3、向其它节点分发 CA 根证书及私钥
ssh root@192.168.31.38 "mkdir /etc/etcd/pki/"scp -r /etc/etcd/pki/{ca.crt,ca.key} 192.168.31.38:/etc/etcd/pki/ssh root@192.168.31.39 "mkdir /etc/etcd/pki/"scp -r /etc/etcd/pki/{ca.crt,ca.key} 192.168.31.39:/etc/etcd/pki/添加 etcd 节点若当前主机无法下载,可提前将 etcd 二进制程序包存放在如下路径: /var/cache/etcdadm/etcd/v3.5.5/etcd-v3.5.5-linux-amd64.tar.gz
1、添加节点 192.168.31.38
etcdadm join https://192.168.31.38:2379 \--version "3.5.5" \--init-system "systemd" \--install-dir "/opt/bin/"\--certs-dir"/etc/etcd/pki" \--data-dir "/var/lib/etcd"\--release-url "https://github.com/etcd-io/etcd/releases/download"2、添加节点 192.168.31.39
etcdadm join https://192.168.31.38:2379 \--version "3.5.5" \--init-system "systemd" \--install-dir "/opt/bin/"\--certs-dir"/etc/etcd/pki" \--data-dir "/var/lib/etcd"\--release-url "https://github.com/etcd-io/etcd/releases/download"Etcd Server1、用于 Etcd Server 的环境变量配置 /etc/etcd/etcd.env
ETCD_NAME=c7# Initial cluster configurationETCD_INITIAL_CLUSTER=c7=https://192.168.31.37:2380ETCD_INITIAL_CLUSTER_TOKEN=dee8095fETCD_INITIAL_CLUSTER_STATE=new# Peer configurationETCD_INITIAL_ADVERTISE_PEER_URLS=https://192.168.31.37:2380ETCD_LISTEN_PEER_URLS=https://192.168.31.37:2380ETCD_CLIENT_CERT_AUTH=trueETCD_PEER_CERT_FILE=/etc/etcd/pki/peer.crtETCD_PEER_KEY_FILE=/etc/etcd/pki/peer.keyETCD_PEER_TRUSTED_CA_FILE=/etc/etcd/pki/ca.crt# Client/server configurationETCD_ADVERTISE_CLIENT_URLS=https://192.168.31.37:2379ETCD_LISTEN_CLIENT_URLS=https://192.168.31.37:2379,https://127.0.0.1:2379ETCD_PEER_CLIENT_CERT_AUTH=trueETCD_CERT_FILE=/etc/etcd/pki/server.crtETCD_KEY_FILE=/etc/etcd/pki/server.keyETCD_TRUSTED_CA_FILE=/etc/etcd/pki/ca.crt# OtherETCD_DATA_DIR=/var/lib/etcdETCD_STRICT_RECONFIG_CHECK=trueGOMAXPROCS=8# Logging configuration# Profiling/metrics2、Etcd Server 启动脚本
# cat /etc/systemd/system/etcd.service[Unit]Description=etcdDocumentation=https://github.com/coreos/etcdConflicts=etcd-member.serviceConflicts=etcd2.service[Service]EnvironmentFile=/etc/etcd/etcd.envExecStart=/opt/bin/etcdType=notifyTimeoutStartSec=0Restart=on-failureRestartSec=5sLimitNOFILE=65536Nice=-10IOSchedulingClass=best-effortIOSchedulingPriority=2MemoryLow=200M[Install]WantedBy=multi-user.targetetcdctl.sh1、用于 etcdctl 的环境变量配置 /etc/etcd/etcdctl.env
export ETCDCTL_API=3export ETCDCTL_CACERT=/etc/etcd/pki/ca.crtexport ETCDCTL_CERT=/etc/etcd/pki/etcdctl-etcd-client.crtexport ETCDCTL_KEY=/etc/etcd/pki/etcdctl-etcd-client.keyexport ETCDCTL_DIAL_TIMEOUT=3s2、脚本 etcdctl.sh 是对 etcdctl 命令的简单包装,其用法与 etcdctl 一致
cat /opt/bin/etcdctl.sh#!/usr/bin/env shif ! [ -r "/etc/etcd/etcdctl.env" ]; thenecho "Unable to read the etcdctl environment file '/etc/etcd/etcdctl.env'. The file must exist, and this wrapper must be run as root."exit 1fi. "/etc/etcd/etcdctl.env"# 相当于 source 该环境变量配置文件"/opt/bin/etcdctl" "$@"# $@ 表示脚本 etcdctl.sh 的命令行参数管理命令# 查看命令行 init 或 join 的帮助信息etcdadm init|join --help# 从 etcd 集群移除当前节点etcdadm reset# 查看集群节点成员/opt/bin/etcdctl.sh member list# > 19fc11a542653f62, started, c9, https://192.168.31.39:2380, https://192.168.31.39:2379, false# > 9a246c6786d36273, started, c7, https://192.168.31.37:2380, https://192.168.31.37:2379, false# > a509d3d8e8aa4911, started, c8, https://192.168.31.38:2380, https://192.168.31.38:2379, false# 查看当前节点是否正常/opt/bin/etcdctl.sh endpoint health# 127.0.0.1:2379 is healthy: successfully committed proposal: took = 17.112587ms# 查看当前节点状态/opt/bin/etcdctl.sh endpoint status# > 127.0.0.1:2379, 9a246c6786d36273, 3.5.5, 20 kB, true, false, 3, 10, 10,由于笔者时间、视野、认知有限,本文难免出现错误、疏漏等问题,期待各位读者朋友、业界大佬指正交流, 共同进步 !!
经验总结扩展阅读
- Android RecyclerView使用ListAdapter高效刷新数据
- 使用 Windows Core Audio APs 进行 Loopback Recording 并生成 WAV 文件
- 飞利浦吸尘器堵塞不吸了怎么办 吸尘器使用注意事项
- 4 .NET 6学习笔记——如何在.NET 6的Desktop App中使用Windows Runtime API
- 使用react+redux实现弹出框案例
- 珂润面霜适合油皮使用吗?
- 快速腐蚀卫生纸方法
- 铸工胶使用范围
- 你真的会使用Typora吗?
- 除菌液怎么使用