/etc/etcd/ssl/etcd-key.pem \
--trusted-ca-file=/etc/etcd/ssl/ca.pem \
--peer-cert-file=/etc/etcd/ssl/etcd.pem \
--peer-key-file=/etc/etcd/ssl/etcd-key.pem \
--peer-trusted-ca-file=/etc/etcd/ssl/ca.pem \
--peer-client-cert-auth \
--client-cert-auth
Restart=on-failure
RestartSec=5
LimitNOFILE=65535

[Install]
WantedBy=multi-user.target
EOF

cat /usr/lib/systemd/system/etcd.service

7启动

systemctl daemon-reload
systemctl enable --now etcd.service
systemctl status etcd

export ETCDCTL_API=3 
/usr/local/bin/etcdctl --cacert=/etc/etcd/ssl/ca.pem --cert=/etc/etcd/ssl/etcd.pem --key=/etc/etcd/ssl/etcd-key.pem --endpoints="https://192.168.187.101:2379,https://192.168.187.102:2379,https://192.168.187.103:2379" endpoint health --write-out=table

/usr/local/bin/etcdctl --cacert=/etc/etcd/ssl/ca.pem --cert=/etc/etcd/ssl/etcd.pem --key=/etc/etcd/ssl/etcd-key.pem --endpoints="https://192.168.187.101:2379,https://192.168.187.102:2379,https://192.168.187.103:2379" endpoint status --write-out=table

etcd --heartbeat-interval=500 --election-timeout=50000